{"report_id":"c74d66ce-ec04-4c29-9d95-a8e69773ad96","version":6,"status":"done","tags":[],"date":"2026-04-09T14:41:16Z","url":{"schema":"http","addr":"xaman-reward.com","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"172.67.131.158","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xaman-reward.com/","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"title":"xaman-reward.com/","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"xaman-reward.com","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"172.67.131.158","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T14:41:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xaman-reward.com","ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":3416425,"sent_data":3216,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Webflow","description":"Webflow is Software-as-a-Service (SaaS) for website building and hosting.","website":"https://webflow.com","common_platform_enumeration":"","icon":"webflow.svg","categories":["Page builders","CMS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xaman-reward.com/68bf115f65e6134245f30300_1noIphone-min-p-1600.webp","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /68bf115f65e6134245f30300_1noIphone-min-p-1600.webp HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:52 GMT\r\ncontent-type: image/webp\r\ncontent-length: 55494\r\nlast-modified: Sun, 05 Apr 2026 11:12:46 GMT\r\npriority: u=4,i=?0\r\netag: \"69d243ae-d8c6\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QhZ9IcqrYPqt3m5mUbU9Ho%2F9AJnPo8Rp0Ap4ivl7psQCVeTiIgsYD2gLl6ZKXngW49lTiFDU6yPnXH80Sc%2FAnxhNEinUgtr4FCmgoDBmtp4zuAjjO4bZ%2FdO7MCoPrgPXcvcO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a4b0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55494,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dcc6a9809a79edc883bdf9f63b787d7d","sha1":"ef9794edfc7176cea57c3ebce0f8e94df20933af","sha256":"87cb859c5e6a13b4766ae1d009535e599d9f0371313806d2501b6c1440d6cf5c","sha512":"cba3a4f7ada331982eb6a7f4e982a5f148f46ff83330d8f9e036c04b1c4ab0a9caa620fd73309613135fa08be77c147cdc9856f81e201327eb7cf07a2b5fe0fb","ssdeep":"768:P4TeAkK4IreFcCJu8KQmfvsfolUjmU+JqTxwt4U6z+Nm9cJC7kIRIIJ7q5xs0uXO:PpXDRJ3K73swlcAJqTxy4bXJ9J7oV","tlshash":"5c43020ac081d9d2f597cff326b843ab68bcd8c553e621474a1ea5d701eafb79034382","first_seen":"2025-11-16T19:31:43.132385Z","last_seen":"2026-04-09T14:43:12.812911Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1303,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/68bf1162f57d807a49a39650_1Iphone-p-1600.webp","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /68bf1162f57d807a49a39650_1Iphone-p-1600.webp HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 35204\r\nlast-modified: Sun, 05 Apr 2026 11:12:44 GMT\r\npriority: u=4,i=?0\r\netag: \"69d243ac-8984\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qqG6kIjJ7DD4MYXkrPBTEN8LTxrGeNcJ8K2x5dOOTIgtiQgBzlrKr5LweZJUagTpm4yIg0VXxHgkMZHlrFaGmQESTp4Ppt%2FWh5gQTYYXETPVjrgu%2Fl3pWFMj8WMNajEpxx4Q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a4c0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35204,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ea7116ed6c5f1ad885b854800f9eadbb","sha1":"04c92f4fabc7bb1a364b7df7249321e30aa46d2d","sha256":"659d2328a4f78cdcedc8c26d16598a63b3f629338a84d8ba4ea8b718253ccb57","sha512":"694e7ad35ce6c86114b3a1c6118b0f47cdc2a675665c7763a3fe159e238b5259912385e0be1bc3bd9be7f2d55b2f117a43d6bf70715818d441eb2104c46d269d","ssdeep":"768:84lFRjX0NHcsjH+tBuMsM35OyEJRW7cTHqqESWGaS:8oFRjEq1AMsM35OnRWVqESWG","tlshash":"4af2d1db43b50d24920211732adb7147700e6ca917c936532df7ad66fdeee184ba428e","first_seen":"2026-04-04T21:37:46.902282Z","last_seen":"2026-04-09T14:43:12.813768Z","times_seen":3,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/68d661d08d1358b327c1ff3d_hero_img.avif","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /68d661d08d1358b327c1ff3d_hero_img.avif HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: image/avif\r\ncontent-length: 18436\r\nlast-modified: Sun, 05 Apr 2026 11:12:40 GMT\r\npriority: u=4,i=?0\r\netag: \"69d243a8-4804\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aCFBSoumIXa1Gu6LqTkmm9STvkPwtq8fYEs5o2Jc3WuAERSiT016M3HWHTHN%2F%2BPq5jwSYzlLXcNM3Qz3Ts5EE46iQ%2FT0RVzPNWX0KLUFSfTPYd9dUBaVI7u3ge2uKZh10O6G\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a4d0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18436,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"7194d393e70cbab2c5c103ee79b284cc","sha1":"6a1ca6d27cadf12a9888560d71107ebad43f289b","sha256":"090485670f4f3d6f54700f43974e2228d8eb91842d4edd7c4dd2216c0252d365","sha512":"2fced23e67acc570ed6f4a8f69422692f66cc68dd57ebdee11175bdf2b313e48cdf243cdc04e5e91cca557dd5e3d5d4e5ef07882b512502eec2fa5ec9238d018","ssdeep":"384:rReVnChInUtrpu7tGZixwMKHaKAJx6ogJdj4Rd3lWb:YVGpu7tGZWwMKHRex6osd8D3Q","tlshash":"2282d025a0f8aa0ede3107b26e3bf1b73343de6211361aad8a51e5d5c17069accf110c","first_seen":"2025-11-16T19:31:43.135377Z","last_seen":"2026-04-09T14:43:12.801816Z","times_seen":4,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T14:40:50.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Sun, 05 Apr 2026 11:12:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dNSQCIp5le15IajK7uGVtUwO%2BNpzVpHRFStudU2j9BKt1LFM7s9YS4pSlNZNTzKH3ZLVycUdDHkTJoYpWA0Rcm%2Fvq6ASxv7TbzLsrGWfWdacc1keIYuSD35sd208eKEpoWDU\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e9a44edf9fea0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Webflow","description":"Webflow is Software-as-a-Service (SaaS) for website building and hosting.","website":"https://webflow.com","common_platform_enumeration":"","icon":"webflow.svg","categories":["Page builders","CMS"]}],"data":{"size":73851,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26920)","md5":"52ec377b38e852ae8af05451a8144382","sha1":"ae957d5941ddeefa64e2e8bf16c00c30f0409f23","sha256":"122acc1e9c7846ab62192cf25598fd199eb9da4ac5cb1de78dc2c4a565bfd204","sha512":"5f7f1cb9fbf8091ec152675cf7e3f3c8f31de25cf8a2519b3019a4a8276a67deacf56bfb4d349526ebb0fcf0122db620d260dcde948ae8d8150af43114bda6b6","ssdeep":"1536:utou6J1w6Re7VVfBNc4/s7u3kWQT1WVHs6MCOiZFhJmgJMWyw3Qx:W7fHLMCO2Jm","tlshash":"3b73d4722240327752174ad8f1326beeb2a782dece034854d3fc87d95be3c95ed26499","first_seen":"2026-04-09T14:41:21.200925Z","last_seen":"2026-04-09T14:43:12.803152Z","times_seen":2,"resource_available":true,"data":null}},"time_used":411,"timings":{"blocked":55,"dns":39,"connect":1,"send":0,"wait":301,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/plus-gate-v2.1.min.js","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /plus-gate-v2.1.min.js HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 05 Apr 2026 11:13:27 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"69d243d7-30020f\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BU9BWuLsyoCwafP%2Br6%2FKS9BTjfu1QJEmKgW0O1AAhLN5boA9b6KiM6esjJ7AFcgtzTQQYxY5i3Ye2CUveFpGuwq6%2BeXiFyVqWFK8Cl0kWxM7vf8cR3Vo6wbyDyoEIINVYty4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a470731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3146255,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0205f3ecba2ee98637636534a373810","sha1":"2a32a3b0deca17e2757455626f80dd7027573904","sha256":"4dba769bcc79636c9930db28c388c252b500979348c8c923cb4397071118a6b7","sha512":"c3e5dc016abe5303f1287cb4a3aa7c4e33cad6abfce2e134a43e13ad575ee8105000b469fe26d6d8e075fd5f06087dcf275109a8cc4c1859ab2623e997fb6529","ssdeep":"24576:dtwzazSziQWTpMsn98csc0EkEg0QOPX06UJaZhWa+iWy+Km2+fVws36sAO7hgqA7:NFMsnwqIZxMovccVY","tlshash":"1e258413a2d038d251d75eb1b62350daec2d4bafb58c9afa998cf834fce1054e5d8670","first_seen":"2026-04-04T21:37:46.912194Z","last_seen":"2026-04-09T14:43:12.809244Z","times_seen":3,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/xaman.webflow.shared.314b8219f.min.css","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /xaman.webflow.shared.314b8219f.min.css HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 05 Apr 2026 11:12:54 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"69d243b6-118ac\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GsNLZLSHlaMfkLbTZa3PxDi9sl%2BGMSn%2F18l4fIsKR0NSPZaYGDBdyEgziH%2FF8cHTDADab7jjEOSu5lZ1PPuwRqgwX0tkUUbl3NtIQQ1K02MTjl%2FIcRPQPMBbBhnrvK8UZxKL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a480731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71852,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"9ddb76abca34816b76306ad77058a3a2","sha1":"30061df0548edb1a5cfb4982db86e27714dd0aa8","sha256":"b00423007df02ecac839da007408fb4132a5bbd0cf3c77a9f3493f9d6a216785","sha512":"f822d79d49abedcf3422a3ee8cc529a854765cecf6f230c7c100628fe46251d1990072e8576bc60f6830d1d6b354ea4b6938969d7af0533315e9941b7e29250f","ssdeep":"768:zZ+UHzYkGCW/znNMb4BmGuaNQjp3WFVBxsPYvCQ+yd6d8kV9Ua6AgmXfziwMZBtO:zBoCWldNQjpfP3d7Wlw","tlshash":"fd6376222b65316cf43b8436e9d1b68d712a9103e7634bdef552f127c5cb5c22b32a9c","first_seen":"2026-04-04T21:37:46.914711Z","last_seen":"2026-04-09T14:43:12.810428Z","times_seen":3,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xaman-reward.com/css.css","fqdn":"xaman-reward.com","domain":"xaman-reward.com","tld":"com"},"ip":{"addr":"104.21.4.37","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xaman-reward.com/","date":"2026-04-09T14:40:51.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xaman-reward.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:19:55 GMT","end":"Sat, 04 Jul 2026 11:19:54 GMT"},"fingerprint":{"sha1":"C6:B1:1D:AD:7A:AB:DA:96:2A:A6:C1:1D:91:46:28:27:2C:68:80:2D","sha256":"5B:76:99:EA:52:38:4B:12:04:34:81:E6:8D:AA:43:B4:D0:41:FA:1A:E5:7B:88:88:78:42:FC:F5:B3:E5:FC:C2"}}},"request":{"raw":"GET /css.css HTTP/1.1\r\nHost: xaman-reward.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xaman-reward.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 09 Apr 2026 14:40:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 05 Apr 2026 11:12:39 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"69d243a7-2909\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gQg8yXIz9%2BJKjX8bb1AraznhLOVohWpdhMsmHPD20AJtxzB34ttt%2FgGr0H4OOWZNM97RkbdQ2Yp%2BUfKWH%2FrlJnp2FTpe7mA6RT1p6afCpkFCgmPLKYVPfy9ltTEXkX3EohGP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e9a44f15a4a0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10505,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"865a66511d149d985f133480e630f210","sha1":"ae2b637b115ef385b8586319ea8da8e7cd13f44c","sha256":"bf57dd1553949c29e2e78ec358eb8a880320033aceb5c52b7222080a58e2e749","sha512":"038a3ee9835a40154bf62b8ccc3e5b8ca2845cfc44648921dffb2a116e533c4fba1242f90d43de1017192d8996b443bc5bc086c91099a8e9affcc32dfdf09615","ssdeep":"192:yEiQ1D33kQow7EP50D3KlQxwQEkGfD3tiQ+w1EpfGD3orQ3wyE205D3zAQMwj:FFRYsmbz3iKcFJlj","tlshash":"47229c51002f640053a71cd663ce3f365fdd6148a08ada383ffd0d9aaceada953a175e","first_seen":"2026-04-04T21:37:46.889451Z","last_seen":"2026-04-09T14:43:12.812192Z","times_seen":3,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"xaman-reward.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}