{"report_id":"285398e6-377e-4518-888b-38c820ce6267","version":6,"status":"done","tags":[],"date":"2026-01-24T12:15:01Z","url":{"schema":"http","addr":"ripple-wallet.info","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"ip":{"addr":"172.67.156.105","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ripple-wallet.info/","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"title":"Fresh News — Mini News Site","dom":{"size":8035,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"000251cc3d6e0a6ff141d01356aaaaa9","sha1":"695c70f85fed84e87f7da5ca880da94e889a3540","sha256":"7074950529926d408b38d45f0ff0d9ed0f00f8058a6e0febe1e0824c04acaffe","sha512":"6e5eb31970aeda83210c6e78abb00c8c2f06ec108c59b05e63e990bd8282b7fa76cc2b824a3ce9b479e43de6451256f684277e4cd80645bd81460276c156e28b","ssdeep":"192:hrhMWo9oRLA2s+4ht1u2j2jDPcsjvy3s8MEyxw:hru9Wcs679YPcpcEn","tlshash":"2cf1c723d1f016725d23a0c567c22796bd515007eb83445abbbc8369dfc6eabc2b724d","dom_hash":"domhash908eadc97b28a13958ec13997117141e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ripple-wallet.info","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"ip":{"addr":"172.67.156.105","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T12:15:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"ripple-wallet.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"ripple-wallet.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"ripple-wallet.info","ip":{"addr":"172.67.156.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-24T11:07:47.591209Z","last_seen":"2026-01-24T11:07:47.591209Z","alert_count":4,"request_count":2,"received_data":7350,"sent_data":930,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ripple-wallet.info/","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"ip":{"addr":"172.67.156.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a352e2fdf3f16389778cfe0cf21e382a","sha1":"a2b4374d15be446a458435acf76d970f56aa5d0d","sha256":"8d4c5cc17f8573bc47a3547055d143de92eb453c6e0b51a34c75bb778ca67544","sha512":"11340c35abd0f5a6bad0c223df088f6a40fd0a04dab11b3fb1f8ca96bed20776187a71887084526ca6dbd4127b8038f94f5f3c850c93b01e2a785924e3133aa8","ssdeep":"","tlshash":"d5618503d5b100314e67658aa7872652b91a50477f806c5bbf5c431ecfcaeafc2bb28d","size":3321,"data":"","first_seen":"2025-10-04T17:29:37.004767Z","last_seen":"2026-02-20T14:58:22.369632Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ripple-wallet.info/","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"ip":{"addr":"172.67.156.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T12:14:40.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ripple-wallet.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 23:19:25 GMT","end":"Wed, 22 Apr 2026 00:18:06 GMT"},"fingerprint":{"sha1":"81:D9:CC:30:70:38:DD:D6:C0:95:5B:5D:53:4F:AE:29:86:38:89:BA","sha256":"10:45:7E:EE:65:83:C6:5B:2D:C9:53:50:29:5B:3C:F0:C1:F1:64:AA:58:11:52:B3:37:06:EB:EA:91:51:82:08"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ripple-wallet.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 12:14:40 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nlast-modified: Sat, 24 Jan 2026 09:10:11 GMT\r\ncf-cache-status: DYNAMIC\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bj%2F98rvRzxrn3q80b1CQYyfEUiwfkgup93Tkja08eBtNHVvT%2B2YOwoscnP8Fe0286nqC4qPVKzyT%2FeykWxxnZ7cvBfPBwmrilEnH5j15iq4vfg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c2f73af7c145ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5810,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"786c13e3f6288ce7baf72ed570bad541","sha1":"1e0175e1ea385b5a5f4cad7dc7d2535b72338cc6","sha256":"df40e2db15e09e0eb656d5ec0f697bc1f409de95c1dd5452d4683873cf29cf27","sha512":"55d53b8ed15d05073ec2370c267518d11fd690f9259540ab256dcc9ce861d972719790166c79da4f2f833956f1d4f1681f86e61d0546f816f2848d3391fd9ce0","ssdeep":"96:WjWxX69xv34ebOEvQgcHKNKAl7UVK2TgIRWr0GO3vwLuUCbdG5YswRu8MElYewZw:WjW09QpyUVK2/Wr0B3CNCZ/o8MEuw","tlshash":"34c1a513919014319e33e049b7c12686fe16511ba3810a5b7abc936b9ff3ea6c1a7a4c","first_seen":"2025-10-04T17:29:37.003445Z","last_seen":"2026-02-20T14:58:22.367417Z","times_seen":4,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":25,"dns":7,"connect":1,"send":0,"wait":120,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"ripple-wallet.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"ripple-wallet.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ripple-wallet.info/favicon.ico","fqdn":"ripple-wallet.info","domain":"ripple-wallet.info","tld":"info"},"ip":{"addr":"172.67.156.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ripple-wallet.info/","date":"2026-01-24T12:14:40.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ripple-wallet.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 21 Jan 2026 23:19:25 GMT","end":"Wed, 22 Apr 2026 00:18:06 GMT"},"fingerprint":{"sha1":"81:D9:CC:30:70:38:DD:D6:C0:95:5B:5D:53:4F:AE:29:86:38:89:BA","sha256":"10:45:7E:EE:65:83:C6:5B:2D:C9:53:50:29:5B:3C:F0:C1:F1:64:AA:58:11:52:B3:37:06:EB:EA:91:51:82:08"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ripple-wallet.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ripple-wallet.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sat, 24 Jan 2026 12:14:41 GMT\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=iso-8859-1\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2HLBcuXV4Azlc%2FZqVDboumpxVJv%2FywsTTUghvet1snY%2F3pv6qLJlXRNOZ3fG1w%2BFHgz%2Fqb%2FukLUkMHNavGJuBrSOVUYIm9YmdJ7KJboBfd9LdA%3D%3D\"}]}\r\ncf-ray: 9c2f73b1cd0cb28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a33dca20c7204c03261fdb557de8fdb5","sha1":"964b2065afebabc9cb4b4888b313ad5654e23669","sha256":"894a33b9eebc2b314054218e10a35a6d90de8652ee4a47dd29b486722e462113","sha512":"087f601ce804d1c17199ccb8d9dc0ad18cf1c1571fb834f72142c28a89005bceae1479c992adb50c93f18004f2c79d9cc502116a6b541631d3d818362096e122","ssdeep":"","tlshash":"dfd02b9f9153b3970d12159039c215d2268d12eaa42e85e82dc6d487629c53ecdda98c","first_seen":"2026-01-24T11:07:51.716788Z","last_seen":"2026-01-24T12:15:02.013795Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"ripple-wallet.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-24","alert":"Phishing Block","trigger":"ripple-wallet.info","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}