{"report_id":"ecbfe27a-6175-4a19-a36b-3fa81a69fa27","version":6,"status":"done","tags":[],"date":"2026-01-30T06:28:28Z","url":{"schema":"https","addr":"catecoinsrewards.xyz/","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.25.151","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"catecoinsrewards.xyz/","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"title":"catecoin-airdrop-claim","dom":{"size":152689,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (53879)","md5":"610e9dd3de5a81b74568666a89b392f3","sha1":"d21996d5c72233028aa50e9b322e4f24681306c8","sha256":"470e3592cb4821d6331ab459de3a0a8e6f324a43563609d0936496c6c589ec64","sha512":"eee724efee02958f9dbdab8e6423f3f8c6a40d408f1623be17ad88fa9d633039bdc29e7390bbbb9769a90af6516a353168dd573f09906d374fac024a2883c106","ssdeep":"3072:fT9chcikrUaaG2V0378VQZkt5Fq7PgpEfLxbGj:fqhcikYV0378VQZkt5Fq7PgGYj","tlshash":"b1e33b697518943c7c7bc2f4d3f87a5e6419f2c2ee5760a8b64f10705bc36f628a7288","dom_hash":"domhashcb7ea37ec7cbabb1576eef6ff06d3f98","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"catecoinsrewards.xyz/","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.25.151","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-06T06:28:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"catecoinsrewards.xyz","ip":{"addr":"172.67.134.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-10","domain_rank":0,"first_seen":"2026-01-30T05:45:26.42869Z","last_seen":"2026-01-30T05:45:26.42869Z","alert_count":4,"request_count":2,"received_data":154292,"sent_data":943,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"catecoinsrewards.xyz/","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"75dabae97a6cc35cd5f312e6f60ba022","sha1":"85a2b21c309b38ef993ea148b8c4c06b8b78247b","sha256":"6a7952531bfffb0b68138b5134d09c014813c6c234d68a25b461418e6e779573","sha512":"4aadefc96428e43a0ed3e4bc6dc368abf817e1fc313d4d360b8b1f0f761d27dbfef5859071199a8cabe808bf761ea94836a84d6146d173555dc40d2791010b6d","ssdeep":"","tlshash":"c2113626222233607ce9d5dca9b6d98a39bb501be40a0090b09e944d2f34b8944f7bec","size":887,"data":"","first_seen":"2025-06-16T04:38:43.481363Z","last_seen":"2026-04-01T13:10:54.848513Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"catecoinsrewards.xyz/","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T06:28:07.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"catecoinsrewards.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:11:13 GMT","end":"Sat, 07 Mar 2026 00:09:51 GMT"},"fingerprint":{"sha1":"F0:F0:28:E3:A5:9C:F6:D5:5A:86:9C:D3:BF:C8:DA:81:1C:C5:24:38","sha256":"00:61:EC:D5:E8:81:32:C6:59:B0:68:EF:CB:22:80:44:81:B7:5E:84:21:AF:45:73:D4:46:17:31:FC:02:F5:B8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: catecoinsrewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 06:28:07 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Sun, 10 Aug 2025 23:15:15 GMT\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jOFVsLYl4ZuLYoEih08o6YzaVgMNfpf8her1WvneCej2t1Jnzs%2Fa8pImxviW%2FEx7aERb0%2FWL94W4MpnPchSS6nAHAk%2Fevm0uMCBeTF5LdnDrvkuP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c5ee84a5c574e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152686,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (53861)","md5":"d2e22f862ae807c8cbc92dea5021690b","sha1":"a65150ee2f8bca83000311a573031f833aa84468","sha256":"6ffab1247d6140bfec038545d19e4701e38db8684fb3122655d6dc483b3edbe9","sha512":"1d20e86196946add75ce5de1108c6de6a83d518c8e2cac12b4d1758efbbd6d7fb277d6abcb15bb57f8466ce5e0b5d45c50341ce0633543cc1b9a216dc397f5ca","ssdeep":"3072:vT9chcikrUaaG2V0378VQZkt5Fq7PgpEf6cbGX:vqhcikYV0378VQZkt5Fq7PgGCX","tlshash":"b8e33a297518943c7c7bc2f4d3f87a5e6419f2c2ee5764a8b64f10705bc36f628a7288","first_seen":"2026-01-30T05:45:29.710398Z","last_seen":"2026-01-30T06:28:30.066951Z","times_seen":2,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":103,"dns":88,"connect":1,"send":0,"wait":231,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"catecoinsrewards.xyz/536824e9-88e8-4420-a588-06331cd6841a.js","fqdn":"catecoinsrewards.xyz","domain":"catecoinsrewards.xyz","tld":"xyz"},"ip":{"addr":"172.67.134.85","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://catecoinsrewards.xyz/","date":"2026-01-30T06:28:07.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"catecoinsrewards.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:11:13 GMT","end":"Sat, 07 Mar 2026 00:09:51 GMT"},"fingerprint":{"sha1":"F0:F0:28:E3:A5:9C:F6:D5:5A:86:9C:D3:BF:C8:DA:81:1C:C5:24:38","sha256":"00:61:EC:D5:E8:81:32:C6:59:B0:68:EF:CB:22:80:44:81:B7:5E:84:21:AF:45:73:D4:46:17:31:FC:02:F5:B8"}}},"request":{"raw":"GET /536824e9-88e8-4420-a588-06331cd6841a.js HTTP/1.1\r\nHost: catecoinsrewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://catecoinsrewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 30 Jan 2026 06:28:07 GMT\r\nserver: cloudflare\r\ncross-origin-resource-policy: cross-origin\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=iso-8859-1\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RsyehyfhuVO8TBdGZIWvxzekTEU5plEAdHqyeqVqvwli9JqG1fGEnBSsp7BvykQTlPR2efONus%2Bngljd38eVo%2B0rvaToER453k1Hc7%2BJHhYSzA%3D%3D\"}]}\r\ncf-ray: 9c5ee84c98500afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":282,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"e7ec117ea0811c6442753fa48847ced5","sha1":"31688e2604dbdb8ea3e7b39c0741cb902ab313b5","sha256":"8be8ff51097c1ec503e7ea49f4bb7b706b9a40e2fac01e391c9df8326529e814","sha512":"752b6893c2270e72abeb0ab08c61f8977e7afda6aef6a03747d2a921834685872156babdf995b6d99ed4b2ad5a28f9386fe9ea596a07749331f65a54dbd6a928","ssdeep":"","tlshash":"2cd02bde90537387481214a07ac525c2268c12fba47b86e83d86d887529c97ece9a699","first_seen":"2026-01-30T05:45:29.711769Z","last_seen":"2026-01-30T06:28:30.067582Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"catecoinsrewards.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}