{"report_id":"5ccf4dda-af29-461f-9b14-b4adebe1fbef","version":6,"status":"done","tags":[],"date":"2026-01-25T05:12:15Z","url":{"schema":"https","addr":"xmr-mixer.to/","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":0,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"xmr-mixer.to/","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"title":"Monero Mixer | XMR Tumbler | Best Monero Blender - Secure \u0026 Anonymous","dom":{"size":14303,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (628)","md5":"7a14a85a7d00a08ad402b3200d578b08","sha1":"771be0e3dbcfcc03a8a90e2c966cb7dbd688cd22","sha256":"b6007d4515e5afc14a56eb1d048edf9ca8df11878b738720acd103068a02048b","sha512":"9fc265ac6f26e4824b07f42bf18e2fbaf936d2365fcb4c5e71fb0f9e88c4951970aca4e16e59bbcb2c0236840bc876d19b79a9241463010dd6b642320772120d","ssdeep":"192:3gvctjkLgvfJxPAX2C8BFbzk0L5KQECh+DeUIl+MAQBMTdbpo0qXRGLW44:3EUkLAfJFz7EChchoZANTBpo0JLW44","tlshash":"c95262259112393306d760c4bb7ee70611d58302d80207e6f5fce3ebabdadd9d42369a","dom_hash":"domhash1b3e340ebeef9073b635ea8bb33366d9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xmr-mixer.to/","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":0,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-01T05:12:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xmr-mixer.to","ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-24T20:14:47.894704Z","last_seen":"2026-01-24T20:14:47.894704Z","alert_count":18,"request_count":9,"received_data":266569,"sent_data":4114,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"xmr-mixer.to/fonts/OpenSansRegular.woff","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /fonts/OpenSansRegular.woff HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/css/core.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: font/woff\r\ncontent-length: 27336\r\nlast-modified: Wed, 26 Feb 2025 20:38:40 GMT\r\netag: \"67bf7bd0-6ac8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27336,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 27336, version 1.1","md5":"0f7c77932ea877aca544e439a3e63bb6","sha1":"7a443f3919b08b8a4983da0720b5f7a8e901fe5e","sha256":"caeec0b59ba7ea579ce20d9b84e6d9b4a55ff0d4bd27126b0929b3d2de644cd4","sha512":"23c3b08c1269577864822a42a8e609bbb4cc50625c6d71e5be53c7b7cd6bbc7c5422dbff3c6436af5ec1ed7bd37665907fe56039e88b83b013513cf90cc56ec8","ssdeep":"384:wOwyQL2EjzO2F4UhW0ERNlyIh0sMzbeYSc/gjRRNOoeFKi2Hm66mPcKPm+Q8f840:wUQJLxkRNNh3YS2eP6FELxlXk","tlshash":"dac2e1f7f7389d0ff80e8b36fc5b022c660ef65e8d22c627d7728a411660be95051956","first_seen":"2023-04-07T12:59:25Z","last_seen":"2026-06-07T06:47:14.945678Z","times_seen":503,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/fonts/OpenSansLight.woff","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /fonts/OpenSansLight.woff HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/css/core.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: font/woff\r\ncontent-length: 27984\r\nlast-modified: Wed, 26 Feb 2025 20:38:37 GMT\r\netag: \"67bf7bcd-6d50\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27984,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 27984, version 1.1","md5":"f5e96f06811c03c019d10f2a8402303a","sha1":"76e412a10cac3758d8198cc06abf912773385db1","sha256":"42f31470a0d3bcd63fd438ba71def714f8de35efe64390fac3b7dc6bfab46479","sha512":"bb8ab9e841b11406a353c302da5606cd5d5dbb703d1262cb168bf1aae85a8debf9352b3eea74efb5c63ae5edf3501500f40de44299933f8f116eaa1970d10768","ssdeep":"768:d5Vpqu0Mmv4wyXdALk8egt1kfupVKZspbK:dncvvJLk2Vpkqs","tlshash":"f2c2e17fa77c15c5d55dc77068e0263823621a895fd32eb4f33a06b25a2bb442f62472","first_seen":"2023-05-22T11:10:40Z","last_seen":"2026-05-31T16:35:25.602054Z","times_seen":110,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/css/core.css","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /css/core.css HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 20:39:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bf7be7-fa65\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64101,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (664)","md5":"7675c407410858d2c4078fae1fde72fe","sha1":"186a36dd79915d6349ef13101dd68515754e0e2c","sha256":"7e903472b029b83083aa220a733db8eac18d60ae2707780518a1a7399c24996e","sha512":"6084e41c89a0320eb937efcecc0f4ea416e01e7533386d240f9a62f312d43d8000612c5a2dd62f7fb7709a6554f4e5250e2fd14898392e31d22d7b65c5eb713f","ssdeep":"768:eEGTE13E2ruSYzTfLiMBAL9iuCWgErFzY5x72hsNTu0ucjvLzH:eU3OSYzTfLiiVLl2hsNf","tlshash":"76531043f590204860274595a9a77bfbfb7d11037346acf7aad13a38c348ee225e3a5d","first_seen":"2025-09-12T03:23:08.730648Z","last_seen":"2026-04-21T09:43:35.407911Z","times_seen":8,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/images/sprite.png","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /images/sprite.png HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/css/core.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 6636\r\nlast-modified: Wed, 26 Feb 2025 20:38:55 GMT\r\netag: \"67bf7bdf-19ec\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6636,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 123, 8-bit/color RGBA, non-interlaced","md5":"2fc6834eafc1fe01207333027905230c","sha1":"f2e49c99325618b636393dfcdd2a1ea3770466a1","sha256":"9da336e03769410f6bd4a91988427fcf08304dbfa013f777c9b744a3afa6a48f","sha512":"44a821266e45de793f404aa7d5afd57237b56b4c9922aed9d57fcf2ecec8f70f1f7cd2fd6e154289833faeab1378683473cfe9415db8b326123a7844ff049dbe","ssdeep":"192:uSkom6G0v8v2kdEvC6aeqoi/e5TD4FyKppXepR/m:RkoLv8vdl6LHceqyX/m","tlshash":"c5d19dfc6a1165f7ea67c320080588f5d01f1eb84bb7e5eaed6db37aa8014204c91f53","first_seen":"2023-06-07T12:25:56Z","last_seen":"2026-04-21T09:43:35.415772Z","times_seen":11,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/fonts/OpenSansBold.woff","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /fonts/OpenSansBold.woff HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/css/core.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: font/woff\r\ncontent-length: 28124\r\nlast-modified: Wed, 26 Feb 2025 20:38:33 GMT\r\netag: \"67bf7bc9-6ddc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28124,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28124, version 1.1","md5":"eff2996162fdfe7c6af7995d3f790275","sha1":"1da200a9dabb64b33044126a324a276bea71a557","sha256":"36d1c6e6cb110da154dae5f43fc00c59d205fef10edd9f5cfcef1d88da48d7fb","sha512":"3902c7f71471e1e9e2098594c89a85240c78f529eccaf509ac415b1f7200061004dd39e73b86fe0bd0335f2e3405508c2491aebdbbd0f7bd8edf31b43d262281","ssdeep":"768:S24+BzzaLbw6n3dHfOyngx7/imiz8qPWu0ZbUJ:EozzY8Igyg1XGrPEI","tlshash":"d5c2f18109a77bdee7005630f7db3b0946b0054288a71d4ecfeb8e605d816fad3d622e","first_seen":"2023-04-07T12:59:25Z","last_seen":"2026-06-07T06:47:14.996496Z","times_seen":370,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/images/favicon.ico","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Wed, 26 Feb 2025 20:38:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bf7bdb-10be\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"b29e580b9c4fb858dadac20bcbc800e8","sha1":"07b234ea260ce6b1f4370af13e78d036034bb02a","sha256":"16481c52772c03decc12e0fbd39ee2a8349b6d58f0d4032767bf24fe3068cb62","sha512":"faeaddaaab5ca70b191ca03bcbae918accaf14124c9104b63b800ff81abdef58c9ed1249dd5a7b557351c07423d1d70a2ecc0b39099f299cba3982460bebefe4","ssdeep":"24:su9bLp////////kvY////////////D///////////////+Al///////////////u:60JJJGJJJtWLWOiTOFN+NRzVPNXNr8Q","tlshash":"3e9134426c813c2dcbd93234d8a39a789317ec435a78560f73063c36782d11dab975ee","first_seen":"2023-11-17T15:15:09Z","last_seen":"2026-02-14T07:53:11.979932Z","times_seen":6,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-25T05:11:52.