{"report_id":"491b1d44-5e54-435b-bb82-cb9ad540a628","version":0,"status":"done","tags":[],"date":"2026-06-30T21:38:11Z","url":{"schema":"http","addr":"begin-startezrio-en-us.wasmer.app","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"begin-startezrio-en-us.wasmer.app/","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"title":"Trezor.io/start (Official) | Set up your #Trezor™","dom":{"size":13147,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (437)","md5":"17e9e875606536dfc2c83434088d309f","sha1":"b18dbe0d6357496f53753dbd9946888262518882","sha256":"57be73a4677587aa74439aaddb864df97b87ef22d1ac0e3c9cf462713216368c","sha512":"3d15d206a92a7c73f58cc27fe40fcbdda53c299358b6afe7970fb7785df17f0518078a5efa33f766b145d8f847b515e74aac69e8559d94fd86cbb4bfba39aa33","ssdeep":"192:/d9CBmFhkkscAns6y1Jj2Q1fWzFdryjU2QEcg6iU5p7cMwYgkBWDXAwy:G0Kksc91BjQW7y","tlshash":"3a426226f3f8261521d58211f494dbda7f028537d32d0aa93ead513eff486a589332ce","dom_hash":"domhashcf642d048f711616dc8d66b2c55579f4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"begin-startezrio-en-us.wasmer.app","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T21:38:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"begin-startezrio-en-us.wasmer.app","ip":{"addr":"5.78.31.66","port":443,"asn":212317,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"domain_registered":"2018-10-16","domain_rank":0,"first_seen":"2026-06-30T06:19:56.249608Z","last_seen":"2026-06-30T06:19:56.249609Z","alert_count":12,"request_count":3,"received_data":75882,"sent_data":1589,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"begin-startezrio-en-us.wasmer.app/fav.png","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"5.78.31.66","port":443,"asn":212317,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://begin-startezrio-en-us.wasmer.app/","date":"2026-06-30T21:37:48.700Z","timestamp":1782855468700,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 14:06:07 GMT","end":"Sun, 13 Sep 2026 14:06:06 GMT"},"fingerprint":{"sha1":"8B:BD:8F:CC:1E:76:7E:9C:C5:BC:79:F4:B6:04:88:E6:13:B8:A4:F6","sha256":"70:74:22:12:F4:2B:37:8A:77:CB:11:E7:BD:AE:E7:46:7D:FF:8B:F3:89:15:EA:70:46:E7:24:1C:7C:4F:3B:4D"}}},"request":{"raw":"GET /fav.png HTTP/1.1\r\nHost: begin-startezrio-en-us.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://begin-startezrio-en-us.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-type: text/html; charset=utf-8\r\nvary: accept-encoding\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=31536000\r\nx-edge-app-version-id: dav_nBBIbtrujZqx\r\ndate: Tue, 30 Jun 2026 21:37:48 GMT\r\nx-wasmer-request-id: 62d4da3f-27a8-4bfe-9be0-0292b644258a\r\nx-edge-rty: w\r\nx-edge-region: us-hillsboro\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":106,"size_decoded":460,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"cc221d6890f368d414766944cdc43e2b","sha1":"e320bfb9b1c95d61b5957cb556e5d8aced00c47f","sha256":"10c24a13a79068ea3e92c12e39ad5cb07675f9fce84276e54fb9d7e76ca6b0e9","sha512":"f7c134b3053f3a5cfa5f8b77aebdc5a54a421694cbde764ea987867afb945213083628a9ae2cf7084be2478cd7c3999855051769a5af313021d13bff9ae37d10","ssdeep":"","tlshash":"46b012ac6073714dda1330e05bc33581e48e833bbca784211c405457a0cd1bec4c23de","first_seen":"2023-07-01T19:42:45Z","last_seen":"2026-06-30T21:38:11.539781Z","times_seen":480,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"begin-startezrio-en-us.wasmer.app/","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"5.78.31.66","port":443,"asn":212317,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T21:37:47.336Z","timestamp":1782855467336,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 14:06:07 GMT","end":"Sun, 13 Sep 2026 14:06:06 GMT"},"fingerprint":{"sha1":"8B:BD:8F:CC:1E:76:7E:9C:C5:BC:79:F4:B6:04:88:E6:13:B8:A4:F6","sha256":"70:74:22:12:F4:2B:37:8A:77:CB:11:E7:BD:AE:E7:46:7D:FF:8B:F3:89:15:EA:70:46:E7:24:1C:7C:4F:3B:4D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: begin-startezrio-en-us.