{"report_id":"a56ea134-19f0-467f-88c3-3444f5c49c06","version":6,"status":"done","tags":[],"date":"2026-02-17T09:37:27Z","url":{"schema":"https","addr":"xmrwallet.com/","fqdn":"xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"title":"Best Monero Wallet (XMR) - Send \u0026 Receive Monero Securely","dom":{"size":29083,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (796)","md5":"e43c8cec78b51047be7e5868c121a211","sha1":"7fe9b6cd5e7e913fa75e1d8bc20045f694871867","sha256":"17ea7293d8ea243f1a9d7e8489e48c10e6b8336b9776e351ba956410fdc9e4d2","sha512":"0cfc695fb12c90494d0fdc425a9b6b58b5e08cd4c9841a9822df24be48131b02a1fbaaeca8319658422abafbff29f1f607eb848dc7b1fd237364d79f818ab256","ssdeep":"768:Kv6T6g/3dKOVFzOiZwaC1MFdY05lM+sK3E:C6+g/3dKod3E","tlshash":"38d2a76282d92f32014263e370217bfeb1ab0d21cd26c4b1f3bfe2157ba5d9569271c6","dom_hash":"domhashdf6a610e81ab215f1c1553b8daa625b2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xmrwallet.com/","fqdn":"xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":0,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-24T09:37:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.251.142.228","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-02-15T22:26:20.540622Z","alert_count":0,"request_count":2,"received_data":985,"sent_data":1810,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-02-15T22:26:20.2781Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":675,"comment":"","tags":null,"fingerprints":null},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-02-15T22:34:15.115252Z","alert_count":0,"request_count":1,"received_data":830,"sent_data":919,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.xmrwallet.com","ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2016-08-29","domain_rank":0,"first_seen":"2025-05-26T06:04:36.204347Z","last_seen":"2026-02-15T16:49:34.744355Z","alert_count":54,"request_count":27,"received_data":2169055,"sent_data":15204,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-15T22:20:44.607116Z","alert_count":0,"request_count":2,"received_data":826772,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"xmrwallet.com","ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2016-08-29","domain_rank":1886388,"first_seen":"2025-05-26T06:04:36.201612Z","last_seen":"2025-12-27T02:13:14.30688Z","alert_count":2,"request_count":1,"received_data":28992,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-E3T1T1VKD1\u0026cx=c\u0026gtm=4e62b1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a0ca579c390334d2a72876d353a7f9a","sha1":"3fbb0ad22306a695a3d886c57b0eb18112085c5f","sha256":"35183b64c17e2fd3ddedf69208a2276ab3fe05cce9620d579702274ea0c05582","sha512":"47a6243d8e338ceffc8bc7ee2aec01435a0fcf4559181075110026bcc5aafc1433bce75038c2ffb14cca359b7738ab87ff2512fbaa677f040dcc3fe26475640e","ssdeep":"6144:FNjNMmwzYPrw8UENXCP8gM7SgP14j9VkV4Bo5Ihvz/j6:ljwzYPumyP8S44BIh","tlshash":"f4b40ade73c67422529af478512f01cba9bb24a2b49cc89bb1c9ccf02d7459b4167f78","size":517308,"data":"","first_seen":"2026-02-17T09:37:36.463292Z","last_seen":"2026-02-17T09:37:36.463292Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/js/jquery.js","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"283dcb967092bdaeae46fbf1ab3be69c","sha1":"ee53a4de55df3e05dc16cafb1219282c08e7b991","sha256":"9109f6a7603a9ec956b6584f07291bfca3b084fb042404a8a0cd080eda2fe3a6","sha512":"aaafd101fb4e3df30365705a806cca17e17f22e547b4f196e4013e4f9221211d51f7a4f892583ebff947ad13e49f79f41b280b35ad183f175c97881a9e0159a7","ssdeep":"6144:lH8V82zi3W7LgNbKLzuz828b8R8u8csUokp8CF48mC33QwhsM76m7tOhXb:lH8/aWwBUUllsUokpMvCww7Ohr","tlshash":"e7c41a5fb746333206d321513a8b52ebf23a113c2659c4b859acc06d27b5e7c933b7a9","size":549014,"data":"","first_seen":"2025-05-26T06:04:46.710155Z","last_seen":"2026-02-17T10:11:14.773368Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"76a5f62f269a508bfb1edb248e601ff3","sha1":"6cebb859572629aa9e2808d34fe24cced2d1bc90","sha256":"56c014f2cc365d8ce0b5dcf725c6cc2da6691527f22c36441a04470ad11caf51","sha512":"75caab5bf60ff3f88a07b3498363970a91a8abcb66ae33b889f6b56fe7815f19432e570cdd04a3d925554af47ebc7bf87bd5f592899155ae0cef1d3921bb8284","ssdeep":"","tlshash":"23f086eb45f483405ee600c38ea33102393b60ef198c88911702bb143c0a33faa2eb85","size":587,"data":"","first_seen":"2025-05-26T06:04:46.730755Z","last_seen":"2026-03-10T21:29:00.068599Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b62f6cab7993c1daca83127bc89803e7","sha1":"6e242dbd9a05d565f85da6b1a8422fc1e58b893a","sha256":"6f68706261f62d2444d4c43517e2d80a015a52a29a55fd91d5e37f458670fef4","sha512":"b39b0a2c5b723bb8ceaca9aee386d9f5e3cbb36f95b4374d61b53f17d58d1d99dc96f437cfe5102f67f92eccb5e3f812563cb964b59b1e49e25a862ee7520f01","ssdeep":"","tlshash":"edf0279872286c7d420722465f1f27dde47514d1ef1ce819a470754224e0f511ed8712","size":466,"data":"","first_seen":"2025-05-26T06:04:46.73239Z","last_seen":"2026-03-10T21:29:00.06911Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-06T02:11:10.75227Z","times_seen":773282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"511035f047b0df43cf32ba978554ffd0","sha1":"5ffd5502f7f59020a90df906b7eacb77f1bd2033","sha256":"b77b809fce871aaf7fff40affbca20ebfa4c80d30ea9d2dc078236af7eba3391","sha512":"178a0d2ae9f8ceee12a95d481b4142ec53ea6013e89fbbbb84365a75d85386e6ada46f1bdc73cee9fd83bcea07db7669e4d77c3e86cae8d3c377828e861f1f9f","ssdeep":"","tlshash":"f9d08c88210b0c71a3b72b014b7fe601b006221394948d227e1e63044f20e13db94844","size":235,"data":"","first_seen":"2025-05-26T06:04:46.733286Z","last_seen":"2026-02-17T10:11:14.798046Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/js/scripts.min.js","