{"report_id":"82806f26-a7ab-4824-8a29-5959eb887a20","version":6,"status":"done","tags":[],"date":"2026-03-10T21:42:53Z","url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"title":"Arbitrum Airdrop","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-14T21:42:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-10T21:42:19Z","timestamp":1773178939,"ip_dst":{"addr":"35.170.144.144","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48616,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Webhook/HTTP Request Inspection Service Domain (m .pipedream .net in TLS SNI)","source":"{\"timestamp\":\"2026-03-10T21:42:19.648719+0000\",\"flow_id\":444385506034413,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.47\",\"src_port\":48616,\"dest_ip\":\"35.170.144.144\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047738,\"rev\":1,\"signature\":\"ET INFO Webhook/HTTP Request Inspection Service Domain (m .pipedream .net in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_08_25\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0010\"],\"mitre_tactic_name\":[\"Exfiltration\"],\"mitre_technique_id\":[\"T1567\"],\"mitre_technique_name\":[\"Exfiltration_Over_Web_Service\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_26\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_08_25\"]}},\"tls\":{\"sni\":\"eoe1u9eng3oo7bi.m.pipedream.net\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-03-10T21:42:19.459501+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-10T21:42:19Z","timestamp":1773178939,"ip_dst":{"addr":"35.170.144.144","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48626,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Webhook/HTTP Request Inspection Service Domain (m .pipedream .net in TLS SNI)","source":"{\"timestamp\":\"2026-03-10T21:42:19.653658+0000\",\"flow_id\":310781958358032,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.47\",\"src_port\":48626,\"dest_ip\":\"35.170.144.144\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047738,\"rev\":1,\"signature\":\"ET INFO Webhook/HTTP Request Inspection Service Domain (m .pipedream .net in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2023_08_25\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0010\"],\"mitre_tactic_name\":[\"Exfiltration\"],\"mitre_technique_id\":[\"T1567\"],\"mitre_technique_name\":[\"Exfiltration_Over_Web_Service\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_26\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_08_25\"]}},\"tls\":{\"sni\":\"eoe1u9eng3oo7bi.m.pipedream.net\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-03-10T21:42:19.459792+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"va.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":51316,"first_seen":"2017-01-30T04:20:46Z","last_seen":"2026-03-09T08:22:01.884418Z","alert_count":0,"request_count":3,"received_data":5178,"sent_data":1511,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"eoe1u9eng3oo7bi.m.pipedream.net","ip":{"addr":"35.170.144.144","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2015-11-25","domain_rank":0,"first_seen":"2025-08-21T04:25:57.661405Z","last_seen":"2026-03-02T23:39:57.187289Z","alert_count":0,"request_count":1,"received_data":258,"sent_data":479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"embed.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":52083,"first_seen":"2014-03-19T21:03:49Z","last_seen":"2026-03-09T03:49:52.260083Z","alert_count":0,"request_count":9,"received_data":680593,"sent_data":4113,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"xpm8.top","ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-07","domain_rank":0,"first_seen":"2026-03-10T21:42:55.657436Z","last_seen":"2026-03-10T21:42:55.657436Z","alert_count":21,"request_count":21,"received_data":4077851,"sent_data":9653,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","size":240941,"data":"","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e20b617263ec34fb8a651781c68be3e0","sha1":"8ddc0fbad7755faf6aba6f9c30833330338fae6d","sha256":"a51616b24b48be1cb0fff628bc818c3f9790c976b706f0700c77ec3c698ed7c1","sha512":"bee120f16cced67694e41246e128d8150aca7269dc17994b2d52ae2fb38a4dcf77fdca2099c7364c1ae5023ebbb44939a9f95b26f6700b87cd1fbb938d09f999","ssdeep":"","tlshash":"6501d5cb4c223801075752191c7e15d432239427fc59ed533597a5503f4db0d53675c9","size":754,"data":"","first_seen":"2025-09-04T14:24:09.459824Z","last_seen":"2026-03-26T09:59:47.235936Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/js/jquery.min.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-17T12:15:20.794479Z","times_seen":469631,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/js/main.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c4084869eed0d98e9107a7a959ee87e","sha1":"fecc8e8218e7d97d0b52044181009e0ace7d7110","sha256":"321bcdb4b75c884e7f3454433492b4ad86af3925a477882ccb6bd55fd31486cc","sha512":"342b479a4ed7e38457d88e89385c2b3c49d6dd851378b9afad792861a4080b8ce5e7b44509dcbf95bfd40115d67b2c52601c943bcd08f85fc32d876de267e15a","ssdeep":"96:/2SPlSOG9BK3i9UCH24axF/CtNQdmbt6yKVpgDr2Wgxta/6:/27OBi9UY24axF/CtES6yKVGDr2txtu6","tlshash":"f79125062fd02bc9534922ed372bb468e331e998c1c1518ec89d7d649bd1f38dafa538","size":4477,"data":"","first_seen":"2026-03-10T21:43:01.080835Z","last_seen":"2026-03-26T09:59:47.24174Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/68469777501b8d1909142b40/1it9rvbbn","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"311d7f616ed531b295913c908215b827","sha1":"065e7c05cfad1