{"report_id":"cc93d690-3fba-4315-9263-8cd3e984517a","version":6,"status":"done","tags":[],"date":"2026-02-03T11:04:17Z","url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"172.67.188.60","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"title":"Vision","dom":{"size":102317,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3914)","md5":"ba0e5750a0c257c5d8b174585039cda4","sha1":"f2b818cdc7f20cebad26fd3fc206cd890fceadcb","sha256":"c329c0176bc67631aa66ad5dae46c6fcf9d7d45b5eea04452c7bbd2233efd7ce","sha512":"298bcdb0bf35e84874f19c1478557a4601899090f3ea475281a00a79e66309cf7366013234b5b9e942a5c20408c4d2d1b62d23d24941c081b0bbe9bc740be462","ssdeep":"768:toy/LbFHD8qGUFU6wrhijhs+jls+jzwssIrSp9vzoCZ:tJ/fFHD8qGUFU6wrhijLvnQvzoCZ","tlshash":"1ca36414c1d4413bd51287ccfba8ba061652a1bf4f060862fa4e86b75f62ceded2f56c","dom_hash":"domhashd7d17dd1eb8a5e0870e07ee316e1b8e2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"172.67.188.60","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-10T11:04:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-03T11:03:56Z","timestamp":1770116636,"ip_dst":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60472,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-02-03T11:03:56.707499+0000\",\"flow_id\":959018249795150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":60472,\"dest_ip\":\"104.26.13.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3512,\"start\":\"2026-02-03T11:03:56.702030+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-01T22:17:46.954894Z","alert_count":0,"request_count":4,"received_data":14996,"sent_data":1942,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-01T22:14:44.580478Z","alert_count":0,"request_count":1,"received_data":73798,"sent_data":540,"comment":"","tags":null,"fingerprints":null},{"fqdn":"claims-vision.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-02-03T10:56:50.794421Z","last_seen":"2026-02-03T10:56:50.794421Z","alert_count":13,"request_count":13,"received_data":3892873,"sent_data":5742,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.5.2","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-02-02T08:38:00.779001Z","alert_count":0,"request_count":1,"received_data":271,"sent_data":447,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rpc.walletconnect.org","ip":{"addr":"63.178.159.235","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-03-26","domain_rank":891779,"first_seen":"2023-02-11T03:06:43Z","last_seen":"2026-01-30T06:23:13.645409Z","alert_count":0,"request_count":1,"received_data":1653,"sent_data":536,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"596ff0bb118650b3d23627470d6dc84f","sha1":"79e2933ea167db16998f9339fd197343a5e8acab","sha256":"7785014e98fdfb413095f8033fe83e5c63ff7c23c4d3312034907d653e0f802d","sha512":"9aaff87f0c391cde6853276a8bb7dcd5006e207d6eac95a624dd3ed9043a89e1f2bb43dd9a1af0e55ce03dc705abb3ed8ef7da60922434f77bf5713cb3cd7687","ssdeep":"","tlshash":"52d0a74d3010552615ce6c6d4c8f044abe269812a6044ccd89d8d4547bb5e7c459448c","size":222,"data":"","first_seen":"2026-01-24T18:03:34.514701Z","last_seen":"2026-02-03T11:04:20.752233Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"895f526ab37305311d1e998fa4d5a6e8","sha1":"06d0220830c81bf254c70552e908371c6dc1f18f","sha256":"90916b8b1fb2fbbd765a22eba866c30d8829f59aa2d7ee86869abd20207b2117","sha512":"6b087d2e2025f4d11073254448b124af8839ce24ff37eb45bf2fd1a2b66bee8fd4fdca2b4d23c08786d217dd71dbc660d1054b7876b37752dee3baaefdaeaa4e","ssdeep":"","tlshash":"2871bc3beb00173bdc8fa9fdced5b4c02e62497262496960691ce102a16cd7487bed88","size":3743,"data":"","first_seen":"2025-08-14T22:47:51.287187Z","last_seen":"2026-06-17T06:46:30.880679Z","times_seen":1332,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/assets/eleven.js","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