{"report_id":"380f9076-1c52-4733-a401-604e4a3daf56","version":0,"status":"done","tags":[],"date":"2026-06-30T22:07:20Z","url":{"schema":"http","addr":"trustwallet.com.mu","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":0,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"trustwallet.com.mu/","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"title":"trustwallet.com.mu/","dom":{"size":20605,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18535)","md5":"80245d8fc89b206579da6839094e1820","sha1":"a70a6223d5e0064962af542b9a30623f23cafb94","sha256":"9a6b8b3925ddac9d8b226ef46f9a18cfcceefd3893fe1f0f847363246bb030f0","sha512":"7de161ff8d93b87a7c6940760c273a669b67d42b82b8be843721fe7a73bb662dba5651da49ff9bced8a43881c47e449755c9ee9620f290a2f2c4e35a523f75d6","ssdeep":"384:TrRvy4Fl+2A525tJJJJfbq3lFfXVq6ocN/O:nRvyO+2A525tJJJJ23PXVq6ocN2","tlshash":"e692d77576800e7be253cbb9fa50bb35525bf28fd2abc448f1e9456667c3e48cc021a4","dom_hash":"domhashefc2d4e45347dd9831c5fcf25fd73fa3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwallet.com.mu","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":0,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T22:07:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwallet.com.mu","ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"domain_registered":"2026-06-05","domain_rank":0,"first_seen":"2026-06-30T18:13:47.872194Z","last_seen":"2026-06-30T18:13:47.872194Z","alert_count":14,"request_count":7,"received_data":783267,"sent_data":3618,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":1,"received_data":49133,"sent_data":578,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":146540,"sent_data":1851,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/index-N4q_NRXJ.js","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0edd9e88ce4cfb77ff74771aa1a3ec2","sha1":"3abf155da540196945b37d26f48e0b3d41be071f","sha256":"947eb138e3992c3a7d07bd6cfe2146fd424111dde2ad1711f7fd44f438f0bd9a","sha512":"29fe8da55aa0c2ef2efec635d70a9fe6f874de8e1d3bba9f071477047214f1e900f69da1ea4fd2ab6adf84d57c184c50fa7d813efe559ae8d66cce60dc19ff76","ssdeep":"6144:kZDH8Gg5Bqvtljrks0U8iKZVHTRv+ECwgQ:Wzjv0U8iKZFMEfl","tlshash":"c8747dd83096b6b9abb746e2503f810bb23d1912a40d8450f03ced697b75506a1bbffd","size":340698,"data":"","first_seen":"2026-06-30T18:13:51.903168Z","last_seen":"2026-06-30T22:07:22.451335Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/1764153423843-bea3ba64-f3af-4d28-bc61-9e0dd0e4b6d0.png","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:56.838Z","timestamp":1782857216838,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /assets/1764153423843-bea3ba64-f3af-4d28-bc61-9e0dd0e4b6d0.png HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:56 GMT\r\nContent-Type: image/png\r\nContent-Length: 4848\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:41 GMT\r\nETag: W/\"12f0-19f155b1ea8\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4848,"size_decoded":5159,"mime_type":"image/png","magic":"PNG image data, 428 x 186, 8-bit/color RGBA, non-interlaced","md5":"cba46742f6056746ba4ccaa3e851b267","sha1":"c7e54e94d60ca8c4c3483d5b71a253c58ec1bbb1","sha256":"de1f3e538f61765f9ae33d9b5e981c7c596d2a0bce0c45e6dda0ae9e77d3939a","sha512":"031a487ea93ad717e52e1f5d6be5f6eb8b1c5bbc8208abce54724877996a25bede7238db3f5f637c9a5ac3312d5a87628834efc7444ad5d1ae1664620666a28a","ssdeep":"96:zyQDGat99GRRg84a1cfspGQpsmVlMIMpQtY:ztDGOKRq84Wvc2lMbQ+","tlshash":"08a13a813003bb5c33cf116271e7331ad9a74bc2f64b67d9862b9695902ad5281e92ee","first_seen":"2026-01-11T05:40:38.23138Z","last_seen":"2026-06-30T22:07:22.447664Z","times_seen":3,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/Screenshot%202025-11-26%20102646_1764152825862-vbkK8qC3.png","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:56.842Z","timestamp":1782857216842,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /assets/Screenshot%202025-11-26%20102646_1764152825862-vbkK8qC3.png HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 