dd3c2e8bf6ac2d567fab2227e6f","sha256":"282e81b26d107a9bb52166b6003758bcc37520f8751210f85c0552d9f6e42022","sha512":"e867d92ecc6e6649c6269821f81dc4c37378ffc28023101bd4c737d179a5d2e75feddd2a349b13c6f434346d8c82c99ad58a2cc8825adf17aa1f145767918895","ssdeep":"","tlshash":"9a41ddea5b4f1c52b22410d90dbef90ef47720f745d95892870c085272757ad2f8ee38","size":2123,"data":"","first_seen":"2026-02-22T11:23:36.483832Z","last_seen":"2026-04-14T22:16:36.239229Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5cc969e5389282e75faf0503a99e571c","sha1":"7fbaa133ab90a585941b83aaff6bd5faedee08be","sha256":"f0ff9d0914ea146742ef8a220eb7899da9bdf888813ce3be8849e178effb7f37","sha512":"4046fc553606a107e5dae214434ef46aa7789ec81ea9d2dd630e13a22fa6a00873ffb176c70fd29a8c31756dbeb95cb02a0bb8c285429f76f58663bed3d69f9c","ssdeep":"","tlshash":"23e0265c2a007d61922256a320b2ee4c74b73028a259e8a199afc8482a28d49c82de99","size":328,"data":"","first_seen":"2026-03-10T21:43:01.082461Z","last_seen":"2026-03-26T09:59:47.240037Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","size":324696,"data":"","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","size":151,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-05-17T11:35:01.505013Z","times_seen":82386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","size":82913,"data":"","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-05-17T11:35:01.385181Z","times_seen":55870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","size":2306,"data":"","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/28822a86-efc5-4bd1-aad0-ffb3bdcc55d0","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a6a940a35a7a310b8392f11bbe0e442","sha1":"141cfb1ced57a112ac1dedbd7495b9f895d7d4a4","sha256":"6cd8b611195c40b9962b01e70d1d2fb8b3188844475202ef580540d8418b4fe0","sha512":"9d434633c65b2d320371f382b6c0ee6ef5326b1e82aa858c75fe21ede52a623596f14904a97c310961eade908e97ba47dd6fd15eed0a8728fe4c8003cfda1c51","ssdeep":"","tlshash":"b611c2cd3e9bf5c265fbeb91598f644b9c39e659300c8402c64893e828954ecd287f74","size":1000,"data":"","first_seen":"2025-06-29T22:01:12.821928Z","last_seen":"2026-05-17T05:51:05.489393Z","times_seen":505,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","size":121,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-05-17T11:35:01.301271Z","times_seen":82346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/0x.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d4acd04b840bc06246022c4aedeb33c","sha1":"c47c07af75ef1b63be422071799113cb7d484544","sha256":"66688abfe36b64a65debbbd0403af3020052d4c66318a58cb5b025149bac7de0","sha512":"d4827cf0bc816147f6bb86edbc1a52c9a5b91ebc5faa02d7d9026e852088e28f1a0f296c4afe4af80a94e394e4b75837410c47bb887832a03f6a86bf2b53128e","ssdeep":"768:KN9yFcio+wKh9tXjcb4IbDB6IcP8nHfVlkbWVgnC1fAi0YAclqc/gIJg2bTco:IxQ9tTcb4eB0AfVlkbWVgnC1fAi02Dx","tlshash":"e44394d8691ac0d85d9620ede833e409e4a8091bcd6df163a63cddc1b41efa78487d7b","size":58819,"data":"","first_seen":"2026-02-18T11:47:00.249562Z","last_seen":"2026-05-01T12:16:36.576886Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-vendor.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"3b341e35b39f6195793ecaf5db7c1d63\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d17eb2956f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":82913,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65472)","md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-05-17T11:35:01.385181Z","times_seen":55870,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-vendors.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"b057293b718ae7060a9acc593ff83f67\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d17eb2c56f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":324696,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"b057293b718ae7060a9acc593ff83f67","sha1":"991ec4ae783d59b4ae91113a0ecb5e6b21d19d45","sha256":"39d3bf235a12d663f4c2564a4d0311e4c902370219bdf1c4b81d2d1698dae888","sha512":"61865e60d018bd21ca9c737aeb975e8f52b0d0fa74128720cd03fb59f7766362efc8d84b06def39558f302b15d1bb39e44dde7cf0a840d62cdcaec6932df4f52","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJQMoZmVodXsJ5Ar6VKkOPmx/:FGABPVhO5wdKJCMo4VJ5Ar6kOx/","tlshash":"11644bc8f183b0b606e7a1a5009f5207737a151968ed8498f574dee968e8e5c633bf3c","first_seen":"2026-02-19T03:13:10.628072Z","last_seen":"2026-04-21T03:41:36.073067Z","times_seen":12668,"resource_available":true,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-d.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-d.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-1828\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lwaigYcKoplYqN%2BGXGC1kP0Zee3sMnCb0E5jOdlKxolEvvdXl6zn5MENhxClBPM3hn0bztA8dexuP43LvIfvpqNy%2BplNqUa9\"}]}\r\ncf-ray: 9da57d13797696b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6184,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"688379963d858baa742de0edda6e36ea","sha1":"b4b1b66c0ab9894f5af521fcdec0e338d5409b06","sha256":"04de6c943086ca423e5cafee888472492e2c9a0eefab67df3120246cfaf7820e","sha512":"12dee8e81614e16f43a784994fec778d51574842414d330a6e93484ca0a0332af484b8e7a7801041fa0df7cd90d8d8c9777c5fcd30b1419e013626e98e9516db","ssdeep":"96:kEOcjxI99RyFHmGgwiBi9iZd+mJ3RRUrmvERlidTvQQbfh9CDm1:3AU9mGgwiB4eYmJBum8RlidTtCDm","tlshash":"48d176de666895e0bc06bbfcaa3b28d038172db76f47d60582f42c06a5664dd1879dc0","first_seen":"2024-11-30T11:50:18.306867Z","last_seen":"2026-04-12T12:36:21.513911Z","times_seen":16,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/js/main.