{"report_id":"073f9e5b-b3dc-4f4a-a28c-8a943277be8c","version":0,"status":"done","tags":[],"date":"2026-06-17T18:01:34Z","url":{"schema":"http","addr":"trustwallet-pay.world","fqdn":"trustwallet-pay.world","domain":"trustwallet-pay.world","tld":"world"},"ip":{"addr":"172.67.192.83","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"trustwallet-pay.world/","fqdn":"trustwallet-pay.world","domain":"trustwallet-pay.world","tld":"world"},"title":"NewsTrustApp","dom":{"size":4135216,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (43049)","md5":"e062fdde7d75dbee6a68be9e5791b47f","sha1":"bd69e30a26a98d613116600f15b2ee839aaec3ea","sha256":"5085056295cdfc5c7db1bbbbd8fd0afb2aa2f25c35038f8850c237b2a7e2e0d0","sha512":"7e12cc54be05b29d68da52c06dbb551f4dcfc68f33e2777c46abc8237ab130cc0c9a7d460854bde0bf2bb4361c9ed347295ce703b5bc40b0e75388242b1e1027","ssdeep":"49152:Nl/87yRIBVtB1trovsFtD4ucAABjmI22ZHmerp4:Q","tlshash":"9e16f1739a9639afce50c60476772f1b1e0a1bdf7490201bab0ea9f503c9de725b016d","dom_hash":"domhashed90479c1cf00751c2fd70c54127e1b7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwallet-pay.world","fqdn":"trustwallet-pay.world","domain":"trustwallet-pay.world","tld":"world"},"ip":{"addr":"172.67.192.83","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T18:01:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustwallet-pay.world","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustwallet-pay.world","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwallet-pay.world","ip":{"addr":"172.67.192.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-15T11:03:57.41427Z","last_seen":"2026-06-15T11:03:57.41427Z","alert_count":2,"request_count":1,"received_data":4135904,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"WordPress:6.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-14T22:19:01.724334Z","alert_count":0,"request_count":1,"received_data":14845,"sent_data":575,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwallet-pay.world/","fqdn":"trustwallet-pay.world","domain":"trustwallet-pay.world","tld":"world"},"ip":{"addr":"172.67.192.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T18:01:08.384Z","timestamp":1781719268384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet-pay.world","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 13 Jun 2026 02:55:14 GMT","end":"Fri, 11 Sep 2026 03:52:32 GMT"},"fingerprint":{"sha1":"08:5D:32:15:DD:D9:5B:CA:9A:8C:21:3F:45:99:CF:DE:52:A9:84:3A","sha256":"F5:FD:85:6E:A7:B3:6B:91:29:D4:88:97:33:0A:73:86:0C:71:28:87:64:7B:87:03:5A:3A:5D:98:6F:0D:58:29"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-pay.world\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 18:01:08 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 13 Jun 2026 10:59:31 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2FmPvon7MWca6J%2BLMAoqoQqjEO01m8%2FtNv%2B%2Bh8Mnh9i2VwVCPY9b4JngcpkZSJaGq2tLXqo%2Fa8l9KBITSybhsij98fs%2Bgdk3UADFy%2BVos3A%2FFxpxJUMPJmhx%2BbqXq%2FndnPwcYYsFKIg%3D\"}]}\r\npriority: u=0,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0d3f533bd35c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"WordPress:6.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4135239,"size_decoded":2593686,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (43020)","md5":"ab11c984b456040f1c319dc2f15d2fc0","sha1":"0a8e4080aabffd143f4d3a6d80537510187e9bb2","sha256":"e7fa5c2e62d0fd816af55406817f7909570e7d0ee467c1ac574dc6da53619876","sha512":"b3fb1b1d72ef9306dced932b37c8517ffa50e2ac29ced194d609164b2b235738adadd46fc26dc009739b954096ae78146d29e38fa206bf06292f379631dbaa8b","ssdeep":"12288:gZ9yiBEwIOMvOJ/Yswc4FhWfF8bXUpE7xB8083b+OhweQxvrc4dlZKkKPeKzhknK:a28zhkDsPTLw2Y0b1lJv","tlshash":"2c255c67e65639afce40ca0476772f171a0b2bdf7490201b8a0fe9b543c99f725b01ad","first_seen":"2026-06-17T18:01:36.666365Z","last_seen":"2026-06-17T18:01:36.666365Z","times_seen":1,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":29,"connect":18,"send":0,"wait":79,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustwallet-pay.world","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustwallet-pay.world","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trustwallet-pay.world/","date":"2026-06-17T18:01:09.347Z","timestamp":1781719269347,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/outfit/v15/QGYyz_MVcBeNP4NjuGObqx1XmO1I4TC1O4a0Ew.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://trustwallet-pay.world\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14032\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 14 Jun 2026 11:53:22 GMT\r\nexpires: Mon, 14 Jun 2027 11:53:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 281267\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14032,"size_decoded":14845,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14032, version 1.0","md5":"23191c444b9e40528bdfc989d29560ea","sha1":"692b8f6440183da29347a7efaa8d28edbe835401","sha256":"71f028fd2349990b3f8aa643abe767e82e0f596be407ae66f0004ff164121bdb","sha512":"1b70fba5865bc46820eed5b568217b84ea2d95a9a54618f972db1509b8c240dcfca53877dadccfd0cc84d5cf2301f258b863c26363c75b272c535d01f26383c0","ssdeep":"384:cKDdP6C3g2yI0IDsjwV9yaNCa/X4aQByPgOeKo:RDdEBIYjwV95NiaQAIOVo","tlshash":"1e52cf378818622fe0a842f307768dd5c3b86ca972b56ac277d954ecc660bb8a048497","first_seen":"2025-09-06T03:13:30.388387Z","last_seen":"2026-06-28T18:03:10.629217Z","times_seen":638,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":3,"connect":31,"send":0,"wait":17,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}