0731dc266a43636b0e166275728b329f","sha1":"10ab55c566941fe6319681ccaa36e6313c7336e6","sha256":"c8a7922f93eb75f4329d4576efd7cba8a84cd888cf80856fa42dd171a4efe22f","sha512":"01ad04b1d570264819d09409aa94fec0af2f32c2b00dd96d76d8ed616b8293dbbe912e60cbb42a144ee4c665be0039f0f6036ee1ba7c3e682e0fa22066c7a744","ssdeep":"98304:dml/voXqyL4cDRxWyeI4vWSuyZXJPcrnE:dq/gXqyL4cDRxWyeI4vWSuyZXJPcrnE","tlshash":"3ef57c8073b1a079439741e4947b1501f238a85a7408c0acfbecd9f7af999c9897bf79","size":3556158,"data":"","first_seen":"2025-12-02T13:22:34.804996Z","last_seen":"2026-06-13T12:25:58.353479Z","times_seen":519,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 03 Feb 2026 11:03:56 GMT\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4887,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fd96ba77783845730c343cf00ac7a93","sha1":"bc4f7f4f71aeae387232155c55c4f031c5f3f769","sha256":"27b95b2fcbc857ba25f7e5a707c5c4c06c5cf93415519b7669c19f4045edca37","sha512":"20b137cf9c61842c7bad62dd6c36125833022552379ad97324dbee2c2e9cb0303b17a9aee813ea2bcdbb68541c8c6edbfecfcfb2858cf27c2cff480d756d80cd","ssdeep":"96:aYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGJc+uTYg4aR6NDO4a3qO4L:vywfydyGy63gy/yFVyR73xpmj3U8fHN","tlshash":"37a1ed91006f9104ea431dd627cf7e32ad8e51956082e27d6ffd2dca6cdbd23122874c","first_seen":"2025-09-10T21:50:06.177565Z","last_seen":"2026-06-17T09:29:36.953601Z","times_seen":17120,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":127,"dns":1,"connect":7,"send":0,"wait":29,"receive":0,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Press+Start+2P\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Press+Start+2P\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 03 Feb 2026 11:03:56 GMT\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1860,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"b7cad844ac5ba76f2eaa0a5f19927973","sha1":"0f619ace2a91abd4ba25e81b02b34e50708501aa","sha256":"c432858c887f02896894b1e44507b18fa1d22287d3bac0c1da9883849c63a118","sha512":"1056d64979f32cc0013a2564c64a6142439088d81b298c3da42cbd73ac308a5e0622cb5fee52c560d6e993e35eaaaea05d10226b42c65379b22a5c4252d1e632","ssdeep":"","tlshash":"043167e6052b94409b931cd373cf7e36de0e2125649184699efe1c84acbaca60391b5e","first_seen":"2025-09-17T02:54:26.564123Z","last_seen":"2026-06-16T17:23:03.305185Z","times_seen":1353,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":61,"dns":1,"connect":7,"send":0,"wait":16,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://claims-vision.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 02 Feb 2026 18:20:39 GMT\r\nexpires: Tue, 02 Feb 2027 18:20:39 GMT\r\ncache-control: public, max-age=31536000\r\nage: 60197\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-06-17T09:29:36.949927Z","times_seen":26740,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":50,"dns":1,"connect":7,"send":0,"wait":16,"receive":17,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/settings.json","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /settings.json HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-type: application/json\r\nlast-modified: Sun, 01 Feb 2026 02:26:23 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Gz4dkbCCJfn2qX7mpoYTN30tZKkhiZuN4zJFrPHC9A1HT5XQypnZioP0VxIxxu2jHowvbDHoEjh6YXzHvVddJnntXevjzyACH1pn3zVgg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"75d532030a675ec44b934ca224a48d20\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171d3497bb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":701,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"75d532030a675ec44b934ca224a48d20","sha1":"90931e9a927209be28dd55196cb592de4dfd41e0","sha256":"d6f3a88176ae4125197ff75cb9f1f948884d6a49c6a771b48763e77eded6b315","sha512":"ef1a6f44b2281d97991d7b01aee824cb862723436039f982f195405e8fa332df9d848ebf19ceacda109794f6ffe158cad62c51ecba76e931c6844b18cd772965","ssdeep":"","tlshash":"ed01fe59dd23482fdacd062cf29e810558250c2b43183d444f17641d732db2b2b71ecd","first_seen":"2026-02-02T00:07:04.110882Z","last_seen":"2026-03-04T15:34:17.855712Z","times_seen":169,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.13.