79706\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:37 GMT\r\nETag: W/\"1375a-19f155b0f08\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":79706,"size_decoded":80019,"mime_type":"image/png","magic":"PNG image data, 683 x 628, 8-bit/color RGBA, non-interlaced","md5":"f5fcff10afee3da7553952e852f2d800","sha1":"652b67a29a9a4595f11efb6f57f8a4319713e130","sha256":"2413858884865b16727acf47bc88cae2d4205c9d476080099e8bd46e2e47dcb2","sha512":"4b05fc11be266fb7c369d694e6712fbbb1d5d844bb9643d163cccba3dc14933fc594481355f4995638b85665b23cda00da05c30f96f368919146f5644ec6ef0e","ssdeep":"1536:06OZqZOU+lU89lYJ9RJGVdLPREm9R7jMQnW14D+tuj4h/V1G:0uV+CkYGdTR9XXWY+YjCe","tlshash":"50730240e66d33efa94a213b4e494fee0d3d512cb611d2250278d3526ad26b3be20cbd","first_seen":"2026-01-11T05:40:38.229883Z","last_seen":"2026-06-30T22:07:22.448873Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1204,"timings":{"blocked":0,"dns":0,"connect":214,"send":0,"wait":435,"receive":339,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:56.863Z","timestamp":1782857216863,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://trustwallet.com.mu\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Jun 2026 18:12:11 GMT\r\nexpires: Sat, 26 Jun 2027 18:12:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 359685\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48320,"size_decoded":49133,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-07-01T07:20:30.394964Z","times_seen":297218,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":33,"send":0,"wait":17,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/favicon.png","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:57.268Z","timestamp":1782857217268,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:57 GMT\r\nContent-Type: image/png\r\nContent-Length: 1145\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:36 GMT\r\nETag: W/\"479-19f155b0b20\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1145,"size_decoded":1455,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"ed6740d90cd839744d48523d4991a6f7","sha1":"a8e4f5b4d7be660dc6f5279389a88b0c95f5f21d","sha256":"b6acb73abb0b7e8e808d72c016e81d97860bc7e7e0eb4f06ff76ba1d16a5b04f","sha512":"d22ab125bfc6197c15d72e5119e6621e82dc0f841fde4510406ef791e0b311826c9d2d80f39230ab3f64f27750cd6da26ebd8180e455cd9a430601e386f38faa","ssdeep":"","tlshash":"6d21c64ff321e8628d9d9892290397640c11ebd0bd49308f480a5ff17572ab0878e654","first_seen":"2025-10-27T15:21:57.79985Z","last_seen":"2026-07-01T03:51:15.865892Z","times_seen":267,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/index-N4q_NRXJ.js","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:55.490Z","timestamp":1782857215490,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /assets/index-N4q_NRXJ.js HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:55 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 340698\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:41 GMT\r\nETag: W/\"532da-19f155b1ea8\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":340698,"size_decoded":341040,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (37527)","md5":"f0edd9e88ce4cfb77ff74771aa1a3ec2","sha1":"3abf155da540196945b37d26f48e0b3d41be071f","sha256":"947eb138e3992c3a7d07bd6cfe2146fd424111dde2ad1711f7fd44f438f0bd9a","sha512":"29fe8da55aa0c2ef2efec635d70a9fe6f874de8e1d3bba9f071477047214f1e900f69da1ea4fd2ab6adf84d57c184c50fa7d813efe559ae8d66cce60dc19ff76","ssdeep":"6144:kZDH8Gg5Bqvtljrks0U8iKZVHTRv+ECwgQ:Wzjv0U8iKZFMEfl","tlshash":"c8747dd83096b6b9abb746e2503f810bb23d1912a40d8450f03ced697b75506a1bbffd","first_seen":"2026-06-30T18:13:51.903168Z","last_seen":"2026-06-30T22:07:22.451335Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":880,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/index-D9-nphyv.css","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:55.492Z","timestamp":1782857215492,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /assets/index-D9-nphyv.css HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:55 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nContent-Length: 74194\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:41 GMT\r\nETag: W/\"121d2-19f155b1ea8\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":74194,"size_decoded":74521,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0a020371a5bc5a910d3a1044730cabcd","sha1":"1180f00fc55d6e9b788cb979ef874468ec8d665e","sha256":"a45282b7c4dac743bce236dedcef91f9bd355eabaf9e83ac675ebfc6841d841d","sha512":"fe321495a3b52b22fa27f0f9f2abcc5025e80f39c1babef1668d1134e7bc791faa3f3f8e76ff25469f23f4dff17a8e2401cbea44ac9e29c4c654327361e18648","ssdeep":"1536:wofh+AVYvw8cUOeGpfC378VQZkt5FxPbJhQ:wofh+AOw8cUOeGpfC378VQZkt5Fh1hQ","tlshash":"8d73872db919503e3d6790f8d38cbaaca10af1c0de3e05e6bd96413166c33f25da7658","first_seen":"2026-01-11T05:40:38.23459Z","last_seen":"2026-06-30T22:07:22.452326Z","times_seen":3,"resource_available":false,"data":null}},"time_used":739,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":430,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/assets/Screenshot%202025-11-26%20102605_1764152785435-Ch3c3WPl.png","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:56.840Z","timestamp":1782857216840,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET /assets/Screenshot%202025-11-26%20102605_1764152785435-Ch3c3WPl.png HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:56 GMT\r\nContent-Type: image/png\r\nContent-Length: 278417\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:38 GMT\r\nETag: W/\"43f91-19f155b12f0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":278417,"size_decoded":278731,"mime_type":"image/png","magic":"PNG image data, 1237 x 914, 8-bit/color RGBA, non-interlaced","md5":"78c6adad7a754029a375412b75ad917b","sha1":"8ae013f7a11e71ae586e6d533f53a43e2931b763","sha256":"b94cd4256d1b4a144177f00214c1547ff7ac9174d0b7c7ab93b2a42bdc8c01a3","sha512":"c3f2729811435e7d511364da85f356a8297af54bdb7d10473fcfa572496543da0bbf871b0fe10b0290d5a19f742fb8d357e5e9eadc1176e523ab2a6109f770ed","ssdeep":"6144:Ou9U7MMB0DtZPxhVrHXLJu7LN1G1uHirCwkObsN6Lc++41TKbXxKipT:OgU7MU0hbXtUi1PuwkOb2Sc+lBKbXx/T","tlshash":"224413975ca7ed84ce0f2d2d26b75d41273688d439b96df1b936102cc9cca11b43a1af","first_seen":"2026-01-11T05:40:38.235705Z","last_seen":"2026-06-30T22:07:22.453277Z","times_seen":3,"resource_available":false,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":461,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.com.mu/","fqdn":"trustwallet.com.mu","domain":"trustwallet.com.mu","tld":"com.mu"},"ip":{"addr":"108.165.147.28","port":443,"asn":398395,"as":"DOT-TECH-LLC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T22:06:53.547Z","timestamp":1782857213547,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet.com.mu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 20:59:00 GMT","end":"Sun, 27 Sep 2026 20:58:59 GMT"},"fingerprint":{"sha1":"C0:F3:28:C9:EB:6F:BD:51:02:01:ED:E7:18:4D:95:41:14:51:A2:AD","sha256":"E2:14:06:EC:07:B3:0F:F0:68:AA:82:5C:CA:B3:42:8B:BF:52:89:86:DB:47:7D:5E:60:BF:A6:E2:A2:5B:87:0F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet.com.mu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 30 Jun 2026 22:06:54 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nCache-Control: public, max-age=0\r\nLast-Modified: Mon, 29 Jun 2026 21:48:35 GMT\r\nETag: W/\"7d9-19f155b0738\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2009,"size_decoded":1176,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1432)","md5":"1ae30e7b36297b785a3ad9c435ef5039","sha1":"5c02299bf65c6d36774570cbda1e4770a6a572cc","sha256":"6b73190838178c8a68a2046b42f1a1835b5306044354e6590afc0d2cb2afdbe9","sha512":"ab62554f9d04e5267d23611b79552fd4f86d72b24ca9b2cee52de2e2ef6a0f8e25947154a68374c6bdaaca81b39c78cb65b5c16005c01ee6e2d8293e8240d0af","ssdeep":"","tlshash":"9a415bdf894b48a67020b179b8a1be17040ab48f5bf998a0b493e857cdc97ccc853e18","first_seen":"2026-06-30T18:13:51.90234Z","last_seen":"2026-06-30T22:07:22.454202Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1468,"timings":{"blocked":-1,"dns":419,"connect":274,"send":0,"wait":267,"receive":0,"ssl":508},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallet.com.mu","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Architects+Daughter\u0026family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026family=Fira+Code:wght@300..700\u0026family=Geist+Mono:wght@100..900\u0026family=Geist:wght@100..900\u0026family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700\u0026family=IBM+Plex+Sans:ital,wght@0,100..700;1,100..700\u0026family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=JetBrains+Mono:ital,wght@0,100..800;1,100..800\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026family=Lora:ital,wght@0,400..700;1,400..700\u0026family=Merriweather:ital,opsz,wght@0,18..144,300..900;1,18..144,300..900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Open+Sans:ital,wght@0,300..800;1,300..800\u0026family=Outfit:wght@100..900\u0026family=Oxanium:wght@200..800\u0026family=Playfair+Display:ital,wght@0,400..900;1,400..900\u0026family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026family=Roboto+Mono:ital,wght@0,100..700;1,100..700\u0026family=Roboto:ital,wght@0,100..900;1,100..900\u0026family=Source+Code+Pro:ital,wght@0,200..900;1,200..900\u0026family=Source+Serif+4:ital,opsz,wght@0,8..60,200..900;1,8..60,200..900\u0026family=Space+Grotesk:wght@300..700\u0026family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trustwallet.com.mu/","date":"2026-06-30T22:06:55.488Z","timestamp":1782857215488,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Architects+Daughter\u0026family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026family=Fira+Code:wght@300..700\u0026family=Geist+Mono:wght@100..900\u0026family=Geist:wght@100..900\u0026family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700\u0026family=IBM+Plex+Sans:ital,wght@0,100..700;1,100..700\u0026family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=JetBrains+Mono:ital,wght@0,100..800;1,100..800\u0026family=Libre+Baskerville:ital,wght@0,400;0,700;1,400\u0026family=Lora:ital,wght@0,400..700;1,400..700\u0026family=Merriweather:ital,opsz,wght@0,18..144,300..900;1,18..144,300..900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Open+Sans:ital,wght@0,300..800;1,300..800\u0026family=Outfit:wght@100..900\u0026family=Oxanium:wght@200..800\u0026family=Playfair+Display:ital,wght@0,400..900;1,400..900\u0026family=Plus+Jakarta+Sans:ital,wght@0,200..800;1,200..800\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026family=Roboto+Mono:ital,wght@0,100..700;1,100..700\u0026family=Roboto:ital,wght@0,100..900;1,100..900\u0026family=Source+Code+Pro:ital,wght@0,200..900;1,200..900\u0026family=Source+Serif+4:ital,opsz,wght@0,8..60,200..900;1,8..60,200..900\u0026family=Space+Grotesk:wght@300..700\u0026family=Space+Mono:ital,wght@0,400;0,700;1,400;1,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.com.mu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 30 Jun 2026 22:06:55 GMT\r\ndate: Tue, 30 Jun 2026 22:06:55 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":145856,"size_decoded":8135,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"194d9b4264ae31301c9ddcebe7065ca4","sha1":"bc9e7d59e1021aaf4915478b6a459f2ece1dd060","sha256":"82fd0d181927fff9a997dcd3b61fc25d4df92e3bdf91f33bfd01a85b6b2ddf1a","sha512":"73f5e8fce63b94fb920634148e6eaa75736473b467c07e4eb3e9345f60d4fa2b64fd750bbcb25cffce3e06b10b9bbd661bea08826580ca24c5585fa9ec683073","ssdeep":"768:CtFCevmEAr+gCS5xFJNGo6n3wafwe0utoEA3mknCiFyg2UfIUk+H00YNRYj7V3Et:5VXPNo6mACNqHvDyWNpQ9","tlshash":"efe31e91042b9004eb831cc233cfbe36ee4ea2657444d579affe1d99ac9bc265364b1d","first_seen":"2026-06-09T04:03:47.231468Z","last_seen":"2026-07-01T02:34:51.358999Z","times_seen":49,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":61,"send":0,"wait":78,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