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/js/main.js HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: W/\"69acb01e-117a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pQuBmDAnL8FYbPLjSYy%2BZ9%2BYHINtLLVy54o2kOT0q%2FPuxnb%2F04yf1ncteIxwOp0Z2l6sZ92aKBnhe6fbVwVdO6J%2BYVzS7x33\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9da57d13897a96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4474,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4473), with no line terminators","md5":"fd4bf0f38b597733cfda4058e1fee957","sha1":"952243d74ceba05b2c6b4977c82475b229d7d136","sha256":"81fc0b3965dc29b202721a77efe3f4c319c6c58b6c8ebd3516ce890013d3f9e4","sha512":"3e5f68b7d78d55ae9d3e4e50ef7299ccf32d26458692079c4737c440d743a9d0acb449ef6d43ad434e153fc34df2ea3595bc71332737eaac35c22b760179aa11","ssdeep":"96:/2SPlSOG9BK3i9UCH24axF/CtNTMmbt6yKVpgDr2Wgxta/6:/27OBi9UY24axF/Ct1MS6yKVGDr2txtV","tlshash":"309125062fd02bc9534922ed3b2bb468e331e994c1c1518ec89d7d649bd1f38daf9538","first_seen":"2024-12-23T21:37:25.885088Z","last_seen":"2026-03-26T09:59:47.221482Z","times_seen":7,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:22.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"OPTIONS /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://xpm8.top/\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-qf5d\r\naccess-control-allow-origin: https://xpm8.top\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Tue, 10 Mar 2026 21:42:22 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9da57d252bda1382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T12:15:03.859186Z","times_seen":15331255,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/css/fonts.css","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/css/fonts.css HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: W/\"69acb01e-b22\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bfxj41mi1595RTEdizZkQAvtullsmw8E2tb5HshOznFdtaCvh75Jpy9mqqiEiZLj3fNHk%2FP%2BJ4OgxpGz9CUHIZc%2FE48ELksl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9da57d13797096b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2850,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"0c56dae6070082a738970b241f097d5f","sha1":"990a93446bea8f60f92b7dc1ce405269784c4977","sha256":"47f7069ebd3d30cce2a5dd7c7494dc285a3cdf4520efba8e42aadc45daeea469","sha512":"00fa931509b9947de130186896a64a28f5f51f907f2b2fbb94aedad4dd9f0d5ae91d3274b6446bbdeca2073bbb79e85b8d5531f3b7fa3d6d1a30aa42b1368db4","ssdeep":"","tlshash":"2a516980081b2114f6730c8a63de7f21da8d6057a280923a7bfd3a965ffb9751264b4e","first_seen":"2024-12-23T21:37:25.877463Z","last_seen":"2026-03-26T09:59:47.216279Z","times_seen":11,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-b.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-b.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-f6a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BWecE8VwtKiJv6RprL0JRwZLS9ATTvvaSeMoNXFdBDoArr8c6ywWeOMYxZ07Zr1Oz10yDEUEXaiqOuh6qvNi9wBjjo7PjURI\"}]}\r\ncf-ray: 9da57d13797496b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3946,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"89d6b1e83501cb43846349d327f7d708","sha1":"0dcf84efd92dd1d1851d288fecbd5145cc90da48","sha256":"3e8d81da9fd7556acf46d57c6999a7699426a4d62edd630e064de18914610418","sha512":"abcdffa187b53391034c2562176ed8229d35d14e224b8728bd7f4316421c61f42c4d492e04720431b04b5f544f46933d55b210258c62d2f3f71bb06aef4961b5","ssdeep":"","tlshash":"9e8144eab3a4c2f4c149fff0941206bf7b3b34b97b61d320a7e99a40d5414ad4c82c40","first_seen":"2024-12-23T21:37:25.891901Z","last_seen":"2026-04-12T12:36:21.515896Z","times_seen":14,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-e.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-e.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-e1a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T1QtRYmhLnpj6Xvjojjvoa%2F92H7z3RXdP5ifEI3EnOU47xC19zxQmLOvIdUZ0LJLW%2BTPmazzQX%2FAROHr5bzD9ecMS%2Bn5chI1\"}]}\r\ncf-ray: 9da57d13897796b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3610,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1f4112763e98f76c3c5e7c53d66d685c","sha1":"202a0176319944594dc49792c66c8114490190e1","sha256":"d4e0bbe7deaba8b5d2a2d0d736b4a211c32274ddacbff6aa9c1ac170abafb428","sha512":"081a899047d9401792779a26f698f1e7da7685a061dbc3110380c1049d935b4ceb73e222c20429c831116067df8acba2cb7a20ae69d1b32bcf71877ef39d490b","ssdeep":"","tlshash":"1d71d6ca738cd1f0a506f3d4db352478e7afa8f9df666a384b845e2bb84149d8c448c1","first_seen":"2024-11-30T11:50:18.313499Z","last_seen":"2026-04-12T12:36:21.531741Z","times_seen":15,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-app.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:34 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"e736e189edb5d0d9d5b8e7f23dd9114a\"\r\ncontent-encoding: br\r\ncf-ray: 9da57d17fb5456f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-05-17T11:35:01.505013Z","times_seen":82386,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/widget-settings?propertyId=68469777501b8d1909142b40\u0026widgetId=1it9rvbbn\u0026sv=null","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:22.