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nOrigin: https://claims-vision.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c8171d38ea70daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T07:51:18.251001Z","times_seen":93313,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":41,"dns":21,"connect":1,"send":0,"wait":113,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/3 405 Method Not Allowed\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rxm%2BtZYBh2H02tRfX0ll8ftJVn%2BHHwIqXkZNMFIoFrpqGY4sGgi9SfFjW9%2FibKFifCLjQFBnepXUisjEwqEZoWrxlRe3JohRwJokHWkBHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c8171d34983b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"405","status_text":"Method Not Allowed","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/assets/eleven.js","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /assets/eleven.js HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Sun, 01 Feb 2026 02:26:14 GMT\r\nserver: cloudflare\r\nage: 448\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pbjiE7hOgNa2KBVany69laQ9a09bdUfzaPRklTzb6e61JxkLZsYx01l3vlr83P4O11MR0XUQswAtud06J5gYUvnvv2L%2BNXbX9r7CZYsyYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"0731dc266a43636b0e166275728b329f\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171cb8b93b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3556158,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"e60d780300a74c70dc6418ea19873295","sha1":"74001d33824730e25d3d840e0c642f9f986015d7","sha256":"dcb99cd44bfd05f2cfc3c04527f35accfdd3df490666015cbafc125c4b368250","sha512":"617f21408d485ed842373a7c935208431b033f279973a23752599f44a0f4b4f1b125068a3ad244650a5c24d9859d2b9702998c1d415b43eb801bfd6d9b5b2ade","ssdeep":"24576:dmNHxkmMEWI2xMrvZKhch+k+ub6BqyxRz:dmNHKmME32xohKhcoGGBqyLz","tlshash":"a1254c9073a5b06243da14e4187b1006f279bc68744d80acf69cecfb7da9d84963bf79","first_seen":"2025-12-02T13:22:34.735267Z","last_seen":"2026-06-13T12:25:58.330411Z","times_seen":515,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/gov-widget2-1.png","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /gov-widget2-1.png HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: image/png\r\netag: \"2d7d2139b697fbb313f4b29766dbd34e\"\r\nlast-modified: Sun, 01 Feb 2026 02:26:22 GMT\r\nserver: cloudflare\r\nage: 447\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mySDYiQYbbq8gihyl%2FN%2BcZccnZVX88OISDyt4BUz65nvlEHauChR8lXdKDvmB5gzzvfya5W1n5oUgeHl5M3qh4gW9fW1LCxTGsS84y%2Fuqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8171cc7c42b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"2d7d2139b697fbb313f4b29766dbd34e","sha1":"de1377c02be4395f179263b3bc4854137de030b1","sha256":"5611a461a6d790f238bbb3b6eb884b969e72155abd626e56a8b35bea2a217332","sha512":"c3e6c01d3accfd61842857b82843065d00e355d607d0154cc6f7ca70024f8c5d7487a025e2ba2b95af6d00b84747d368ba526ecc6d664977a2fe3ee5dea9a83d","ssdeep":"192:IFGtjXsS9O9luD2nWFfbktx7sGAK38uu/CW3m8XUYUOIwd+ij6OdZ39uzIiZVX6:IMFXr9O9lE/Ffgt1sGR8uD3AVd+o68u0","tlshash":"5e32b0b0bcc295014af1d76bcd1e6100367bb53f4bd2b5772395cc1aa4c9e0906e8a47","first_seen":"2026-01-02T14:02:10.636898Z","last_seen":"2026-02-03T11:04:20.741032Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/favicon.ico","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 01 Feb 2026 02:26:22 GMT\r\nserver: cloudflare\r\nage: 