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6c06e89e82a8a7bdfc00996a7674848","sha1":"7a9fd7c34f36dc4c225636673540040f0d3f5ad9","sha256":"d662c3adafb0f4f250360d76b4a47b8677b1d115fee9ec93e7923039d8e1de48","sha512":"fa120c9930aa10a319ba2afadf6c4cb34fe19d3935294bb8c0cd3577329ee09cf330e97a9b700c93b43c2d67a7eef4f8ead3b84a241d63d062a8c5643d515bdd","ssdeep":"3072:lHZ6nNJiRTBCzvyMwjn0SpADH79cVONlqqMb8:5Z6nNcpeyMwjn0SpADH79cVONlqqMw","tlshash":"57d3188db36472a151e7225a539ed10263b65845b80ac4a470768cd7acbde8c03bfffd","size":141097,"data":"","first_seen":"2025-05-26T06:04:46.716427Z","last_seen":"2026-03-10T21:29:00.054828Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-116766241-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"96edf3a54818a77965c85751b3b3cec0","sha1":"533a0695e4492550b41d2edcd2508a3bc2dbf3c9","sha256":"e3c040ee77ffd7a1b5ce09db8afda2dc9abe17e48c58b1cf3562da5d406d298e","sha512":"48c8cfa14a642225bf31028e70f9155502d69c09af40210d818bf8c6abb71ba05afb5a757d03f01a9c0503632285efbc8b48c959724b1340f77805f033280432","ssdeep":"6144:7jNMmwbPpw8wENN8gMuSUP14j9Vk74BiqJ9R:FjwbPgmN8Bo4B7JP","tlshash":"746409ccb7d6742243a36478503f014bb23bb992f88cd894e182d9d52d74a6a8277f7d","size":308276,"data":"","first_seen":"2026-02-17T09:37:36.479129Z","last_seen":"2026-02-17T09:37:36.479129Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/sandbox%20eval%20code","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-06T02:11:10.749978Z","times_seen":774837,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-E3T1T1VKD1\u0026cid=337931767.1771321026\u0026gtm=45je62b1v890248536za20g\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026z=1925574486","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:06.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:42:50 GMT","end":"Mon, 20 Apr 2026 08:42:49 GMT"},"fingerprint":{"sha1":"1B:52:CE:89:03:62:4F:AF:E2:27:67:BF:5D:4C:26:69:62:2F:CF:D7","sha256":"B5:62:46:DD:3C:45:AD:7C:35:47:3A:5D:33:64:4D:A0:BE:AE:19:C5:90:54:09:7F:5E:13:4A:E5:00:8B:5F:20"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-E3T1T1VKD1\u0026cid=337931767.1771321026\u0026gtm=45je62b1v890248536za20g\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026z=1925574486 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Tue, 17 Feb 2026 09:37:06 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T02:11:37.198965Z","times_seen":770125,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":87,"dns":1,"connect":14,"send":0,"wait":34,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-E3T1T1VKD1\u0026gtm=45je62b1v890248536za20g\u0026_p=1771321025669\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=337931767.1771321026\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAIAGA\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026sid=1771321026\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=2065","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:06.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"60:64:B6:72:E4:67:A4:EC:78:B2:F2:B8:3E:17:7A:A6:A8:CE:74:4C","sha256":"3E:71:C0:44:31:9B:1A:8A:23:FF:D9:4F:B9:3F:89:6D:7C:66:33:BE:14:26:CB:01:F2:79:BB:FE:F3:3A:71:98"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-E3T1T1VKD1\u0026gtm=45je62b1v890248536za20g\u0026_p=1771321025669\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=337931767.1771321026\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAIAGA\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026sid=1771321026\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=2065 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: null\r\ndate: Tue, 17 Feb 2026 09:37:06 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:171:0\r\nreport-to: {\"group\":\"ascnsrsggc:171:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":33,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/main-bg.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/main-bg.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=IM2Lx5dzlmVfKuku; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:14 GMT\r\netag: \"27bc0-5fd8cd88e3380\"\r\naccept-ranges: bytes\r\ncontent-length: 162752\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":162752,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5400x3600, components 3","md5":"f2dc5954242b8216e4f666e56e13442b","sha1":"62a572a7a9596713dfdf736dcad0a8b054a11ef4","sha256":"e9248abdcdbce1a575f0110f42e440a462e606c2980b2bf5c0ca2e75c9e7eb52","sha512":"48f8c33d5861f3188bd90058465d670b656bdeab61010b2460e14004dea204e701ff0a855671dab8bdb22d8f11182f13aaa387aa581c5e194f2797bb69c0b9c7","ssdeep":"3072:y+wRC4pwkEw7ryCys0ZvYbrTv4V1vdxMgH1IE4zNEfRVDCdORjQGJ:yfgIEf/6bI5Ay1IpNEfX7lz","tlshash":"66f3bf77dba2ab57d39c2330868b07303b37c968839a4a074a695f71b1947d8fd7b142","first_seen":"2025-05-26T06:04:46.711018Z","last_seen":"2026-03-10T21:29:00.059791Z","times_seen":53,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":330,"receive":311,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-7.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-7.