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /v1/widget-settings?propertyId=68469777501b8d1909142b40\u0026widgetId=1it9rvbbn\u0026sv=null HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xpm8.top/\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-6g56\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: GET,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, max-age=7200, s-maxage=1800\r\netag: W/\"2-35-0\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Tue, 10 Mar 2026 21:42:22 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 9da57d252bd91382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2140,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8a91ac03d64affb5a56183cbe5247187","sha1":"0c1081e7e6a1224a695d8f5ef37015e1aa2a6980","sha256":"19e711160e1b8fa7a08cfb4e7dd46ed7b15c7ffa1e9fdce6a10046f3c6a5fcd3","sha512":"95a36894304e46fe9d1173c6ef123ce267f826f9d2df1c4b4ff248693ca4b97ec8f765a61fbd638ba0a9a943f874f81cdd783208da6602dd6ea75f071de80ec5","ssdeep":"","tlshash":"1541f0254a12dc7c63c9835371de7727aa2dd466f2846e0de1a89d2ce3fb64d210271b","first_seen":"2026-02-12T21:03:44.433061Z","last_seen":"2026-05-01T12:16:36.580623Z","times_seen":27,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":380,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/68469777501b8d1909142b40/1it9rvbbn","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /68469777501b8d1909142b40/1it9rvbbn HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: application/x-javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=7200, s-maxage=3600\r\netag: W/\"stable-v4-69967ba6a3b\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9da57d13cc0556f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2123,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"311d7f616ed531b295913c908215b827","sha1":"065e7c05cfad1dd3c2e8bf6ac2d567fab2227e6f","sha256":"282e81b26d107a9bb52166b6003758bcc37520f8751210f85c0552d9f6e42022","sha512":"e867d92ecc6e6649c6269821f81dc4c37378ffc28023101bd4c737d179a5d2e75feddd2a349b13c6f434346d8c82c99ad58a2cc8825adf17aa1f145767918895","ssdeep":"","tlshash":"9a41ddea5b4f1c52b22410d90dbef90ef47720f745d95892870c085272757ad2f8ee38","first_seen":"2026-02-22T11:23:36.483832Z","last_seen":"2026-04-14T22:16:36.239229Z","times_seen":19,"resource_available":true,"data":null}},"time_used":434,"timings":{"blocked":17,"dns":7,"connect":8,"send":0,"wait":379,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/fonts/BrittiSans-Medium.woff2","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/fonts/BrittiSans-Medium.woff2 HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 8712\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-2208\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UPzs%2BaGb609VSxMtpyCkpHcH%2B5JZPPQiy8geZQZMouwlxIxn5aJlzJBLomzKNDxbCWSYVvgul2XqcAebpIgo1qoUecp7WiAd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15f9c196b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8712,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 8712, version 1.0","md5":"05032d99d77e7383adc269f0185b3e82","sha1":"5b3abfa226b21b09cef2d832c0d0fe61d786253d","sha256":"409204a313833b0e08f86d3c4d4d709d1977f4a427f4de4aa5333c62679d5583","sha512":"c3f9c83add782c2621ec25bba05816ec095442f2f9c54abc5bd6b9e7f8fd6e80e1ed0ceee0cc0244c6daa6b67e18300d12cb9eef2e6b5ab30c9e36ba9e1f6a9d","ssdeep":"192:ZBLS4CHEVZ3P17at0LmuxdxDY1rbA2y4wGc3GKRid01h:ZA4CkTW0LmcdxDY1vhLwGc3Z1h","tlshash":"f902ae27e00daa1cf01d2ba94f13afd685499af72ff2cba345128012f5d3a34031a26d","first_seen":"2024-12-23T21:37:25.914294Z","last_seen":"2026-04-12T12:36:21.502984Z","times_seen":97,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en_dev.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:22.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en_dev.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xpm8.top/\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:22 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"73eea1de9215521cb137b51419ba55a9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d251bd71382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10839,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73eea1de9215521cb137b51419ba55a9","sha1":"a8876b573146cd5450adc92a5450febea8d33f22","sha256":"df1d970dbd95be40780e8c006102fa7892bfe26bc989ee0c9222b089038542ee","sha512":"277849fa8a9d59430663b5c1aac29a198436731ab59bc5968ed9fcfb839f00a31e6e278c3c78547f6e1c20d94847963375de011be6493af268a7bac25cd15257","ssdeep":"192:ImwHq/LrnzPLEgIE1iN+xiDgGOy+HpVHnKWyay8V1K5Av+cE:s6LrnzCE1iN+xkDOy+Hp8/5Avy","tlshash":"c7224269ce504ea702c29647399f35437624429b1f54382eb78891ac0f8ec6f71f779e","first_seen":"2026-02-18T09:54:55.751197Z","last_seen":"2026-05-17T11:38:23.442068Z","times_seen":18379,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:22.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"POST /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xpm8.top/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 193\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":193,"data":"{\"p\":\"68469777501b8d1909142b40\",\"w\":\"1it9rvbbn\",\"platform\":\"desktop\",\"tzo\":0,\"url\":\"https://xpm8.top/ARB/?claim.coinbase.com\",\"vss\":\"\",\"consent\":false,\"wss\":\"min\",\"uik\":\"D-oYV8Zg2l8ShqzbpYKKW\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-x9v6\r\naccess-control-allow-origin: https://xpm8.top\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: application/json\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\ndate: Tue, 10 Mar 2026 21:42:22 GMT\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9da57d263924f351-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7fbebcebfaac9fff2b084496207b5595","sha1":"a67ccd927ef4b6a38445f30ddeb3fbca39fcaf84","sha256":"e945fea7800603199b8317e0884a85843f0917bf2581ceca57ff3e4c72578bf3","sha512":"b516e07f730155eff616292cf041cd831a8a700331c7c49d070fee428b7f28a28511c6f12fecc44edb76810e644babf922f86fab65062bf954d1dabaf9aebc70","ssdeep":"","tlshash":"a611a5031d4d1ecba237bb808c417c050ccc6ea265d41484a4ca9c953dd53bc2e434a7","first_seen":"2026-03-10T21:43:01.0546Z","last_seen":"2026-03-10T21:43:01.0546Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/js/jquery.min.