446\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=697SWzQuHBUWk6bxBHsb2xDqF3Nd8n7LV7Fn9y%2B1tG4WG0DQCoB0gYag31oh05bYkJKgFo5XmfcVrKosbNYHBF9EpWOuF444cn8H0XpIDA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"06990f8cca4503d7ce2470c49487bc84\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171d05f31b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15086,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"06990f8cca4503d7ce2470c49487bc84","sha1":"3bc45ee839744ef9f5aa833087426aa1412bab1d","sha256":"26c4281efc7ca5eb629dad61c56757a2ac8a482572f26463ac9dcc19383736b1","sha512":"e3a5209632df2a1b6c1951aba06a116107b1d5ced2b7a0ddeec0e54d8307beec6a8b390aee3ea0fe4d413689b0e12d220265906f7eee8a86af8f6d4a55655c7f","ssdeep":"24:jyscIv/0V0J1F8FcdEjljM9h+YSlQn9oGgTudR9XipNE698N/2dW9k27A/sIt4jA:jECzXIs428hd/","tlshash":"1562f9d811689c7bddf275b25d47eade1488afd2101eb3030e69b565fa32487f2b9003","first_seen":"2026-01-02T14:02:10.642082Z","last_seen":"2026-02-03T11:04:20.741543Z","times_seen":4,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Pixelify+Sans:wght@400..700\u0026family=Press+Start+2P\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Pixelify+Sans:wght@400..700\u0026family=Press+Start+2P\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 03 Feb 2026 11:03:56 GMT\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3080,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d4e6d79c776bf8fc41c61de47e83d957","sha1":"8bc1ade7d4f4e91f3caa6d459dc1c6e3c0b05528","sha256":"fdaed61fd01a57851820b356beb641c643c8b4e699faddae0b72fa64c5d20bad","sha512":"7044230275f8f8d2e4725a69add094387aea08d50c588f7026b9c1aa00f4e576abae59e8bc05b3eb58f8601bcdee55a9ca9508200e51f6121b8a577bac04c82b","ssdeep":"","tlshash":"1851ddd5052bd040eb931cc233cf7e36ee0f21266495d8699efe18d4acbad664351b4e","first_seen":"2025-09-17T03:18:47.287526Z","last_seen":"2026-06-13T12:25:58.338038Z","times_seen":752,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":124,"dns":1,"connect":7,"send":0,"wait":31,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-03T11:03:54.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fJdZQ8cTb9apqzp6pBzBDZWcxgPO6GQ29JlAk8f02wmGnc%2B23VO25Uqo%2Bq%2B5VtjndYDoZoO89ScCwsd29nAauR5kRbi%2BXgv6n8HXwluhiA%3D%3D\"}]}\r\nlast-modified: Sun, 01 Feb 2026 02:26:23 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c8171c8592b568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137386,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3717), with CRLF line terminators","md5":"4c3b1330d88546adfebd202b36e5361c","sha1":"f9f596941961239e25b721209d38e02e68c5ca75","sha256":"9b359b0a7a5e822a5ecdbaf7f19b55891015579c4f7b90f8d2412a0b330565fd","sha512":"e4c915229f56ed1c3af1e02835019a45e68e15c4241b10164bc5550d59299e69d724c844719f3e027fc580b8007ab6e5dd9dc2603ae83d42205b192fcc62ecfb","ssdeep":"1536:tqtD59OdJ/ptPKqbmZXMyOLQzSjEMGIyGvN63Et3wN7WeMv8vzoCW:tpSqbmZXtqysX3DvNIUwN7WeMv9","tlshash":"58d36514c284416e803747cceba8bb45e713a26b4f060591b98e96f35f728afed5b53c","first_seen":"2026-02-03T10:56:55.043354Z","last_seen":"2026-02-03T11:04:20.745162Z","times_seen":2,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":83,"dns":69,"connect":1,"send":0,"wait":249,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/cf53e6b24df29d8d.css","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /cf53e6b24df29d8d.css HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 01 Feb 2026 02:26:22 GMT\r\nserver: cloudflare\r\nage: 