{"report_id":"4c2d1354-6f04-42c7-9834-54c4d403f121","version":6,"status":"done","tags":[],"date":"2026-04-15T06:09:07Z","url":{"schema":"https","addr":"trustwalletaml.run/","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"trustwalletaml.run/","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"title":"AML Trust Wallet","dom":{"size":31545,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25474)","md5":"e273985512da60b5c4d984f6e3223a13","sha1":"e773a7118b0dfcf4078438e14b5d472ba54ccfb9","sha256":"9e01c79831d331e199044acc4ff6c060938703920f03389af7e4e9ad5bffa7e1","sha512":"387efde934089b35bec9673be458bf43a945db7cc16f7ad366ea005060834cf3b065f18d2daacd44d2772485bef0d09e6286471c6f4d8c02946719efc3097ea9","ssdeep":"768:xGGymUhyzgXN2p+xTI33Ug1ZLpHxDQRIOUfO:J8EIaSI3PC","tlshash":"90e2da347384157d71438beaf2e5b73c627ad2abd52fd958f3bc00266b8ac598913390","dom_hash":"domhash5f714ee0e359e3064863a7ba1488e972","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trustwalletaml.run/","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T06:09:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trustwalletaml.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwalletaml.run","ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-15T06:09:08.871869Z","last_seen":"2026-04-15T06:09:08.871869Z","alert_count":4,"request_count":4,"received_data":1356364,"sent_data":1809,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trustwalletaml.run/","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f542dde5098659a368b74daa8ef3fedf","sha1":"3fedbdf10d7e48721694a530a17d982b757332e7","sha256":"2c2bb53fc7f456fa5a76374b2440f37a34bdadcd074a8617cf48bd06e3987e98","sha512":"fa86e79d34dd2ce1aacd218bce69c392f8d28c1abc323991a7b131ba11f4e64fa70959825dcdf24e71e06177951f69126d7e746361ec7a0afe34cc6317987989","ssdeep":"","tlshash":"cf8000020a00002020b0200caf0333002823803b800c80002f0882803a30b23c3002f2","size":31,"data":"","first_seen":"2025-06-16T08:47:13.658933Z","last_seen":"2026-04-17T19:32:08.479989Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalletaml.run/assets/index-Cj6_0h33.js","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c2be4c27e812cf697b7ec0b7b2363663","sha1":"1e02e16d2520bba44c1207ddbdfacaa51aa5d2f7","sha256":"3b07cfba6ccc28239fb61bd447110f6c8ce797df9bec34662bac828ff66c3d39","sha512":"dd5867b4987213e897f36eb20cec461fbec3cd17dd52938791799804bc033042facde0b1fb7773e716c899f1a2421a67a0beeaff7bcbdb356ba3fa7abdc373e0","ssdeep":"24576:nbCmXz0gCmRrRk5qeRT4BnSLy14H0gayNnp57Nm42xbn8e1X1IYExAhRgBM:nZXz0gCmRrRk8eRT4BnSLy1KHayNnp5o","tlshash":"43557d8072e5b43507a741d4647b1102f2385865700dc4a8f6acecebbfe988a967ff79","size":1303220,"data":"","first_seen":"2026-04-15T06:09:13.307101Z","last_seen":"2026-04-15T06:19:08.572581Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"trustwalletaml.run/","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T06:08:03.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalletaml.run","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 17:36:17 GMT","end":"Fri, 26 Jun 2026 17:36:16 GMT"},"fingerprint":{"sha1":"DA:06:B1:07:2C:72:C9:9B:9D:29:BE:2C:F6:88:0F:F9:16:56:49:3D","sha256":"E0:42:D3:C3:57:25:25:94:D5:27:94:5E:D7:91:B6:59:1A:AD:8B:A3:82:4E:D3:D8:00:F1:35:9E:65:9B:E9:12"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwalletaml.