{"report_id":"4879e852-ea94-434e-a74b-c701dfaebea2","version":6,"status":"done","tags":[],"date":"2026-04-28T13:44:17Z","url":{"schema":"http","addr":"trumpcoinclaim.com","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"title":"TRUMP","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trumpcoinclaim.com","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:44:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"trumpcoinclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":9481,"sent_data":557,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"trumpcoinclaim.com","ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":16244044,"sent_data":1314,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Wix","description":"Wix provides cloud-based web development services, allowing users to create HTML5 websites and mobile sites.","website":"https://www.wix.com","common_platform_enumeration":"","icon":"Wix.svg","categories":["CMS","Blogs"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"12110d86857896af6a22c03536c323b8","sha1":"415677d64d8cae00cfba74f154ddb33917a8ff95","sha256":"31870bc714544600668e5d90093a4d5e80a6ad559d78ce5ea6a6438437908c1d","sha512":"9ae0b34900ed37134824302d97bb1adc2517d693b7410cd33bbeec84b305f10049d35b2348a87ad88268c9731b38ae29885b5cc840cf1cee9f9203a4a36ddeb6","ssdeep":"","tlshash":"bf1197a563f36a75327f223ac317a2843134644b2112dd69364d42b44fa03180adb5eb","size":1060,"data":"","first_seen":"2026-04-28T13:44:25.836206Z","last_seen":"2026-04-28T14:11:02.604244Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c76e8c0159c1410c0172f9368243a29a","sha1":"339427d74aa4799e77a5be05a96013483f314008","sha256":"efd4c55b995cee6c5494fc1abe7de5706149becd2318536e8a5bc3dac084ea5f","sha512":"0b9dd98f037a834edf1ab8d0deb210599737307b64196c9a30674fa94e621b2ced4c80a09b27e99593a8e3e714e20c4bba9f5e429dd6a724c76b9b8501dcd9b6","ssdeep":"","tlshash":"fde02b286e5611fd26b33591c71f7240e86400735081d801fe1cf68a4fc0f1934b5fca","size":318,"data":"","first_seen":"2025-08-28T21:25:30.200382Z","last_seen":"2026-04-28T14:11:02.606013Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a151aaf2b05ec8bfdb8f677e3f5a2be2","sha1":"a146ef071375bced21638701d789224c6bb3c370","sha256":"47eec114a5bc2eb861bdff0439c2c3167f67fa89989a5252db5a76f6fe6ed93b","sha512":"b572b74962f1e3a487ab5c86505d8d81daa94be6506116e64e625f1560c31c9af3bd2ede5c323cb0d6fd8a1440c0ac6819680dfb44d337e288cf41fcc50de636","ssdeep":"","tlshash":"88d02ea82e96133823732120831f928037e48043a0e0f8023a1ce2c64fe1a1000bf5db","size":291,"data":"","first_seen":"2025-08-28T21:25:30.207116Z","last_seen":"2026-04-28T14:11:02.609584Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-05-02T11:31:09.629458Z","times_seen":637820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"290f2693531b75e4376c03efb2e445ba","sha1":"b7d99187eb7703bdc3e0d91432b1e6108b57bca5","sha256":"b2464a6e184f8e48f9dd9b02483cf8f9a049eb5ddf47bc900d570fe387613ae6","sha512":"13b68e7b1f8f4e9278ab87f46f2f9d12a9c7a48351d18265afce4d59c501c11bc510195ba10aeaf6c5c17cfd996a9ce4c639c162752cf6ea4b026e5fd6875e4d","ssdeep":"","tlshash":"5fe0863935761574097b986fc74b934b7da2141b5001e8167d4c914b0fa4f1034e6599","size":350,"data":"","first_seen":"2025-03-07T16:16:50.325983Z","last_seen":"2026-04-28T13:44:25.846219Z","times_seen":210,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b07daa08bf24faa035a1c99549549ab4","sha1":"da4341482d492bf108436daca5450122e398c941","sha256":"8444f6ff9e8a4c132ddfa2d9003dae3604f70bdca0ccefd340466bcb6b5ba7d0","sha512":"4f91ff7cb6817c9ce47d1144b57760b281e356e2783fafc195aebe85dc4224af6b2e83e003445ef0caa346d244b84dae9c237d7c918c3e9b08ef135f2fc2fad6","ssdeep":"","tlshash":"88b09b055691c3341544251251a93616619795530c55d402de95830e9f1dd53d0716dd","size":123,"data":"","first_seen":"2026-04-28T13:44:25.847691Z","last_seen":"2026-04-28T13:44:25.847691Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-05-