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=wSDqgzuIIvNRgu1Y; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:04 GMT\r\netag: \"c48-5fd8cd7f59d00\"\r\naccept-ranges: bytes\r\ncontent-length: 3144\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":3144,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"931a91a28ee2a8254154843aa1f0f855","sha1":"bfe66874d2c83dda00e7aa373192d3a3c1bb027e","sha256":"ab9226498b999eae84e141cce8aaad49a943fd282f94593828b5e9c43df0de82","sha512":"fdeb255495ac4324c53e94ddc1be78e5caea69fdf969ceb647dffd4eab0f01dd2c29bba6f38915f0012c83fc28163cbb09545a474eacddf033d8272fb948299b","ssdeep":"","tlshash":"445175e692a8faecb886923ddb67e161231d60b6b162dc4d5c4f4f5c9407bc1fa03530","first_seen":"2025-05-26T06:04:46.729341Z","last_seen":"2026-03-10T21:29:00.058242Z","times_seen":53,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":311,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/fonts/Inter-Black.woff2","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /fonts/Inter-Black.woff2 HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.com/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=cGQ9onyBN16ZTT2w; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:20 GMT\r\netag: \"19dc0-5cd117be07900\"\r\naccept-ranges: bytes\r\ncontent-length: 105920\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":105920,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105920, version 1.0","md5":"e0435a12e8f7002db1aa83f0f30d6a7e","sha1":"d92ed6e383e5b5b1d06ec5ae5d18b54968edacec","sha256":"eec0ae4bb52981a6ca92d58df2a6c7d9cc64f08ffbad2e1dbc3740e8a8a026f7","sha512":"9b1cbd44026819ae5a33ec19c5a565d32c187750576269b24ebaa0cc1a022984009883c96fdfc2d1d3b9aea3bd671dc8f51f5cbab462f5e06508dc1ab4881d7d","ssdeep":"3072:7S8mjOB4T8LcrTbghB6V8sSjFs2LdEyKua1t0gbBYG:tB0Zbghi+CmEyKH","tlshash":"94a31239154c66b7d91fdc343a65f908f2247a22d302ebd7ceb7482a27f82473741a96","first_seen":"2023-05-23T08:48:37Z","last_seen":"2026-03-24T14:05:37.753182Z","times_seen":92,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/bg-2.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/bg-2.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=yEcPNjTH7UUwOsmt; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:12 GMT\r\netag: \"1301b-5fd8cd86faf00\"\r\naccept-ranges: bytes\r\ncontent-length: 77851\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":77851,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3000x3000, components 3","md5":"7d405c84c057b3cd9b1126f7bd1e81ce","sha1":"fb9dcc59737fcd04933e0f466e8d781cee088763","sha256":"c27edc9fff36d2995489f7baa21e2abecea314580b2fa63490fe9d8d251ef09c","sha512":"a0753fe08f990ee0f695b3e95dd06c4060ae51f874612638ffe0a43d6f74f13c28947f25fc1266a1b428d11354d9293c011ee3741fe2e315390f3bd7703a2009","ssdeep":"1536:Fnd45mDUF/SGQBv321l3nu9QFxTNKbV+sV/5HewuTwoPmv:FnxURo8l3IGxoR+OtewJv","tlshash":"4673b07a4bf25e7ec38c0f30eb4727302913cc61675b518b096b4e66b5d07e8ae7a251","first_seen":"2025-05-26T06:04:46.712778Z","last_seen":"2026-03-10T21:29:00.06409Z","times_seen":53,"resource_available":false,"data":null}},"time_used":466,"timings":{"blocked":258,"dns":0,"connect":0,"send":0,"wait":66,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/favicon.ico","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:06.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=ivhmO6AmeEvPIxrt; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=rYeIR4aPtkDScC2W; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:06 GMT\n__ddg10_=1771321026; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:06 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:06 GMT\r\nlast-modified: Thu, 12 Jul 2018 15:41:10 GMT\r\netag: \"47e-570cf313a5180\"\r\naccept-ranges: bytes\r\ncontent-length: 1150\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/vnd.microsoft.icon\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"80b0a659516f5460db2590fe2cf2a85a","sha1":"f8f686a9ee57b657e3e97cf26ed6f3366304a873","sha256":"2c63a044d1eb522df9d5934220a76e391961baaf6b6437827fac498d2c1b9b6e","sha512":"0e08dd9fcfcdeae78f69d0d3c0da08ec061f48b15e9468d79043943bcb23c35e2c6a5e460f3115841a88dc015c03a5488f04cc708270666bf5f24b5bd810bd81","ssdeep":"","tlshash":"35217d5f95d94d0dd294a63d50ef230860b4d306eac31743d1d67426a3b67888c6262e","first_seen":"2025-05-26T06:04:46.708322Z","last_seen":"2026-03-10T21:29:00.062384Z","times_seen":42,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/css/main.min.css","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /css/main.min.css HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=7RUARdwxDxZKxZnf; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Fri, 12 Jan 2024 16:59:28 GMT\r\netag: \"e824-60ec29647dc00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 11571\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59428,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58039), with CRLF line terminators","md5":"46f286b6ac0e262df617b3855df75f41","sha1":"d4f8e9361fb2cc3b8b4cff9a73a6ba561ae0d535","sha256":"23de2aa46f984a54d3029b240447ab85ecebe68ab00048f5dceb10c7fb0b6094","sha512":"acbcafa4c5251981645381a1d272141c3b44d38c019a7c6bfd295b71e881059b5b4478c8063d3488e42b24f787fe63e54815c9f6f3c1d5678cba0b290ab59b46","ssdeep":"768:Cbb6s7SEL8m/f+ifi5oAJmXA8zHwZ3D7hsrj0WNBs3/W5:+6uS4VDfi5ohXpQZHhEjq6","tlshash":"ef43d8371600332cb13bcf659bd416a99634c823a2130bfef691bd65c7eb6a5017a74e","first_seen":"2025-05-26T06:04:46.725451Z","last_seen":"2026-02-17T10:11:14.79088Z","times_seen":21,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/fonts/Inter-Regular.woff2","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /fonts/Inter-Regular.woff2 HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.com/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=wiNhtbROQPsRy9Jz; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:22 GMT\r\netag: \"18618-5cd117bfefd80\"\r\naccept-ranges: bytes\r\ncontent-length: 99864\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":99864,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 99864, version 