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nx-railway-cdn-edge: fastly/cache-hel1410024-HEL\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 15 Apr 2026 06:08:03 GMT\r\netag: \"227fad9cad8c637510ed2913516cd1e0\"\r\nlast-modified: Sun, 05 Apr 2026 16:39:26 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: IyXceEcrTg6wN2pow9P4nw\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410024-HEL\r\ncontent-length: 5164\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5164,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"aab0a4f8fbabcb1d2833dfa361e29309","sha1":"8d268d6689cefb5d084a7e2f83e1efccd38399d0","sha256":"35d71aa97405bdb4dcef6aff4712f1e186c18bd00cf0dbbd8972b35148553674","sha512":"3f5fe44853ae2420ad397f594425c52eb70940fb52a92d69640fd54fe8619a8e7b7af996e8aa7ca7cc26d28937e7f08643da0ba3302259118cc112c15f0ffa9c","ssdeep":"96:bpmBGycBUhyzngXNmxLCy+xTC9z4i4IETW9FnmM:bGGymUhyzgXN2+y+xTC9z4i4IAW9FmM","tlshash":"b8b13d45a9d326197237999f3bf7f21f2b74f2031009fd687acc206c8f1a6d9a4e0609","first_seen":"2026-04-15T06:09:13.302356Z","last_seen":"2026-04-15T06:19:08.559651Z","times_seen":2,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":285,"dns":253,"connect":13,"send":0,"wait":127,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trustwalletaml.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwalletaml.run/assets/index-Cj6_0h33.js","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwalletaml.run/","date":"2026-04-15T06:08:03.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalletaml.run","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 17:36:17 GMT","end":"Fri, 26 Jun 2026 17:36:16 GMT"},"fingerprint":{"sha1":"DA:06:B1:07:2C:72:C9:9B:9D:29:BE:2C:F6:88:0F:F9:16:56:49:3D","sha256":"E0:42:D3:C3:57:25:25:94:D5:27:94:5E:D7:91:B6:59:1A:AD:8B:A3:82:4E:D3:D8:00:F1:35:9E:65:9B:E9:12"}}},"request":{"raw":"GET /assets/index-Cj6_0h33.js HTTP/1.1\r\nHost: trustwalletaml.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalletaml.run/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nx-railway-cdn-edge: fastly/cache-hel1410024-HEL\r\ncontent-type: application/javascript\r\ndate: Wed, 15 Apr 2026 06:08:03 GMT\r\netag: \"e85d537a94feed1134870ba23bfc3e08\"\r\nlast-modified: Sun, 05 Apr 2026 16:39:26 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: Nnqu4PXKTha5IDW0ALIuDA\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410024-HEL\r\ncontent-length: 1303220\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1303220,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (49417)","md5":"fae61cedcff18dce502df262ccd057f9","sha1":"f2f7683990ae6b0dc8ed15eb327407bddefc9241","sha256":"92703727406e31d4b8bdfe233a20fe2c50bcc83d7c6df11f609e9d1279735034","sha512":"6e30e5a0484197ca89cdaa0e07a2983d7d54893f1dcc7e3a3d33ffcd587e8ae6041cf3d081de9ea5d89c51f6c46ec72bc315c0147f6a040cc8ab102fd64458ad","ssdeep":"24576:nbCmXz0gCmRrRk5qeRT4BnSLy14H0gayNnp57Nm42xbn8e1XB:nZXz0gCmRrRk8eRT4BnSLy1KHayNnp5Y","tlshash":"95257d8472e5b07503e755e4503b1102f23c9c25700d84a8f6acedeb7ea988a967ff79","first_seen":"2026-04-15T06:09:13.303373Z","last_seen":"2026-04-15T06:19:08.562527Z","times_seen":2,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trustwalletaml.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwalletaml.run/assets/index-Ce7Yde1k.css","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trustwalletaml.run/","date":"2026-04-15T06:08:03.