02T11:31:54.062598Z","times_seen":215546,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/bundle.js","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01564af4c1afd0a8da1f997c6cead18b","sha1":"777f75a3923dd7ddca5100626141031093c0a3ca","sha256":"64212740aead9ceb4ead54b787235cd6c2e13717039bb4525ad8404572c5438a","sha512":"f63aff09dcf96dec0eab0db1bfad752148f77047617bccd8b31a60a49800754b756e864a9c0353367beecf80da039ba6980ba162e591a0a1b2e6d008a54d7c86","ssdeep":"49152:S7AVG6Odpzxhiy1VgjGACGBrsAiYHn5xRoQAdjHa8wmfHPczHwZWQNrIQ+UMtQJw:zr","tlshash":"5f66825132c05847a30b9fbb7713b0e1e5053d5e764908abf2187c68fa9a533eee5632","size":6974698,"data":"","first_seen":"2026-04-28T13:44:25.851489Z","last_seen":"2026-04-28T14:11:02.607507Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trumpcoinclaim.com/bundle.js","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trumpcoinclaim.com/","date":"2026-04-28T13:43:52.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trumpcoinclaim.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 19:56:37 GMT","end":"Sun, 19 Jul 2026 19:56:36 GMT"},"fingerprint":{"sha1":"06:53:16:9F:EC:60:01:E4:11:F7:05:C1:1D:3C:9C:AF:FA:3E:7B:36","sha256":"01:C7:51:09:DB:E3:BE:11:26:7F:D0:F2:6C:34:63:09:02:73:AD:3F:1F:02:2E:DD:FA:E9:E0:84:57:EE:0D:20"}}},"request":{"raw":"GET /bundle.js HTTP/1.1\r\nHost: trumpcoinclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trumpcoinclaim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 21659\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"bundle.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 28 Apr 2026 13:43:52 GMT\r\netag: W/\"01564af4c1afd0a8da1f997c6cead18b\"\r\nlast-modified: Tue, 28 Apr 2026 07:42:52 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::v9xw5-1777383832220-4ea4caffb745\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":6974698,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"af7beffad87cd9bd110e1116ad863170","sha1":"86feaab72fa9bfa0884d21bfde9237eae448e0ab","sha256":"930c6e97a6d0b3da764eba28cbe79c275fe7e3a6a68a8c9189d0c536327495ec","sha512":"c2c609877e53d1dde5cc76a809a9fc4377ccd969c8ea2132cbcf185bb7f23c9bf8c0311ffc1e070e7dd915395195ef9de944c1e065e01e28645e886031232f93","ssdeep":"24576:SabcAVG6Odpzxhiy1VgjhOlACGBrsAiklHenlZ473WixA5b9D25x68kMoO5AdjHh:S7AVG6Odpzxhiy1VgjGACGBrsAiYHn5S","tlshash":"6a25c74933c05847630b9bbb7713b0f1e1092c9ea589495bf3487c68eb89573eae9631","first_seen":"2026-04-28T13:44:25.825797Z","last_seen":"2026-04-28T14:11:02.599182Z","times_seen":2,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"trumpcoinclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trumpcoinclaim.com/","date":"2026-04-28T13:43:52.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trumpcoinclaim.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 19:56:37 GMT","end":"Sun, 19 Jul 2026 19:56:36 GMT"},"fingerprint":{"sha1":"06:53:16:9F:EC:60:01:E4:11:F7:05:C1:1D:3C:9C:AF:FA:3E:7B:36","sha256":"01:C7:51:09:DB:E3:BE:11:26:7F:D0:F2:6C:34:63:09:02:73:AD:3F:1F:02:2E:DD:FA:E9:E0:84:57:EE:0D:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trumpcoinclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trumpcoinclaim.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 122\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 28 Apr 2026 13:43:52 GMT\r\netag: W/\"908b5281d9549536d7e9f63f232506ab\"\r\nlast-modified: Tue, 28 Apr 2026 13:41:49 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::zdgrn-1777383832379-49de26d0f093\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Wix","description":"Wix provides cloud-based web development services, allowing users to create HTML5 websites and mobile