1.0","md5":"24a88db8dcb2ace5ed6efdc866dd03f5","sha1":"ef868b77f19fe390d938740bf0af834967e28e4e","sha256":"413a527c0ed1833fea654b2bb065bda9ebe46bc1f585cf2d481f8a79dbc51610","sha512":"87926cdb2d70150b65ddcb422f21ef04d8f4c897115438a6f570c3022f101a9e7affed780663548153c8aa0f2d11614557ed2a6af219e17ee16525bfc2637e61","ssdeep":"1536:rRxbPen3CMDtqnb2+M8f5JtdkhqZNYoPTSIDq8NtChKIyKq/Xrf7DrtmCE4Fiw8t:9xzenSMi2H84oPTTNAoeeXrf/pma8rJ","tlshash":"7fa312457744efdcd5be8737eb53f73db22aab1aa43632c09d15132a9b6882453c490c","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-05T23:41:12.953682Z","times_seen":434,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":66,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/fonts/Inter-Bold.woff2","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /fonts/Inter-Bold.woff2 HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.com/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=6wUzqUA2TZtozwlw; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:20 GMT\r\netag: \"1a15c-5cd117be07900\"\r\naccept-ranges: bytes\r\ncontent-length: 106844\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":106844,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106844, version 1.0","md5":"9aa03c46fbe41e25c51289a3e78e9454","sha1":"9739b96f20de3e9fa4032545fe6b2e021299aff3","sha256":"01191e5d895aab8717f1aa2424b83f29b06735a8f61a67add5b107434d0e7187","sha512":"1de1b749fa89591bd3d61c96738f313a1b1a546890334b50e225f207c07b7352ddee59637ff9f3e4bc51f7023c6baeeb8f6ecb3c4fcc37a44635d30abfa44644","ssdeep":"1536:H97PTz0LyHhs2SxUZi1lRrjNcXwpysPtbSsBfX/5eB4gwcp7wawAW2m0Y5vxtzTl:dngJvyRsPtb1fvoRp7wa3W2m7V9o6lIu","tlshash":"0ba31235c683cc81fd45387d1237730b446b85badc16eb2e84131582dbadae5aee670b","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-05T23:41:12.951619Z","times_seen":316,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":67,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HdRtDQ3lfB5obT0o; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=RuVqbQKEQA8Zvzdb; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6764\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (796), with CRLF, LF line terminators","md5":"3ff909f0a4fcb88e1d767d9f6f700158","sha1":"b4a87d6b0aebad42b499701e29b8be545dd00ba1","sha256":"8ebe758d4f6a596e81031a2abfddd66ec2aa9dcb06c2bccbfd1b825ae51d90e9","sha512":"ea9bd74eef43d4026b04faf1264f5662effaf0d6aa235ecebd73031f1327dbbeb5f91cf895408f6673ba20a163158cc998202a44c0f9aef9c6e6df1d2f0adb0c","ssdeep":"768:tH6lWQL60KOuZ8T2tkuQ3GXTuMD6W/HIc:Z6QQL60Kb/Ic","tlshash":"d5d2846292c82f32025263d2702177fef1ab4921cd66d4b1f3bfe2127ba5d9469371c6","first_seen":"2025-12-27T02:13:22.986383Z","last_seen":"2026-02-17T09:37:36.462376Z","times_seen":8,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-E3T1T1VKD1\u0026cx=c\u0026gtm=4e62b1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"60:64:B6:72:E4:67:A4:EC:78:B2:F2:B8:3E:17:7A:A6:A8:CE:74:4C","sha256":"3E:71:C0:44:31:9B:1A:8A:23:FF:D9:4F:B9:3F:89:6D:7C:66:33:BE:14:26:CB:01:F2:79:BB:FE:F3:3A:71:98"}}},"request":{"raw":"GET /gtag/js?id=G-E3T1T1VKD1\u0026cx=c\u0026gtm=4e62b1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nexpires: Tue, 17 Feb 2026 09:37:05 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165343\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":517308,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"0a0ca579c390334d2a72876d353a7f9a","sha1":"3fbb0ad22306a695a3d886c57b0eb18112085c5f","sha256":"35183b64c17e2fd3ddedf69208a2276ab3fe05cce9620d579702274ea0c05582","sha512":"47a6243d8e338ceffc8bc7ee2aec01435a0fcf4559181075110026bcc5aafc1433bce75038c2ffb14cca359b7738ab87ff2512fbaa677f040dcc3fe26475640e","ssdeep":"6144:FNjNMmwzYPrw8UENXCP8gM7SgP14j9VkV4Bo5Ihvz/j6:ljwzYPumyP8S44BIh","tlshash":"f4b40ade73c67422529af478512f01cba9bb24a2b49cc89bb1c9ccf02d7459b4167f78","first_seen":"2026-02-17T09:37:36.463292Z","last_seen":"2026-02-17T09:37:36.463292Z","times_seen":1,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-17T09:37:04.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=gPHkx3ucrhzarUrn; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=BMeIXCieLpvFOJfs; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\n__ddg10_=1771321024; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:04 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6764\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (796), with CRLF, LF line terminators","md5":"3ff909f0a4fcb88e1d767d9f6f700158","sha1":"b4a87d6b0aebad42b499701e29b8be545dd00ba1","sha256":"8ebe758d4f6a596e81031a2abfddd66ec2aa9dcb06c2bccbfd1b825ae51d90e9","sha512":"ea9bd74eef43d4026b04faf1264f5662effaf0d6aa235ecebd73031f1327dbbeb5f91cf895408f6673ba20a163158cc998202a44c0f9aef9c6e6df1d2f0adb0c","ssdeep":"768:tH6lWQL60KOuZ8T2tkuQ3GXTuMD6W/HIc:Z6QQL60Kb/Ic","tlshash":"d5d2846292c82f32025263d2702177fef1ab4921cd66d4b1f3bfe2127ba5d9469371c6","first_seen":"2025-12-27T02:13:22.986383Z","last_seen":"2026-02-17T09:37:36.462376Z","times_seen":8,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-3.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-3.