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 3942\r\nlast-modified: Wed, 26 Feb 2025 20:38:23 GMT\r\netag: \"37e8-62f118e06280b-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14312,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (628)","md5":"ec68f0f17610530944a1cd57336bd9e5","sha1":"a84edceee29559c4bbbc9b109bf559f91af44c20","sha256":"e044303fac5ce3b42276ba7f80eb64a3552cf3cc99da796d2008c52aa9591f91","sha512":"e9b401063544425677b5240c31be6e8f96d86b0007ccb934e8fd4a0241a8d67039ead0373bd37a217717582213e9edd69360a1e2c6f7e604dc3cffbccf4bf390","ssdeep":"192:lgqct+HugYfJxV5AX2C8BFbzk0L5KQECh+DJU9lJMAQBMTdbwo0qXRGLW4Y:l5NHuDf5XFz7EChcSf+ANTBwo0JLW4Y","tlshash":"d5525225d112393346d760c4bb7ee70611d58302d8020be6f5bce3eb9bdadd9d42369a","first_seen":"2026-01-24T20:14:51.389404Z","last_seen":"2026-01-25T05:12:16.513382Z","times_seen":3,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":181,"dns":86,"connect":43,"send":0,"wait":47,"receive":2,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/images/blender_pic.png","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /images/blender_pic.png HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 79104\r\nlast-modified: Wed, 26 Feb 2025 20:38:49 GMT\r\netag: \"67bf7bd9-13500\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79104,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1272 x 865, 8-bit/color RGBA, non-interlaced","md5":"2bcbf5e0072b7c8c3bbe4f8851989042","sha1":"5b076db315d0da7676189fdaf0ae9239b89ee257","sha256":"a2efcbe1d9e0642f4042891b79561f9760d9e3f8170e0621560f42208ae3914b","sha512":"6618ade0dfd2e280dc6cdf4dc994dd007c47838128e09582a01b66e654639e969b603f1502866c30e5672546a3ef5b96b3a78be8bd648eb5e3615205835ee8b7","ssdeep":"1536:0okJ3Vybyz8k9Zc41r6KG5BPwRmDZvNtwWzixgpE2gtX+JkT2OzsAYDCvsVZLEm:0okJ3QboP1zGQmDpwAixwtgtmkTtzsAA","tlshash":"06730253d2a81d3fcdf9947ec942ae1ca7db78e549c3ef72038848d6a17d041c25888e","first_seen":"2023-06-07T12:25:56Z","last_seen":"2026-04-21T09:43:35.408678Z","times_seen":11,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmr-mixer.to/css/style.css","fqdn":"xmr-mixer.to","domain":"xmr-mixer.to","tld":"to"},"ip":{"addr":"176.97.124.200","port":443,"asn":6698,"as":"Virtual Systems LLC","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xmr-mixer.to/","date":"2026-01-25T05:11:52.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmr-mixer.to","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 00:45:03 GMT","end":"Thu, 19 Mar 2026 00:45:02 GMT"},"fingerprint":{"sha1":"27:31:BE:03:7F:5D:8D:BD:82:45:BC:CA:8E:22:50:30:DF:47:6B:4E","sha256":"69:0F:6E:CB:38:9D:E5:82:49:1F:7E:C5:99:82:9B:D7:DE:85:A1:22:A1:E9:60:56:33:2E:76:9D:5E:2A:46:84"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: xmr-mixer.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xmr-mixer.to/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 25 Jan 2026 05:11:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 20:39:01 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bf7be5-2d18\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=31536000;\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f7ceb1fc299cee8cf37aef00751d8aa6","sha1":"b2ab089272a2e3d83301b360e59e52e1869344fb","sha256":"7ef6f98917108bf0ef975ce0671756825900b69e6d73578a0d04e3d4398aca41","sha512":"96dbc0ad0547ec4194ccd85598625cbf19eb23192d6f46f8d72d7f39b454d857d477cc324963bdb1b14555f6e01842c52ecf5167eba3e578d5c71db1f19c0fac","ssdeep":"192:IdKqJMq75X89kY2F8nG318e08jx8MTag1wKKUiNO:I15Ot2yG3TfwKKUoO","tlshash":"1332736727151308942b93427ce787da2339c042f75f89be9edb5428c2cd5a426f3b96","first_seen":"2026-01-24T20:14:51.382616Z","last_seen":"2026-01-25T05:12:16.515163Z","times_seen":3,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"xmr-mixer.to","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"xmr-mixer.to","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}