sites.","website":"https://www.wix.com","common_platform_enumeration":"","icon":"Wix.svg","categories":["CMS","Blogs"]}],"data":{"size":4633876,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (62531)","md5":"c470d0f8a4eb8eb9732b31d2d90e5c6b","sha1":"dfc18b925a5479920202d2bb803ab28432f3cc8c","sha256":"9740699347ee7af7e313718716bbb06b039117b0dbb55df67c762d929eef0f1f","sha512":"d2cda65640c44ede9c4ff6bf3d06e16ace2a89682820017415de147656ac7f8b061402e75764477dfc2242ae0db952971a8216fafda83be3a488745fe03108df","ssdeep":"24576:QLH1l6MEvaRpQmSxPX4/nrAuMd/tLH1l6MEvaRpQmSxPX4/nrAuMd/jLH1l6MEvE:k074VMJ074VMX074/","tlshash":"a7252323cfea3c73fe4c6d44403b9f9f0462253e429e7aca1f99089b159b44a5d674b8","first_seen":"2026-04-28T13:44:25.831506Z","last_seen":"2026-04-28T14:11:02.596711Z","times_seen":2,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"trumpcoinclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trumpcoinclaim.com/","date":"2026-04-28T13:43:53.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trumpcoinclaim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 13:43:54 GMT\r\ndate: Tue, 28 Apr 2026 13:43:54 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8795,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"51955a067b2f96efe49c2412a4c8c713","sha1":"44103446803299fdae2aa9fdf4c21af4e90fe450","sha256":"2598c04bc6015e0fdad9381928b8238d997efd88a0e450042a60e9d59435f915","sha512":"ca70f49f25ca02d0491518a04e3fdd3c9cb9d35a573ecae94d1bf8fe184ee1ceb53b623b4ba9bf2faf7ee4e321d30fb57954326ac064cdd7605b031355ef680b","ssdeep":"192:vywfydyGy63gy/yFVyR73xpmj3U8fHiyYwyNFyuy3uySRk73vO6u8:vtfcHjg8ciIShwCFnbL8B","tlshash":"2002ff91056be504ea431cc627cf7e369e8e62667081d1797ffe2cd9aceac22132475c","first_seen":"2025-09-11T02:59:26.857486Z","last_seen":"2026-05-02T01:27:57.365646Z","times_seen":805,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":79,"dns":1,"connect":8,"send":0,"wait":22,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trumpcoinclaim.com/","fqdn":"trumpcoinclaim.com","domain":"trumpcoinclaim.com","tld":"com"},"ip":{"addr":"216.198.79.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:43:51.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trumpcoinclaim.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 19:56:37 GMT","end":"Sun, 19 Jul 2026 19:56:36 GMT"},"fingerprint":{"sha1":"06:53:16:9F:EC:60:01:E4:11:F7:05:C1:1D:3C:9C:AF:FA:3E:7B:36","sha256":"01:C7:51:09:DB:E3:BE:11:26:7F:D0:F2:6C:34:63:09:02:73:AD:3F:1F:02:2E:DD:FA:E9:E0:84:57:EE:0D:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trumpcoinclaim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 122\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 28 Apr 2026 13:43:51 GMT\r\netag: W/\"908b5281d9549536d7e9f63f232506ab\"\r\nlast-modified: Tue, 28 Apr 2026 13:41:49 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::bhmt9-1777383831946-f86718151094\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Wix","description":"Wix provides cloud-based web development services, allowing users to create HTML5 websites and mobile sites.","website":"https://www.wix.com","common_platform_enumeration":"","icon":"Wix.svg","categories":["CMS","Blogs"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":4633876,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (62531)","md5":"c470d0f8a4eb8eb9732b31d2d90e5c6b","sha1":"dfc18b925a5479920202d2bb803ab28432f3cc8c","sha256":"9740699347ee7af7e313718716bbb06b039117b0dbb55df67c762d929eef0f1f","sha512":"d2cda65640c44ede9c4ff6bf3d06e16ace2a89682820017415de147656ac7f8b061402e75764477dfc2242ae0db952971a8216fafda83be3a488745fe03108df","ssdeep":"24576:QLH1l6MEvaRpQmSxPX4/nrAuMd/tLH1l6MEvaRpQmSxPX4/nrAuMd/jLH1l6MEvE:k074VMJ074VMX074/","tlshash":"a7252323cfea3c73fe4c6d44403b9f9f0462253e429e7aca1f99089b159b44a5d674b8","first_seen":"2026-04-28T13:44:25.831506Z","last_seen":"2026-04-28T14:11:02.596711Z","times_seen":2,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":73,"dns":47,"connect":1,"send":0,"wait":10,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"trumpcoinclaim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}