448\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2GBR4eyLnQmFYV9HF84jd1mKarqCnlNku2EbFoKR2YlOR%2BSaUYJtBU49cLVPLjB6kDlunFn%2B4FUQvjtRZEAeByb5Mmg9xHMZdDYbW37%2Fng%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"0a4bdbcfbb5d0a508ab5d54871d300a7\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171cb7b8db4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75110,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"0a4bdbcfbb5d0a508ab5d54871d300a7","sha1":"4a47f109712fa1d8d8e25d738f03a77d6a5837b9","sha256":"53bd1f24ae34ca3951f0b2320f535fdb5c3a960a934aec428905f1a707c8b754","sha512":"d754501944ca2617ee2536e4143cab0790df1f21ccb11e1fa108ba0c931c0ca25d581707b9349738236e5ab82e3f8a243fece3bc08c449c4ee32cad9dfcc0c86","ssdeep":"1536:zzzVm1AoLx9kYfD5c5Ur3Gj9hYNjdbct6HsOgk7/NKsp6HE:zzzVeAoPA8Nn","tlshash":"7173a5699b50b27d6c379099d288f81a51299a068f150fffff4590cacac7fe33361294","first_seen":"2026-01-24T18:03:34.489834Z","last_seen":"2026-02-03T11:04:20.74667Z","times_seen":3,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/e4af272ccee01ff0-s.p.woff2","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /e4af272ccee01ff0-s.p.woff2 HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/cf53e6b24df29d8d.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: font/woff2\r\netag: \"65850a373e258f1c897a2b3d75eb74de\"\r\nlast-modified: Sun, 01 Feb 2026 02:26:22 GMT\r\nserver: cloudflare\r\nage: 447\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ql5GQRPAnHeCP20J74Q8EKcfesEJPPwgF8mump%2B3jdqNfJOm9RwWUqySsEEkQ%2BATiC2onCxqe0XzgsYklCEAttg%2BIQA%2BIBc2avBNSF4ZqA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8171cc2c0fb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-06-17T09:27:26.647759Z","times_seen":66966,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/vision-logo.svg","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /vision-logo.svg HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sun, 01 Feb 2026 02:26:23 GMT\r\nserver: cloudflare\r\nage: 447\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zaWAXRjTf6cfM9Ym8y%2BPvHddI77IPZ%2FNhAB8lOyqNm4bwg3z%2BK%2B33zvyc2yzVxcy5qmMS1Sog7rnnSGgEaLimE3NCf4thxG0c8g1wM9SgA%3D%3D\"}]}\r\netag: W/\"4a5fdb0edd8c9186cc75441af9220f03\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171cc6c3fb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":582,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4a5fdb0edd8c9186cc75441af9220f03","sha1":"b6f4b28bdabcfd8b2040eb4fbc53d3d645ed29b6","sha256":"49fb62286eda879592b8b65c934049b0ff7a0992e3f8ea43739d9a8571f82f25","sha512":"7038316eb4277a07b9d3a86bb13dec1f236c05c0e5640c9f61358c701ddb84f5925763a62791038cc224aa8af62c2810be3da9d0fc9578cc79008e766a24ad3a","ssdeep":"","tlshash":"bef0e1e9924ce240f606d72a632c3035e124b8d03b9fc2909590054afa620ee9c3aea0","first_seen":"2026-01-02T14:02:10.630563Z","last_seen":"2026-02-03T11:04:20.748641Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/eco.png","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /eco.png HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: image/png\r\netag: \"117b8635f291dd2ff5b8201404ddb9f5\"\r\nlast-modified: Sun, 01 Feb 2026 02:26:22 GMT\r\nserver: cloudflare\r\nage: 447\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EsF4D71S%2FIPQ1UncspbK9ydTjPTtw7SBf1Mwv7oK09gb6afQfphSMcfIOpY5iHcldzz1RMFA7Ic5dSnDsNVsM3JrwETssv%2BW9Eop8sv6Gw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8171cc7c43b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24259,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"117b8635f291dd2ff5b8201404ddb9f5","sha1":"a74c017b439064f124027430c486af760fed40e7","sha256":"a4ef9bcbd79b873565fbc5b798b2c0fc9cf2aeb5a017cda882b33d3c12c72d81","sha512":"c07758dbb8d17f3a9d2e015fa566c22c87bc1b5c56562c82f5f961edd2b6fcd612b9dba9d47cfe544aaa1c45ab553ec01225f1a4f3e4ebd6896561ccfd8e64fb","ssdeep":"384:Qmuf22+cwvLqBB8K0FENkXiuLbANoh1PzLCx/tEbe0kTMvhWb/voNsA7xUudnafE:QmFxcDz8bzXVANyctEbejMZWbvoNQuVx","tlshash":"e7b2e1584e3f351fa9ced0b05b2f8b489f45b9811d2e28fc5adb8d5523caf6020935e5","first_seen":"2026-01-02T14:02:10.638837Z","last_seen":"2026-02-03T11:04:20.749195Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/settings.json","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /settings.json HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-type: application/json\r\nlast-modified: Sun, 01 Feb 2026 02:26:23 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jjUOfaTVQm3ETMMwYrqU8cKA1%2BFevekptkuuN%2FqRViAL9pgE3WPawZLIGF5Zc1MI3c6B5EkZLIz9RJaQb%2FR1cVT3dqIzkbBrtphazK9dOQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"75d532030a675ec44b934ca224a48d20\"\r\ncontent-encoding: br\r\ncf-ray: 9c8171d11fbeb4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":701,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"75d532030a675ec44b934ca224a48d20","sha1":"90931e9a927209be28dd55196cb592de4dfd41e0","sha256":"d6f3a88176ae4125197ff75cb9f1f948884d6a49c6a771b48763e77eded6b315","sha512":"ef1a6f44b2281d97991d7b01aee824cb862723436039f982f195405e8fa332df9d848ebf19ceacda109794f6ffe158cad62c51ecba76e931c6844b18cd772965","ssdeep":"","tlshash":"ed01fe59dd23482fdacd062cf29e810558250c2b43183d444f17641d732db2b2b71ecd","first_seen":"2026-02-02T00:07:04.110882Z","last_seen":"2026-03-04T15:34:17.855712Z","times_seen":169,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Fira+Code:wght@300..700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Fira+Code:wght@300..700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 03 Feb 2026 11:03:56 GMT\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2425,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"364d80757a1c7c81dccbf8d6caeb7ae7","sha1":"abf8e3b38eb2295c6378231fb2ecabae5ecd4b2f","sha256":"17babf90f4bae4a92ef7f4f24552b88b41c391b89328f46faa49286f5c2c2c6a","sha512":"6a0c6519a03917cedd40ecfe91e6cb8d30a42a61c005244bf8c09934a12132ba0fe963dd6e5c77a9baa19944cadb274ecf81e1780697acc5f3e22ae85b02c131","ssdeep":"","tlshash":"1c41aaa601a79400afa30cc177cebe779e1e2198b041c6b95efd08989ce7d32435472e","first_seen":"2025-09-17T03:18:47.282954Z","last_seen":"2026-06-15T10:53:35.045671Z","times_seen":830,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":122,"dns":1,"connect":20,"send":0,"wait":31,"receive":0,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/logo-color.jpg","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:55.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /logo-color.jpg HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claims-vision.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:55 GMT\r\ncontent-type: image/jpeg\r\netag: \"89816c3a7f8a450f4c248405f3a22355\"\r\nlast-modified: Sun, 01 Feb 2026 02:26:23 GMT\r\nserver: cloudflare\r\nage: 447\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4o%2BC%2FTio%2BN5AZwTLn64wlG%2BwRhGeIE6mlzHza2eoIsgiR9XbQQE8kjdhrKnlbx7%2F6ky%2B07291lsqAgqNpUeYeuRMiDdGUxKiOI41AtyF%2Bw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c8171cc6c41b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13643,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 640x640, components 3","md5":"89816c3a7f8a450f4c248405f3a22355","sha1":"2b9677154346e8301506fe57dccb4eeb86c14d13","sha256":"a30a914c0019b4d04e69f745c8b1d51734cf55541ba1438868fe7b86e0d916e3","sha512":"4eb50bf171106de454bc93e89de3a3d63904b1adc7644a4a8757faf37d7e1d22242c7e83c10007e83cc54a417cc486c8b28c699feb6e3ec59c7ded196e809791","ssdeep":"384:lzXh5t/4tIdndiQwNxpnY8gw/OBNylyRq/YPDIG1J:lzXHytIOQuY8g5BNylX41","tlshash":"5452d12bd724ed2ec63ee13db50640a957dd7d1232523442791ba6ed8e620af37710c5","first_seen":"2026-01-02T14:02:10.633347Z","last_seen":"2026-02-03T11:04:20.750419Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rpc.walletconnect.org/v1/supported-chains?st=appkit\u0026sv=html-ethers-1.6.9\u0026projectId=7c3ef6a02b36f02d333ccc159ab99876","fqdn":"rpc.walletconnect.org","domain":"walletconnect.org","tld":"org"},"ip":{"addr":"63.178.159.235","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rpc.walletconnect.