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/js/jquery.min.js HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: W/\"69acb01e-15d9d\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7KNjOI%2FnWp8pOAko5wSS%2BA%2BnO%2B8LmPw8WmKJYr3slnOucA5uTh0x2%2FkBjnNwv3mxHmL8qfedjXY5g6PeYGU40L3yCI4S1Lxc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9da57d13897996b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-17T12:15:20.794479Z","times_seen":469631,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/?claim.coinbase.com","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-10T21:42:18.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/?claim.coinbase.com HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hv8NBclgKOz%2FgRgJz%2BTov0EEVvfX3P2hhUOxAd1jzSOw7Lg%2B%2FYPTmeJ61F9eMDHrLgekqkfWmU83K3yhwQ%2BMSDWDxw%2BhbwYf\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9da57d110c1911c5-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":15315,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"d491434bf8e4d80d20abd212dd9242dc","sha1":"26282a1dfe7cd39b673d1aa3f4d7357cf0a27f53","sha256":"ece11322a7909a4ee435e1ce27eddff396d44bf50f8969f3d7a95e229b632bc4","sha512":"02c82d15134feb413ee97a116cbf4daac3509efe3c9e90e790734c8092c83b9114c9f5d02af518aa08f1119976a2bc7d51afe8af5a90f7d6058b5e72ba636482","ssdeep":"96:TL5iqLSfiw/me6tTTsojYIuetidbAEUxXKVngtUBCwVy0o7/d7FW0:UPifeQTYAYIuS+bArVKVKUwwVuFF7","tlshash":"1762746054f110375282a2916a225f6bbfc0ea07de5ba32136ed4bd45fc7e86ce6724c","first_seen":"2026-03-10T21:43:01.057377Z","last_seen":"2026-03-26T09:59:47.214295Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":84,"dns":58,"connect":8,"send":0,"wait":190,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/logo.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/logo.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-266c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TrItHjSep058iwFbC1gvZ688iF%2B%2FcP06jQF8lSHMdGuhVvFWhXSzeyeg89Ah8SR%2BnTT8O4kSpfJ1Q5uEG3yIlvWn%2FL8qpuJ8\"}]}\r\ncf-ray: 9da57d13797296b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9836,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"075a816d5a40d9d7b7a43c8100d78314","sha1":"02143fdf464b5ce914e840be0a45152982a791bd","sha256":"467e80233c085d89bbe9411653f157daf377ea316f08eb761e7ba1e38e265f28","sha512":"815b7751e643bf496c0f6575d2eacff367336c62db39802ddaeaabf98cf4c1624e30c37815b76458148b8f6fbee59cdeb11d55ca9ffbc5edbfae95dc8577fe3a","ssdeep":"192:ZzjRONG6IXVCyMCePZ/CoY0RH7d+2esFWDjwe9D1M4jC:ZHPVCylePZ/TRRH7dxXFWDjV9D1M4W","tlshash":"6112b6ddebf5d2e1e904b3e4abd3502d3b1264f7a796cab5c3862e65e91104cc489cc2","first_seen":"2024-12-23T21:37:25.887822Z","last_seen":"2026-03-26T09:59:47.22572Z","times_seen":93,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-c.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-c.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-202b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=naUAAb3Rf3TYHsdr35abiok4Va%2FN1kOQcAzdElgSaeN8m%2B9l3YOAXfNGZDxYyV%2FiumBAwPwWsCU%2FElZZkcajwBvL3iCLpQfM\"}]}\r\ncf-ray: 9da57d13797596b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8235,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5e4c6d98ce2bf8a94ef5b8a0e9a5edd5","sha1":"0c572350aa6deddf65ee78e2646c8f08159365c2","sha256":"7c819b651871b054c5d2a6ad5a5c2e686133ab1e8b8fd93d2cc4edfbb94e1cc7","sha512":"ed36a19d5e9425919d979b36cc3cab1c2a6a92367648a34361548ece7b8fb8a25ea132488f7286c08cfc9388fca3320e2ce5aafda8c4ab5373393399593423aa","ssdeep":"96:Gqa2b24514NXlPeXBXnLypuYbRoUceZKnC4Qol2EeyPyMV7D16mxAzheSJ6/3kGA:GqXS9eRCRcaylPHVv4maNeSJ+kR","tlshash":"3102c9dca7d927f0f90ae7f49f1594f03a5720baaf92c36483d45d5896264ac85ccdc0","first_seen":"2024-12-23T21:37:25.894063Z","last_seen":"2026-04-12T12:36:21.518471Z","times_seen":14,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"eoe1u9eng3oo7bi.m.pipedream.net/","fqdn":"eoe1u9eng3oo7bi.m.pipedream.net","domain":"pipedream.net","tld":"net"},"ip":{"addr":"35.170.144.144","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.m.pipedream.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 25 Dec 2025 00:00:00 GMT","end":"Sat, 23 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"35:B2:9B:25:AC:60:01:78:F1:ED:BC:8D:C9:1E:78:39:5F:6D:C1:6B","sha256":"3A:0D:9F:17:7F:58:78:0C:FD:A2:3B:EF:2F:72:E8:8C:98:2D:74:A4:D1:49:22:DE:54:03:39:1E:1C:D8:11:06"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: eoe1u9eng3oo7bi.m.pipedream.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://xpm8.top/\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nvary: Access-Control-Request-Headers\r\naccess-control-allow-headers: content-type\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T12:15:03.859186Z","times_seen":15331255,"resource_available":true,"data":null}},"time_used":1003,"timings":{"blocked":443,"dns":20,"connect":96,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-runtime.