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=p4H4OXLAdqqr0iF4; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:02 GMT\r\netag: \"18bd-5fd8cd7d71880\"\r\naccept-ranges: bytes\r\ncontent-length: 6333\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"20d7c60ff3a7d518b53322afd7532b8e","sha1":"8f323bd27da6fe14984d51124890acc8cde0bf9e","sha256":"859eb46de6abdfc0566e306f934cc7d53ce2124aa0935cfa6bd8daa864574d81","sha512":"e961247cf1034b492eff7fcc8b156ff57c6373bd56ed9b74e4616f668d66ed5f3a4011acfb9b7a7426be3dd3033dd00567d99027713c9db2bed407dd547ac75b","ssdeep":"96:WY6Hht3QSsD0kPxk4+TEciCVXS/d7uWrArfWqVK4QmO8LwGSM1SmeHtEMcsOFW:j6Bt3k4BXS/gWrWL1FO8Lwm1SDfcrg","tlshash":"49d130f5975ca6dda8cfea1ddf22c4a8230f64b6f46786c88c5e87b59007a81fb17410","first_seen":"2025-05-26T06:04:46.727487Z","last_seen":"2026-03-10T21:29:00.067642Z","times_seen":53,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/fonts/Inter-SemiBold.woff2","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /fonts/Inter-SemiBold.woff2 HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.com/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=5uCGjRypfA4lh3HT; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:24 GMT\r\netag: \"19eb8-5cd117c1d8200\"\r\naccept-ranges: bytes\r\ncontent-length: 106168\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106168, version 1.0","md5":"696df71a855c273da7f4df3f1e7c746f","sha1":"d539f97171c8e2d189f07a216b0d14d5468aac61","sha256":"07d609457ea2e93be9e7b5dd8e9a9a156d2e80144bcd94cf0adf05c553da053b","sha512":"438310edd8e7e9482806d1cb7a0069ef3e61653e9f216ddfb86cbbbf071271af5c4f0f60ab5b782ca6ef00a8d499bde4670783db37f5d8cb06af70e26dd1cc2f","ssdeep":"3072:HtKolW2ERaWRCe4qlaY4nydQKMnbAiCRVFr:HtKolW2iCe4EAFKMnbAiCRn","tlshash":"91a312ecd619c3beca274a3e86df277b0111b3678708964ac6d69f8452f33b8441d4a7","first_seen":"2023-05-07T22:36:59Z","last_seen":"2026-04-05T23:41:12.987395Z","times_seen":252,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":98,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/logo.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/logo.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Hk0lma0lq1QIdxCX; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:46 GMT\r\netag: \"8bf-5fd8cd6e2f480\"\r\naccept-ranges: bytes\r\ncontent-length: 2239\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2239,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95bdfdf5418cf1395b3a9bf0d31ad20e","sha1":"b025ab1dd42a32b3adaea6fad05c2ed0553521e6","sha256":"15e72fdb916883d853277aa3739c37ceea6b07f5daf89ceae59bc5a254b0da1a","sha512":"99cc491b2cf78c88ad891daf91d5e68a3e94e5941130e0361a2b24888eefc6cc5b1eace6fe08e41827ea592688bea21f7549abe97131834b5507cdafb84e5517","ssdeep":"","tlshash":"734160f4a3a0a0cd09a30874fb7a19ca573d68fab00048ccadae545935e7b93e44bb41","first_seen":"2025-05-26T06:04:46.726526Z","last_seen":"2026-03-10T21:29:00.053823Z","times_seen":53,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/main-bg-mob-min.png","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/main-bg-mob-min.png HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=xGTmBM0R3aXVFyRt; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:18 GMT\r\netag: \"4ca0d-5fd8cd8cb3c80\"\r\naccept-ranges: bytes\r\ncontent-length: 313869\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":313869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1537 x 1025, 8-bit colormap, non-interlaced","md5":"881adc56fe142da9cf25fa73a0a4700e","sha1":"6c14d018a613d0f2aedb2581116bad3607327d50","sha256":"cc94edd838df4adc55ce2633c00a9fcbcc870200650df140329f4f1fd0c49414","sha512":"904bcc8c61dd6d1db992d88ada1c3f6e7d8b0664b41cc5b437fe652b47cce164e539fc76389579785958a77ca9959215aa9993215eae40ec7a3fef57a7fa875e","ssdeep":"6144:7LfpgcHSJRT7mc3oU+56l+4uSWnDpY01+MnE7vP3Lny58D0oWQ:7rtSJRvmc3a6o4oH+Mn0vfuc","tlshash":"b7642363f014c331e52d9b56263fc594b2b8e3b0c261fd20ebab1a9a6d49dd2c90075b","first_seen":"2025-05-26T06:04:46.722334Z","last_seen":"2026-03-10T21:29:00.067127Z","times_seen":42,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":249,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-1.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-1.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=9wmVIrIZYHkvB7Eq; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:10 GMT\r\netag: \"167e-5fd8cd8512a80\"\r\naccept-ranges: bytes\r\ncontent-length: 5758\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe25036dd4b136fd06e95c704769d560","sha1":"745f4cefdb320b27c4d151e3e72d36d14748e795","sha256":"9d39530709b9e8614f396330a965280adba383beede90bab89fd5edc4c6bbcd9","sha512":"3f1b4188d83a6e837f2915ecbc48c44523c557cdc9ced04bf1409c210006f30dcc6bc6386a74c0d798fe31dfce2b0ca4cb3a06756313ec4c14898972bdb106c7","ssdeep":"96:/N3Wt6EEEuzixIDlcKdCuaAyGaUheCob15P5v6P5Kmg+4r9gQnjCWDlVObW:FmUixKlXtTaUKi5Q12K","tlshash":"39c131f5576c939ca087a2adff27e8a1130fa0b5386ac1cc5d9fc7a4904b981fb17840","first_seen":"2025-05-26T06:04:46.711969Z","last_seen":"2026-03-10T21:29:00.063567Z","times_seen":53,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/fonts/Inter-Medium.woff2","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /fonts/Inter-Medium.woff2 HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.xmrwallet.com/css/main.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=zZkC5OfZddcFXlpX; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 28 Sep 2021 17:24:22 GMT\r\netag: \"19e7c-5cd117bfefd80\"\r\naccept-ranges: bytes\r\ncontent-length: 106108\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":106108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 106108, version 1.0","md5":"eea97ded621cd8a18067c7243b19ceea","sha1":"d88b0b7a77cbb6ea033f692c05d5855a7be7d0ea","sha256":"d6e2531976fa618cede5863027366e4011760b0610d7136a8f7d7ed149c26348","sha512":"3ae400bb27c8db14d060ff83506d70b90de06612bf40ede0c7fbe1d4b302fabeeecee8d85c886b37b7aca06d4b7daeae473c8b542faa98083036de7fd3506c72","ssdeep":"3072:goH303tZuta/VoRorlduZwOLYGhLDSCWTXUP:gcAnsCVoRGlGwwPxx","tlshash":"8fa3123cb10d4bb3cdd99b3aba1735b5a0891a04774f24f6c14ca73662ad9e0b40bd5e","first_seen":"2023-04-10T16:29:48Z","last_seen":"2026-04-05T23:41:12.967369Z","times_seen":313,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xmrwallet.com/","fqdn":"xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-17T09:37:04.