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nvary: accept-encoding\r\ncontent-type: text/html\r\naccept-ranges: bytes\r\nlast-modified: Thu, 11 Dec 2025 11:36:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: public, max-age=86400\r\nx-edge-app-version-id: dav_nBBIbtrujZqx\r\ndate: Tue, 30 Jun 2026 21:37:48 GMT\r\nx-wasmer-request-id: 61656753-f9ea-411f-902d-c698bb7771fa\r\nx-edge-rty: w\r\nx-edge-region: us-hillsboro\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":13377,"size_decoded":4826,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (437), with CRLF line terminators","md5":"90135b562cb9cf4e79f2cf83bb9d3a22","sha1":"093b9c9c84af2636f66779ee8252bec5283697f3","sha256":"610099037b4bc751ca3fdaffa061a74c72354c91ca95729b41c9d356ce8c175f","sha512":"b2ffeb7ab7ad74f2b264524f77ec66b2acbb9970d2d3a3ab89b82d51519d6553ff3e2b6bdad18be74a327d4b6952cf1a6b0beaa79ac1de3f2d59e74cf04cb5a6","ssdeep":"192:edyccmS7MkEcAnIB2CPrmvKuvUfqcTtNUZPHPBpDEUW3HnGBkCWuA6w7:Uo4kEcaCDA1Wr7","tlshash":"b5526326e3d83a1421b64114e444dbdaff128177d35a0ab57eae523bbf3866485333cd","first_seen":"2026-06-30T06:19:58.683583Z","last_seen":"2026-06-30T21:38:11.542104Z","times_seen":3,"resource_available":true,"data":null}},"time_used":977,"timings":{"blocked":-1,"dns":98,"connect":214,"send":0,"wait":253,"receive":0,"ssl":412},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"begin-startezrio-en-us.wasmer.app/Trezor%20io.png","fqdn":"begin-startezrio-en-us.wasmer.app","domain":"begin-startezrio-en-us.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"5.78.31.66","port":443,"asn":212317,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://begin-startezrio-en-us.wasmer.app/","date":"2026-06-30T21:37:48.583Z","timestamp":1782855468583,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Jun 2026 14:06:07 GMT","end":"Sun, 13 Sep 2026 14:06:06 GMT"},"fingerprint":{"sha1":"8B:BD:8F:CC:1E:76:7E:9C:C5:BC:79:F4:B6:04:88:E6:13:B8:A4:F6","sha256":"70:74:22:12:F4:2B:37:8A:77:CB:11:E7:BD:AE:E7:46:7D:FF:8B:F3:89:15:EA:70:46:E7:24:1C:7C:4F:3B:4D"}}},"request":{"raw":"GET /Trezor%20io.png HTTP/1.1\r\nHost: begin-startezrio-en-us.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://begin-startezrio-en-us.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-length: 61243\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\nlast-modified: Thu, 11 Dec 2025 11:36:00 GMT\r\nvary: accept-encoding\r\ncache-control: public, max-age=31536000\r\ndate: Tue, 30 Jun 2026 21:37:48 GMT\r\nx-wasmer-request-id: 8a692219-9d7f-4775-9458-95c66a313281\r\nx-edge-rty: w\r\nx-edge-region: us-hillsboro\r\nx-edge-app-version-id: dav_nBBIbtrujZqx\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":61243,"size_decoded":61639,"mime_type":"image/png","magic":"PNG image data, 1352 x 569, 8-bit/color RGBA, non-interlaced","md5":"e9ab998b9c51d159f518de592535d0f1","sha1":"49ff58ace97602b671503ab8e67ce1390e14e980","sha256":"797cd1352e9f5b9ee5bda538efc58310eb92da1e588297b4ce3fa2d222af3a8b","sha512":"cf1b0f0f5c262e5450fd50165a28c1e580407a2e482f686ee1ad4734ae3a01932cb910ee1dd74d4aa530ab0f1d0578d5668d351372f1973acd2cdb5f358a2d5f","ssdeep":"1536:+ycCrl3flhNjAlTe7UqOPjBnJilejkOvd2+mCeWX:+yZrVBI2KjBnJv4Ok+cWX","tlshash":"eb53f1639a07f40acd6fe9b01d763a3ada391b050880eb707f7c085cd4662ba1d56737","first_seen":"2026-06-30T06:19:58.684548Z","last_seen":"2026-06-30T21:38:11.543689Z","times_seen":3,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-30","alert":"Phishing Block","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"begin-startezrio-en-us.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}