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalletaml.run","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 17:36:17 GMT","end":"Fri, 26 Jun 2026 17:36:16 GMT"},"fingerprint":{"sha1":"DA:06:B1:07:2C:72:C9:9B:9D:29:BE:2C:F6:88:0F:F9:16:56:49:3D","sha256":"E0:42:D3:C3:57:25:25:94:D5:27:94:5E:D7:91:B6:59:1A:AD:8B:A3:82:4E:D3:D8:00:F1:35:9E:65:9B:E9:12"}}},"request":{"raw":"GET /assets/index-Ce7Yde1k.css HTTP/1.1\r\nHost: trustwalletaml.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalletaml.run/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nx-railway-cdn-edge: fastly/cache-hel1410024-HEL\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 15 Apr 2026 06:08:03 GMT\r\netag: \"0f4c6371eab747a21acb5f4689c051d4\"\r\nlast-modified: Sun, 05 Apr 2026 16:39:26 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: 1DLwE3txT1C2TVKJ7fhULg\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410024-HEL\r\ncontent-length: 44665\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44665,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (44664)","md5":"9478e429487cc5fa43d9e55e8ed8bbc1","sha1":"d47f67f075843796bbada5d44acbb49aef990d80","sha256":"137e1da27554dbac312fb0ed7eddedf7548b757937ce767c5c924ac29bcea7b7","sha512":"29b1f9f52e7c91a2c7a32b66bf69e8797db28cdf783a7c4fff9cc16afe03819f69e9ff0f80c0357e7881180ffe9625490a091db16a5d0c6be0a07d50bbb695bc","ssdeep":"384:kwNQudkbRFSjycuKLMUW2FTF/y/Hxry8iEROCX3D:Euq7AMU+xrrd","tlshash":"7713102dab54003b7c5390f9e699f9adf61bb0c0de3e5aeabc82511097d23f64c97604","first_seen":"2026-04-15T06:09:13.304336Z","last_seen":"2026-04-15T06:19:08.565158Z","times_seen":2,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trustwalletaml.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwalletaml.run/favicon.png","fqdn":"trustwalletaml.run","domain":"trustwalletaml.run","tld":"run"},"ip":{"addr":"151.101.2.15","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwalletaml.run/","date":"2026-04-15T06:08:04.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalletaml.run","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 17:36:17 GMT","end":"Fri, 26 Jun 2026 17:36:16 GMT"},"fingerprint":{"sha1":"DA:06:B1:07:2C:72:C9:9B:9D:29:BE:2C:F6:88:0F:F9:16:56:49:3D","sha256":"E0:42:D3:C3:57:25:25:94:D5:27:94:5E:D7:91:B6:59:1A:AD:8B:A3:82:4E:D3:D8:00:F1:35:9E:65:9B:E9:12"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: trustwalletaml.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalletaml.run/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nx-railway-cdn-edge: fastly/cache-hel1410024-HEL\r\ncontent-type: image/png\r\ndate: Wed, 15 Apr 2026 06:08:04 GMT\r\netag: \"ac21620bce49ed697712ebb1c659b270\"\r\nlast-modified: Sun, 05 Apr 2026 16:39:25 GMT\r\nserver: railway-edge\r\nx-railway-edge: railway/europe-west4-drams3a\r\nx-railway-request-id: hZsosHvBSxicr05xw9P4nw\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-served-by: cache-hel1410024-HEL\r\ncontent-length: 1425\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1425,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bd176ac43ca7443064eb5a0e2714b73c","sha1":"f011ad65574c1fee311566cc147f261b890fadac","sha256":"a3c7b1e1312cadccfcac02ce8e080ea5ae2a3478a3fa9aab107e6ad91cb9a0bf","sha512":"46cd6f8159d0464aa4e08466f9f9a3b57690ba015ead2c780ce1be89193e8836426a12834683778addb9af08de4fc48333101695a2276e58981037a6ce4ebc0c","ssdeep":"","tlshash":"d921e981121264b4fe0c3ba65da3f1aa666cb64d1301b43dd4304174892aed911f058f","first_seen":"2026-04-15T06:09:13.305474Z","last_seen":"2026-04-15T06:19:08.567569Z","times_seen":2,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trustwalletaml.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}