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=gPHkx3ucrhzarUrn; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\n__ddg10_=1771321024; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:04 GMT\n__ddg1_=neaN8EhTfZp9MyrhsCgg; Domain=.xmrwallet.com; HttpOnly; Path=/; Expires=Wed, 17-Feb-2027 09:37:04 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:04 GMT\r\nlocation: https://www.xmrwallet.com/\r\ncontent-length: 314\r\ncontent-type: text/html; charset=iso-8859-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":483,"timings":{"blocked":131,"dns":68,"connect":19,"send":0,"wait":217,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/blog/exploring_best_monero_wallets_s.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/blog/exploring_best_monero_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=3ONgnefR9Fo5IjAG; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlocation: https://www.xmrwallet.com/\r\ncontent-length: 294\r\ncontent-type: text/html; charset=iso-8859-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/blog/manage_multiple_monero_wallets_s.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/blog/manage_multiple_monero_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=HdRtDQ3lfB5obT0o; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Mon, 31 Jul 2023 14:11:36 GMT\r\netag: \"13662-601c902207600\"\r\naccept-ranges: bytes\r\ncontent-length: 79458\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79458,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=474, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=948], baseline, precision 8, 600x300, components 3","md5":"4207847cc955e497e48907df41ebe084","sha1":"77e6d4b20604062458ae19c00d46283f7ee4cc75","sha256":"a7ba66a7f394dda8d9869d11f046cd0c4dfcb655900e5aeae4b4640eb8d859a4","sha512":"915be91fb466a65d0d6cb1abb44955c6a6e4af1b7532f1c13e12c5a573857dcf9f32136a45c22e011fb9bba32e392fb6f9a5639f77478bc5fd0b8440525f19e4","ssdeep":"1536:GK9lGtkMkq03KN03pPmRV7mJqASj458ks34At+zUx2dC/lj+a0h:PdrdKNWKUsFoArJjqh","tlshash":"8e73f10d9796ac14eae605f694d0d6096b1fbca65e63716a3e9c39143b20bf04c6cb0b","first_seen":"2025-05-26T06:04:46.717446Z","last_seen":"2026-03-10T21:29:00.055447Z","times_seen":52,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":70,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1206892490.1771321026\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026auid=996811679.1771321026\u0026navt=n\u0026npa=1\u0026gtm=45je62b1v890248536za20gxec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-969496682\u0026tid=AW-969496682\u0026tft=1771321026283\u0026tfd=2097","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.142.228","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:06.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:39:05 GMT","end":"Mon, 13 Apr 2026 08:39:04 GMT"},"fingerprint":{"sha1":"AC:37:C7:AF:75:CB:27:69:D4:EC:B6:A6:68:E1:51:4A:A3:99:78:B0","sha256":"63:86:A6:69:FF:ED:40:2B:88:13:6E:3E:4F:01:08:AB:8D:96:19:72:D3:22:DD:14:05:79:8E:5D:58:1F:0D:39"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1206892490.1771321026\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026auid=996811679.1771321026\u0026navt=n\u0026npa=1\u0026gtm=45je62b1v890248536za20gxec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-969496682\u0026tid=AW-969496682\u0026tft=1771321026283\u0026tfd=2097 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 17 Feb 2026 09:37:06 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: null\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":349,"timings":{"blocked":158,"dns":0,"connect":21,"send":0,"wait":32,"receive":0,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1206892490.1771321026\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026auid=996811679.1771321026\u0026navt=n\u0026npa=1\u0026gtm=45je62b1v890248536za20gxec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-969496682\u0026tid=AW-969496682\u0026tft=1771321026283\u0026tfd=2097\u0026img=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.142.228","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:06.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 08:39:05 GMT","end":"Mon, 13 Apr 2026 08:39:04 GMT"},"fingerprint":{"sha1":"AC:37:C7:AF:75:CB:27:69:D4:EC:B6:A6:68:E1:51:4A:A3:99:78:B0","sha256":"63:86:A6:69:FF:ED:40:2B:88:13:6E:3E:4F:01:08:AB:8D:96:19:72:D3:22:DD:14:05:79:8E:5D:58:1F:0D:39"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fwww.xmrwallet.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1206892490.1771321026\u0026dt=Best%20Monero%20Wallet%20(XMR)%20-%20Send%20%26%20Receive%20Monero%20Securely\u0026auid=996811679.1771321026\u0026navt=n\u0026npa=1\u0026gtm=45je62b1v890248536za20gxec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116988316~117447493\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-969496682\u0026tid=AW-969496682\u0026tft=1771321026283\u0026tfd=2097\u0026img=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/plain\r\ndate: Tue, 17 Feb 2026 09:37:06 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/js/jquery.js","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /js/jquery.js HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Z2ziIxJXsesntDnA; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Tue, 12 Oct 2021 12:42:20 GMT\r\netag: \"86096-5ce272d250300-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":549014,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62413), with no line terminators","md5":"283dcb967092bdaeae46fbf1ab3be69c","sha1":"ee53a4de55df3e05dc16cafb1219282c08e7b991","sha256":"9109f6a7603a9ec956b6584f07291bfca3b084fb042404a8a0cd080eda2fe3a6","sha512":"aaafd101fb4e3df30365705a806cca17e17f22e547b4f196e4013e4f9221211d51f7a4f892583ebff947ad13e49f79f41b280b35ad183f175c97881a9e0159a7","ssdeep":"6144:lH8V82zi3W7LgNbKLzuz828b8R8u8csUokp8CF48mC33QwhsM76m7tOhXb:lH8/aWwBUUllsUokpMvCww7Ohr","tlshash":"e7c41a5fb746333206d321513a8b52ebf23a113c2659c4b859acc06d27b5e7c933b7a9","first_seen":"2025-05-26T06:04:46.710155Z","last_seen":"2026-02-17T10:11:14.773368Z","times_seen":22,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-2.