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"0beffdc96a1a1b35b5ce2759d6d1d51a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d17eb3256f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2306), with no line terminators","md5":"0beffdc96a1a1b35b5ce2759d6d1d51a","sha1":"8d9d42c92a1d18382b66ee353d3b81b8641ced00","sha256":"e27dcd41e84265874a28c43fa5780e5ddabc8cae4fa0d010d0ca18360e704389","sha512":"6c5f688f184fa65416108e0f6af9947e741b70ccce5053b318e8ed64858d9ccd6e6b2f905103bb3871e540ecfb7a85efb0503c539bb4545d6975c34aa58dc090","ssdeep":"","tlshash":"7f4183d936e8f9b6434318a1043f9016f6352976097be4c0531dd4f5bc78849815afb6","first_seen":"2026-02-19T03:13:10.681687Z","last_seen":"2026-04-15T01:21:42.763559Z","times_seen":11136,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/css/style.css","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/css/style.css HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: W/\"69acb01e-97ee\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qFACEMBuG1fZQ3LTErJK3ejYWP2xIhOfJqKVeI1f29kertmlS4C6Eb87XJ3g4YHWjWKoNZOdh8YlS1f0wHrpn59MGNsvK%2FLE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9da57d13797196b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38894,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3603)","md5":"5f7603ee6c25330cdb2460d71b8035a1","sha1":"d308e850f1c1eac1e356d51889e4e7ac5e283d9d","sha256":"64f010aca403c1d9494864d1c7da559b9bb32bfcc38ced13f471135732db9a8d","sha512":"2ebff4361d4dc08b411c71d6ccae81ba14237e38e122313f9e9a9495f06f655060ebd75293d17818d3b61cca0f41b54f36b631abd0d024a26ef5cb3bd48374d6","ssdeep":"384:nP8ziUQVwi3N+lgTtDR2RO2RESWb+UdKtwN/d157Y:P8zIDa9eNu","tlshash":"df0351ab5293164078078d541fae1711237cc027950afaf83ecf6a988f8b5c9c9d27de","first_seen":"2024-12-23T21:37:25.879428Z","last_seen":"2026-03-26T09:59:47.228289Z","times_seen":7,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-f.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-f.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-ded\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a4fBZkZrThayYhmlRJE0Cdq2waKX1nZiDtPE6XHP9hsBv5Ojh%2FhFMwlkdBbL7Z%2FGwMD7ol8DwTVvtyC5QwUmjXHVyWRkZo4U\"}]}\r\ncf-ray: 9da57d13897896b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3565,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"75634d5fcc42602e72e4ab3015624fc7","sha1":"73b31963482c8e5cc3182b8007bb8e8ec6358edf","sha256":"0fa538b4cf59ff9111bfc25cfabf5f4bb5e72ab8580927dfc3a7a87a3d578190","sha512":"3bb1156dccbb31066700eb6aef8fa9940f01e3f6302e92093cd3153f6c1677f7672687830d2fd7dfb288a08577c40bfe1a90d9337e0c165d3b3bc028852807c1","ssdeep":"","tlshash":"bd71b6feb768f2f09402f7e6ef791474751f2cf92ea583b0c3a54d549a2649d8814d80","first_seen":"2024-11-30T11:50:18.316525Z","last_seen":"2026-04-12T12:36:21.486217Z","times_seen":16,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/welcome-image.png","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/welcome-image.png HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 206024\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-324c8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=in2FY0d8lAaGex6RXc2XrymHAcsXTQEqxx4o6ppzYKdJVf2v7I4hgYpmUrVwJQZFR13WgX1hkmqd8n2icCONUvb93AYuYheV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15e9be96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2810 x 306, 8-bit/color RGBA, non-interlaced","md5":"8a9f44bd2869a9933a29e8d97eb67f7b","sha1":"9d3998847e14635808e6a67c1f92d891e71010c4","sha256":"a8a6587300d667f1a7f997848e1d7d37b2e573a2c098264000c5cf2f53e162e1","sha512":"2f90feb3fbea8232fe32161c4d74f9fbc41c15920dd8388e75a363cb2b216f934bbdfdff5164c4f8f5790a3121eac242074f7b19a47bda83a57af1a33234988e","ssdeep":"3072:zRducESzSkWSiiCKUqY+22dsDYdghvM6S4y1sexaNKA24zWULXUyPM0Q2OZX:Huvk/zUqbdsMdgVE4Is2GZW+XUy0v2OV","tlshash":"5d14120474b1e513fe5364b44204ff8f7983b8aaaef5bbb0c1a5a65fb1b0c8585853d8","first_seen":"2024-12-23T21:37:25.908891Z","last_seen":"2026-03-26T09:59:47.212116Z","times_seen":6,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/fonts.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 46704\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-b670\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LR%2F4ESz8kYTo7QStuGGEZh95kZI7YQpWn1PlwAlEWEB358qKnM18lS4N6glVuiS%2FTcnf92DEYP3uajmMD0HOZ2pr7VPQMoQi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15f9c096b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46704,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 46704, version 1.0","md5":"30a274cd01b6eeb0b082c918b0697f1e","sha1":"393311bde26b99a4ad935fa55bad1dce7994388b","sha256":"88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42","sha512":"c02c5894dfb5fbf47db7e9eda5e0843c02e667b32e6c6844262dd5ded92dd95cc72830a336450781167bd21fbfad35d8e74943c2817baac1e4ca34eaad317777","ssdeep":"768:f3Ybit5PQRS0FhgC1g10ijolF5rm2GsRnENYMSGAxgvZdH3VayjX2p2iKEmcLf:fIbi7eHBmt0F5rm2GsRENqGAx0Zdlt2r","tlshash":"1223f100917181a2eea73b3e82c96adb00ed51db6dc0e564a22f16f99d1f23f4385d5b","first_seen":"2023-09-15T13:47:10Z","last_seen":"2026-05-17T12:01:17.77499Z","times_seen":19924,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/secureproxy?e=jscdn/getFile","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"saxpg6vyhtw8knf80viz\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KxA%2B3COBxO1Zd300TiMyg87mBNW3UhMU%2BaPj4sZ5Tq%2F1f7TztFqg7iy5VLyXKrWwvFktWghRTNF5BWkFdQ0Z5QswEJ0%2Fb1nI5%2BpkUGZ%2BoaAD1g%3D%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d16c9ce96b1-ARN\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3428481,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f8874ab49abb7c016ec075e14a49b998","sha1":"acad4562045db5e9f2aca8e3fb8f8f8cc328c5ec","sha256":"d246a5defd38584516ae12acfcdad512803878e979950669f8f5e8592cefd540","sha512":"cf1ef34440668db61b6e61a9b836866f61d10f55abb708af553d081759b68807688526f75be4dad42b418d472d350a151f15296ac17ed80cd8402d4a0379bf7c","ssdeep":"24576:Oa0UCb/YWmLkwsOukzMSPbg+lsVo5/Cr0OSzcfUjel7M0Rnn:OCAGkwdNZngkO5n","tlshash":"332523d36f57a4788f5c0eddb0e72d0f68504c031448e6b5ea99e8c635ecbb041ea97a","first_seen":"2026-03-10T21:43:01.067768Z","last_seen":"2026-03-10T21:43:01.067768Z","times_seen":1,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":364,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-main.