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 16 Oct 2025 00:00:00 GMT","end":"Sat, 14 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"38:E6:43:A0:F8:F2:8D:21:9C:36:21:F5:DB:3B:F9:93:F7:7B:C4:8B","sha256":"09:1F:96:1E:4B:E3:8B:06:C3:8F:0A:2E:0F:79:E7:43:9C:B4:45:CC:26:0C:77:C5:50:CD:15:A8:7D:1D:83:DB"}}},"request":{"raw":"GET /v1/supported-chains?st=appkit\u0026sv=html-ethers-1.6.9\u0026projectId=7c3ef6a02b36f02d333ccc159ab99876 HTTP/1.1\r\nHost: rpc.walletconnect.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nOrigin: https://claims-vision.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:56 GMT\r\ncontent-type: application/json\r\ncontent-length: 1310\r\ncache-control: public, max-age=86400, s-maxage=86400\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: *\r\nx-request-id: f720330c-a6f4-47b3-9dc5-e637eee3fbee\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1310,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"800cdcaab227c96572e3f2dab7b0c912","sha1":"448cf0f1a651e092ff1200a0fa4948126bf7516c","sha256":"845227210b5d2f143f79d23ab788f8b8e6e773a27e4833c68c58b3bbe29f4643","sha512":"f3fcd58079c9d0767732e3c87bc1cd2468cfc52c6b180cf225b5f8c07bff8ecb8dd8d90788226a885b953109f70af745f40dbeaad829ecf360912a13d3cca904","ssdeep":"","tlshash":"9921338c88800c44dcb4d398dbbce8db959ef01399cd289999f82cb155fd6b3365276e","first_seen":"2026-01-30T06:23:17.274307Z","last_seen":"2026-02-06T07:11:34.447039Z","times_seen":124,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":112,"dns":27,"connect":21,"send":0,"wait":26,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"claims-vision.xyz/assets/secure.php?req=ping","fqdn":"claims-vision.xyz","domain":"claims-vision.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claims-vision.xyz/","date":"2026-02-03T11:03:56.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claims-vision.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:12:36 GMT","end":"Wed, 29 Apr 2026 18:11:22 GMT"},"fingerprint":{"sha1":"CB:8B:92:4E:94:8F:45:CE:A2:B8:AB:1B:F8:07:28:FC:0E:4A:34:4F","sha256":"8B:3F:0D:B0:E1:EB:9A:0F:92:7C:DC:22:A3:DC:85:F6:51:18:F4:CA:EC:95:58:64:29:BC:A5:13:18:C3:02:88"}}},"request":{"raw":"GET /assets/secure.php?req=ping HTTP/1.1\r\nHost: claims-vision.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://claims-vision.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 03 Feb 2026 11:03:58 GMT\r\ncontent-type: application/json\r\nset-cookie: PHPSESSID=a84eaca1129b5aec45557552dc338345; path=/\r\naccess-control-allow-headers: Content-Type, Cache-Control\r\naccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-cache\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\nserver: cloudflare\r\nx-powered-by: PHP/8.5.2\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BojkVHbApzeLz7pvZbryreyrQzTWD9y8aOSrhGpbdMUvbZQGlmFnp%2BJ2c0aCNHrA9BAvh8hKYnBBWu85hBYCfl%2BbuAKwM4%2FhDNnjaTIwLA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c8171d34977b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.5.2","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":14,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"594d96ea0628a6a87187b8e17a7fa4b0","sha1":"5fbf4e5362196240e62d4e192bd93777898755b2","sha256":"cb100e693b55b36a08dc2b04eb312835069a4f2fc406ff374b21313b1f56b5cd","sha512":"c92fac11849dbd07dd610982d2d2e49f7aa59ec6048782145992bed639b1a518c539d9603bea6b79e4f29aa745e301923edaa9d96e1dec3ce27a8a2f4c2f2f4c","ssdeep":"","tlshash":"d96000330c0c0330030c0cc0300fcf030cc0c0c00000fcc000000300c300c000c00300","first_seen":"2025-10-03T14:25:47.505502Z","last_seen":"2026-06-16T07:52:05.259442Z","times_seen":809,"resource_available":false,"data":null}},"time_used":1327,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1327,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"claims-vision.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}