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-2.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Nyb3WqXkQEPkTMBN; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:56 GMT\r\netag: \"12b3-5fd8cd77b8b00\"\r\naccept-ranges: bytes\r\ncontent-length: 4787\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4787,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"09a0223623d4ee4816d623a93770f296","sha1":"af53226be27f48a2bbab966c326ea391f0e8f653","sha256":"08b546948de3d545112d01e3f672187b72b0903eca3ea62827bc1f406beef132","sha512":"3e59723736e28bc63e973d00c6123713c0e97e7670a7bda4587f3f84adbc09ca51f7f0c5288e8b440ede2bac5f591b061d449a724e1267b238f075d56805f169","ssdeep":"96:z3UvtOs8Pp67ZsTBNvRlXVStc6vP2USTY8a7LziuYYvbvOjrW:wvf7uzLaDbXij6","tlshash":"63a162f982bca2dd4487a729ef31d4a5232ea0fab157c5c48d9f93748053d84fb27840","first_seen":"2025-05-26T06:04:46.715407Z","last_seen":"2026-03-10T21:29:00.057233Z","times_seen":53,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-4.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-4.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=HkZpGNN2WBhac37h; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:10 GMT\r\netag: \"14af-5fd8cd8512a80\"\r\naccept-ranges: bytes\r\ncontent-length: 5295\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":5295,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d4be919a7101a53da0671b651d88339","sha1":"511e4dc53c757a67c1b994a061768bce6d992d20","sha256":"9fd2a9ad8f3df4e00ea67a63182eddaf84f1c18f95c6dc5b7efc3b4244b39622","sha512":"5e1192f294a0b98bcd2ca99a46dbcd25542df7d5dac411a49791bddcf30aca6df9d021e262241d823756a66eeaeb38e49acbd60985f65c4dfd11c1614b7eaab4","ssdeep":"96:uQRUSUuWgsRRHmEVonUA5giJJoYTD44yFPmwtiXceTgIWhhjcOyW:9OSURg4OIPYnitiX7g/P7p","tlshash":"fbb184f4522c539d98c7d52def23d9a0530f60bab98681c58ecf87a8a40b6c1fa03854","first_seen":"2025-05-26T06:04:46.728393Z","last_seen":"2026-03-10T21:29:00.068142Z","times_seen":53,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":199,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/js/scripts.min.js","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /js/scripts.min.js HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=HIqeGOIYSI1dxuk8; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 03 Nov 2021 15:41:20 GMT\r\netag: \"22729-5cfe43dcea800-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 37276\r\ncontent-type: text/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":141097,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"a6c06e89e82a8a7bdfc00996a7674848","sha1":"7a9fd7c34f36dc4c225636673540040f0d3f5ad9","sha256":"d662c3adafb0f4f250360d76b4a47b8677b1d115fee9ec93e7923039d8e1de48","sha512":"fa120c9930aa10a319ba2afadf6c4cb34fe19d3935294bb8c0cd3577329ee09cf330e97a9b700c93b43c2d67a7eef4f8ead3b84a241d63d062a8c5643d515bdd","ssdeep":"3072:lHZ6nNJiRTBCzvyMwjn0SpADH79cVONlqqMb8:5Z6nNcpeyMwjn0SpADH79cVONlqqMw","tlshash":"57d3188db36472a151e7225a539ed10263b65845b80ac4a470768cd7acbde8c03bfffd","first_seen":"2025-05-26T06:04:46.716427Z","last_seen":"2026-03-10T21:29:00.054828Z","times_seen":53,"resource_available":true,"data":null}},"time_used":488,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":100,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/blog/smart_practices_using_web_wallets_s.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/blog/smart_practices_using_web_wallets_s.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HIqeGOIYSI1dxuk8; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=QwrenIOr8pLAceZ0; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlocation: https://www.xmrwallet.com/\r\ncontent-length: 294\r\ncontent-type: text/html; charset=iso-8859-1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T02:11:38.042536Z","times_seen":13401709,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=RuVqbQKEQA8Zvzdb; __ddg10_=1771321025; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=ivhmO6AmeEvPIxrt; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nx-powered-by: PHP/8.2.29\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-length: 6764\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":28328,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (796), with CRLF, LF line terminators","md5":"3ff909f0a4fcb88e1d767d9f6f700158","sha1":"b4a87d6b0aebad42b499701e29b8be545dd00ba1","sha256":"8ebe758d4f6a596e81031a2abfddd66ec2aa9dcb06c2bccbfd1b825ae51d90e9","sha512":"ea9bd74eef43d4026b04faf1264f5662effaf0d6aa235ecebd73031f1327dbbeb5f91cf895408f6673ba20a163158cc998202a44c0f9aef9c6e6df1d2f0adb0c","ssdeep":"768:tH6lWQL60KOuZ8T2tkuQ3GXTuMD6W/HIc:Z6QQL60Kb/Ic","tlshash":"d5d2846292c82f32025263d2702177fef1ab4921cd66d4b1f3bfe2127ba5d9469371c6","first_seen":"2025-12-27T02:13:22.986383Z","last_seen":"2026-02-17T09:37:36.462376Z","times_seen":8,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/bg-3.jpg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/bg-3.jpg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=hKLp8lTbNqmbFbQm; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:00 GMT\r\netag: \"e5c2-5fd8cd7b89400\"\r\naccept-ranges: bytes\r\ncontent-length: 58818\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":58818,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3076x4146, components 3","md5":"22793d4658b47ad97d9f7b826f06bc22","sha1":"06621b6455b956d83e253c4dd70e963419bb3c2a","sha256":"a4f78aea3aac7159cb7ae772a4e464ccd777a5d31ebbad52a4216e9b1cd616de","sha512":"2b7271cca70dd76edc0e99030063692fd5f25180fee4e7d046fc40abd29d9fd8954ee68a3e5f8e0ee1e3a1e125cd42fbd3be99b6926927630d8d24f6a6fffe1a","ssdeep":"768:Lqds10HdXSpwiUWAEwSyDOfboiLukVQ45QZ915iQdp:uG16dCuiUW1yDOU075IoYp","tlshash":"00432973eb8592a3c5ac173094db23283f264da1c74c5a0397991d33f9f67a8fd2a152","first_seen":"2025-05-26T06:04:46.705605Z","last_seen":"2026-03-10T21:29:00.059294Z","times_seen":53,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-5.