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-cache-status: MISS\r\netag: W/\"da5bb1dc647470204df0e49f5afac2de\"\r\ncontent-encoding: br\r\ncf-ray: 9da57d17eb2756f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-05-17T11:35:01.301271Z","times_seen":82346,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/favicon.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/favicon.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-91b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wy9EsTIBb0iQqIM1YRpr3n2wcweHM5zDiw%2BQTssVrHdMyDtdJOsiWdfcJAZfd2LzBZ3Rt0elr568d7l0bfeFs9bPEcgkseEp\"}]}\r\ncf-ray: 9da57d1b0a3496b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2331,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6402120fd8435947c8b18327701f1612","sha1":"d7fdc769f65013daf22cbf171aa6576a38e419e2","sha256":"ee23ddfb480b71782a9d303d76a3aecfab96f942a88266d364d97a5344aae9ff","sha512":"a5a7b36e842ca7b0567121c064102eb5b756e9946692296a8d4c899ba9fd5313c1ae08621f96cad2eb925c401c4a84573fec70e94584c227483ac8df483da9f5","ssdeep":"","tlshash":"22413ec3e384a8d4d4a4a7f84a1e60282b1778e79d10c150aad62e33f8421bd4d9aed3","first_seen":"2024-12-23T21:37:25.920331Z","last_seen":"2026-03-26T09:59:47.225083Z","times_seen":90,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/bg.jpg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/bg.jpg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 90750\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-1627e\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pOIt031XnOzxtx9Vxs4YXXIamKULkjbESykLiDF%2BOlXZGuV9%2BzLQCVikYIepT%2FaDCdW6%2BhLodzQ6QD7PoY%2FMeuUiuwRsFxJF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15d9bb96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90750,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"e3a5d4c98f9168026ba97cee270a5030","sha1":"66d7ba77c0128a1ec76306dc846b3a2a3ea2b4c1","sha256":"855dbd1b729327496ed03738d1ecedf1f08f0eba45fddba7a425df0d17860926","sha512":"87e0d4bba9f2bbca87e3ab937c018c1d0957e78ecdd8388c48555b446d37b12835349c940f2a94bcfcebdc22fd4783f95f891539f98c92e87d8773bdfd423688","ssdeep":"768:0vc8VekFkDHHnAC1WCXG1mtPr2NezTsQG5cTNizefJU8lHA71YF:0vc8f+DnnoCXri35cTkzqJU8l41YF","tlshash":"fd939c75ffc7d76453236a6e953ebd37178542c826c80e0b89434e28d020fb58a672bd","first_seen":"2024-12-23T21:37:25.902631Z","last_seen":"2026-04-12T12:36:21.492925Z","times_seen":13,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":196,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/clock.png","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/clock.png HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 1619\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-653\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6HIgbqStJZ7RslEQ83Uz%2BrEHv0dbXSZD6ekbRUj5fKaugn5zujUebOMjvIxsWG%2FZQVA1rQve8zABepTcsYMqsH%2FFynCS4Sq0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15d9bc96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"a769e38d03fc88505e22d655cc6d4a52","sha1":"be484f2dc1f9836567d5d3fdadb7baabe043e47f","sha256":"12790c3a358d5c5557123bbeee5b60942c9d1026a7cb548b98b65265f9998525","sha512":"80c3a42b41ae81fa81dc1c14cec830411d4248897d67cee8078c48f2085bce43b450980e9ce1e596b14bb4b4dba8da43f41b9b15ec640fcf0df7abff3a59475b","ssdeep":"","tlshash":"ff31eabd26e49febf94dceb13394b2806dba02b733cdc9931a683013e3166554150448","first_seen":"2024-12-23T21:37:25.904786Z","last_seen":"2026-04-12T12:36:21.514967Z","times_seen":47,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:20.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/js/twk-chunk-common.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 10 Mar 2026 21:42:20 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"d9deabdd1848c34f3ab46722f446c153\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d17eb2e56f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":240941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)","md5":"d9deabdd1848c34f3ab46722f446c153","sha1":"ca3efc8a6fe26ae3556374b113dda96032edd201","sha256":"6a583970080e55cee4ced2fc7d5e5de94283f0e6eea428a50219b8e343ff0890","sha512":"d260841afedfa06bc864b92b64cf3bd1a323b2de447ce38cb1499cc6fccfab0da309a76814b6cfb20fae85fb5707fc72fec9996b64bfa31703445d6a933daa3c","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOrcErQYIMPdLMz9o115:kyWFW1W+fM4fFkBLMz9215","tlshash":"7e34c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","first_seen":"2026-02-19T03:13:10.643204Z","last_seen":"2026-04-15T01:21:42.632515Z","times_seen":11130,"resource_available":true,"data":null}},"time_used":492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/claim-bg.jpg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/claim-bg.jpg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 24728\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: \"69acb01e-6098\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=73whYvFE7gIEUKK26Ref7qSyrqanQWaHAdYKUiF9Cl5W1GRPAtNz9rb5F%2BfNQf1g9QyrrfCeLyS1STNsLAAkU6YNLx2abnMK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9da57d15e9bf96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24728,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 594x241, components 3","md5":"0fac6161ee92e1866ab091b7eea03e54","sha1":"636042fc8eb0fb89d0c09c393848a21ba2972b6e","sha256":"2d8fd666437bb4cbb3db1537c9ceedf9c0f9e114a084c366cb3233bc6af37c83","sha512":"710aaab78572a4622d5708dee788a600dd5d95e89390b2705bcc88e9c6ea09f848299cd91445deba004257ec7d791756f7e320a2587a28a9f2783b90a08bcd77","ssdeep":"768:QRyIeHHOfW6ru/7I9Cdfqw8pl1T4xHnTETDADD:QRyLHOfZHtsBjD","tlshash":"a7b2d5baf28bc3950b03364c8efd7d7353898ad248e5b15f599b2c42e658f6294130bd","first_seen":"2024-12-23T21:37:25.90675Z","last_seen":"2026-03-26T09:59:47.219058Z","times_seen":6,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/69967ba6a3b/languages/en.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:22.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 06 Mar 2026 09:33:33 GMT","end":"Thu, 04 Jun 2026 10:33:27 GMT"},"fingerprint":{"sha1":"F0:6C:DC:32:63:CD:34:E3:15:CD:7F:77:F5:A3:64:E0:9B:36:95:83","sha256":"B6:7F:6E:A3:69:3E:0D:3B:04:3E:8B:65:86:7E:1D:5F:82:84:18:16:8D:AD:72:D5:51:E3:46:BC:BD:CD:BC:38"}}},"request":{"raw":"GET /_s/v4/app/69967ba6a3b/languages/en.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://xpm8.top/\r\nOrigin: https://xpm8.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:22 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 19 Feb 2026 02:56:35 GMT\r\netag: W/\"4662c7c182dfe30065936bfa05f8c773\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9da57d251bd61382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11595,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4662c7c182dfe30065936bfa05f8c773","sha1":"d1f155c335c31be5947ef8ebf82be1eee2782fc2","sha256":"2d2d85dfc80ec4f42d12bea574d59879d269b5c06557cf888367fbfa9036fe47","sha512":"abd2530371ef02602814b0bed360225c0530615c5db002d61511bca5e8cda0d8da2bd288631ee02da5fbf952b31bd4380284dcd56838277b52654f7d13dc6229","ssdeep":"192:wmr65/bLHzPrquLUVid+BCzfF+npqpe9svKGC6KEt1aZwf1E:fCbLHzxUVid+BEfF+np59L3Zwfi","tlshash":"ed323169ce504ea702d29646399f35437624829b1f54342eb78c91ac0f8ec6fa1f77ce","first_seen":"2025-06-18T04:11:24.033166Z","last_seen":"2026-05-13T09:08:09.359411Z","times_seen":49914,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/0x.js","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/0x.js HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\netag: W/\"69acb01e-e5c3\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y0ksXrEDbVG1VIHlLst7E4oWvcj41QdxxiuudVUbNRmqPRDS4YS1Nl4YYn64Yn0vmn%2F0sJvCu4opHFibRb0COrnwL%2FNtlQdl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9da57d13796f96b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58819,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (58819), with no line terminators","md5":"7d4acd04b840bc06246022c4aedeb33c","sha1":"c47c07af75ef1b63be422071799113cb7d484544","sha256":"66688abfe36b64a65debbbd0403af3020052d4c66318a58cb5b025149bac7de0","sha512":"d4827cf0bc816147f6bb86edbc1a52c9a5b91ebc5faa02d7d9026e852088e28f1a0f296c4afe4af80a94e394e4b75837410c47bb887832a03f6a86bf2b53128e","ssdeep":"768:KN9yFcio+wKh9tXjcb4IbDB6IcP8nHfVlkbWVgnC1fAi0YAclqc/gIJg2bTco:IxQ9tTcb4eB0AfVlkbWVgnC1fAi02Dx","tlshash":"e44394d8691ac0d85d9620ede833e409e4a8091bcd6df163a63cddc1b41efa78487d7b","first_seen":"2026-02-18T11:47:00.249562Z","last_seen":"2026-05-01T12:16:36.576886Z","times_seen":25,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xpm8.top/ARB/images/banner-a.svg","fqdn":"xpm8.top","domain":"xpm8.top","tld":"top"},"ip":{"addr":"172.67.131.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xpm8.top/ARB/?claim.coinbase.com","date":"2026-03-10T21:42:19.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xpm8.top","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 22:15:42 GMT","end":"Fri, 05 Jun 2026 22:15:41 GMT"},"fingerprint":{"sha1":"22:E6:61:00:93:AD:2A:CD:00:A7:12:D0:02:0A:2A:34:A5:32:05:AF","sha256":"78:CA:80:75:9F:92:DC:DB:8A:B1:CC:E0:E4:9C:01:4E:A6:92:78:4E:EF:CB:54:43:E6:D1:B5:96:51:3F:1E:88"}}},"request":{"raw":"GET /ARB/images/banner-a.svg HTTP/1.1\r\nHost: xpm8.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xpm8.top/ARB/?claim.coinbase.com\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 10 Mar 2026 21:42:19 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 07 Mar 2026 23:09:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69acb01e-10d5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XbwP7Un18kl4%2B77W6Vv%2FHGNddZ0mNfDICPiRR1X9cvsF6uXyD4ZEWL3MCTfSC0x3xKGDr9VVbGstjzXxmZTVR2sO%2B1llL9DD\"}]}\r\ncf-ray: 9da57d13797396b1-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4309,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ca95ddbfaea67c236bc2766e90e401dd","sha1":"7ce716c10eaa4a977ccb88bfbd12bd7d4d00c851","sha256":"ad35e3c0670b85de607fafcdb89a25cbb39db821a57b8009f18d94afae9c580a","sha512":"ce0a1d596aa8a8394c813fcf2c90dd6afdc1cc43be989e57bd2c1a85389b051e391518927b1a8c86db590d5c85fb6b96ea281f54063ef392c5280ab1f69de8f6","ssdeep":"96:u73gDhuRM6VNfd/xnjV2LtvfuVcqkRDoOrFQEKikK:u73IhuRMaNPjVuxwCRDVR","tlshash":"e19167e9578dd5f1ee05f7f95126a079736320febfaac628c7466d98390141dcd418c0","first_seen":"2024-11-30T11:50:18.30089Z","last_seen":"2026-04-12T12:36:21.512078Z","times_seen":15,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-10","alert":"Sinkholed","trigger":"xpm8.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}