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-5.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=TesWqdb0e3nY0A5g; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:43:58 GMT\r\netag: \"13a3-5fd8cd79a0f80\"\r\naccept-ranges: bytes\r\ncontent-length: 5027\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":5027,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"94fabc3ca067f88cb391a5ff5aa99679","sha1":"580c51d480cc29b7bc13b2a8dd6a5f0d3e75821a","sha256":"98f125506abf1d8f277a3e365a5efef067caba4cca844f0cf4db75f6a1e0b3d2","sha512":"37e55e532e95f3aba4d7947da6a1e6a398f45fbb55783a9e14ffe7e8cb46b7fe00995f2db6e5e4c1e62b7dc62e078e7cf1914a62d4866f4078ac29bf05f86187","ssdeep":"96:WxEFiLlOhYEyEk3KgVrbCPL3bGhAqGsGEQUOGW:tFiLlOfw3Ki/CD3bCGLDN","tlshash":"7ea182f4a778f38c55d3b81deb31f924530e64b9b49bc4894d9f8368904b985fb6b810","first_seen":"2025-05-26T06:04:46.713707Z","last_seen":"2026-03-10T21:29:00.057753Z","times_seen":53,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.xmrwallet.com/img/ico-6.svg","fqdn":"www.xmrwallet.com","domain":"xmrwallet.com","tld":"com"},"ip":{"addr":"186.2.165.49","port":443,"asn":59692,"as":"IQWeb FZ-LLC","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xmrwallet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 16:36:21 GMT","end":"Tue, 07 Apr 2026 16:36:20 GMT"},"fingerprint":{"sha1":"94:BF:BC:68:B2:5C:D1:0B:19:AD:71:39:EE:7A:62:E0:F3:26:5A:00","sha256":"10:15:D0:59:78:87:CE:15:0C:BE:87:DD:A7:82:1B:CE:63:73:AC:AB:A6:E7:F2:4E:56:ED:0A:4E:ED:14:F3:AF"}}},"request":{"raw":"GET /img/ico-6.svg HTTP/1.1\r\nHost: www.xmrwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.xmrwallet.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=BMeIXCieLpvFOJfs; __ddg10_=1771321024; __ddg9_=91.90.42.154; __ddg1_=neaN8EhTfZp9MyrhsCgg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=1uJUrKzqpp67DCEF; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg10_=1771321025; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\n__ddg9_=91.90.42.154; Domain=.xmrwallet.com; Path=/; Expires=Tue, 17-Feb-2026 09:57:05 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nlast-modified: Wed, 07 Jun 2023 16:44:20 GMT\r\netag: \"15c9-5fd8cd8e9c100\"\r\naccept-ranges: bytes\r\ncontent-length: 5577\r\nstrict-transport-security: max-age=600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-content-security-policy: allow 'self'\r\nreferrer-policy: same-origin\r\ncontent-type: image/svg+xml\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5577,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bb74ce444cc695190233989c68a9c988","sha1":"1d64ae8afe27f44c984d21b43ea41c8aed4e01fb","sha256":"700e57eb67e4186237739be928d0e05c2dea1a817b8394ee029580176318a60b","sha512":"d2181c856b5c5bccc3d3e87f8a90cb2dace2227ac5f68e447cbdbc7974674e43187d3284b53a7725bfffe8b1541a0a144b1817db338b4cd37490f5668cf6b12d","ssdeep":"96:2+vM8CRXr9lra+u2/nhhdtfzYG/vExxQP7A4/cNkySSXEQcc1sJ6Xw/ASiTqOg1W:C8QJrPBxUKJA+ySSIHMg/ALgw","tlshash":"ccb1a5e8532c62dd64c7d22eef32ec50531ea0b9b06781894dafc768a0579c0fb4bc90","first_seen":"2025-05-26T06:04:46.719503Z","last_seen":"2026-03-10T21:29:00.054352Z","times_seen":53,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-17","alert":"Sinkholed","trigger":"www.xmrwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-116766241-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.xmrwallet.com/","date":"2026-02-17T09:37:05.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:20 GMT","end":"Mon, 20 Apr 2026 08:39:19 GMT"},"fingerprint":{"sha1":"60:64:B6:72:E4:67:A4:EC:78:B2:F2:B8:3E:17:7A:A6:A8:CE:74:4C","sha256":"3E:71:C0:44:31:9B:1A:8A:23:FF:D9:4F:B9:3F:89:6D:7C:66:33:BE:14:26:CB:01:F2:79:BB:FE:F3:3A:71:98"}}},"request":{"raw":"GET /gtag/js?id=UA-116766241-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Feb 2026 09:37:05 GMT\r\nexpires: Tue, 17 Feb 2026 09:37:05 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 109251\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":308276,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4317)","md5":"96edf3a54818a77965c85751b3b3cec0","sha1":"533a0695e4492550b41d2edcd2508a3bc2dbf3c9","sha256":"e3c040ee77ffd7a1b5ce09db8afda2dc9abe17e48c58b1cf3562da5d406d298e","sha512":"48c8cfa14a642225bf31028e70f9155502d69c09af40210d818bf8c6abb71ba05afb5a757d03f01a9c0503632285efbc8b48c959724b1340f77805f033280432","ssdeep":"6144:7jNMmwbPpw8wENN8gMuSUP14j9Vk74BiqJ9R:FjwbPgmN8Bo4B7JP","tlshash":"746409ccb7d6742243a36478503f014bb23bb992f88cd894e182d9d52d74a6a8277f7d","first_seen":"2026-02-17T09:37:36.479129Z","last_seen":"2026-02-17T09:37:36.479129Z","times_seen":1,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":74,"dns":0,"connect":20,"send":0,"wait":45,"receive":50,"ssl":69},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}