{"report_id":"4d15d98b-361d-4b29-bdc9-ddf4ec10cc1c","version":0,"status":"done","tags":[],"date":"2026-06-17T14:45:55Z","url":{"schema":"http","addr":"bluwalletdesktop.io","fqdn":"bluwalletdesktop.io","domain":"bluwalletdesktop.io","tld":"io"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"bluwalletdesktop.io/","fqdn":"bluwalletdesktop.io","domain":"bluwalletdesktop.io","tld":"io"},"title":"BlueWallet for Windows — Desktop Bitcoin Wallet","dom":{"size":4214592,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (50679)","md5":"a941fc9b978ed66b06a7108dc0a7248a","sha1":"59a5c54be9da257db6d88ac00bafd708577dfd2b","sha256":"234578a5bf7b681d81c3d0e034252f3ef2f458a454bc8a1f93896e4f4acd620d","sha512":"b22a4dacdf74027a3daa2181b59062d04b97db5cd4f228a7305db03604529937ae286c57372c408cd185985d3fdf00c5845c6292ddb1a88b25dc850e260ec9b8","ssdeep":"49152:/oCyli8hQlEiQqCIsgJ8d73lrDKd9te2W/iB:7","tlshash":"a51612ba4f37bfdd201813e8320132a59c9881fba141d1d1fbece569eda8c21b556e74","dom_hash":"domhashb65465df821a5b1fbe8073c2c26a0c0c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bluwalletdesktop.io","fqdn":"bluwalletdesktop.io","domain":"bluwalletdesktop.io","tld":"io"},"ip":{"addr":"91.92.241.250","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T14:45:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"bluwalletdesktop.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"bluwalletdesktop.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bluwalletdesktop.io","ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-12","domain_rank":0,"first_seen":"2026-06-16T07:43:53.124959Z","last_seen":"2026-06-16T07:43:53.124959Z","alert_count":2,"request_count":1,"received_data":4214948,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bluwalletdesktop.io/","fqdn":"bluwalletdesktop.io","domain":"bluwalletdesktop.io","tld":"io"},"ip":{"addr":"91.92.241.250","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T14:45:28.260Z","timestamp":1781707528260,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluwalletdesktop.io","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:22:31 GMT","end":"Thu, 10 Sep 2026 13:22:30 GMT"},"fingerprint":{"sha1":"65:46:FD:43:56:67:62:39:57:1E:45:7E:D5:F1:63:63:26:D8:F2:BE","sha256":"74:C0:77:78:78:2F:9E:A0:7D:9D:1F:56:F3:77:81:58:08:DB:06:55:35:40:FF:91:F0:29:0D:7E:EF:B7:62:56"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bluwalletdesktop.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncontent-encoding: zstd\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 14:45:28 GMT\r\netag: \"6a2ff456-404f97\"\r\nlast-modified: Mon, 15 Jun 2026 12:47:18 GMT\r\nserver: nginx/1.31.1\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.31.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4214679,"size_decoded":4184218,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (50628)","md5":"6e7e2e7fa27cf2a816a49b5b1fd4f6d9","sha1":"a68b32577cd0f505a38e707d1c3c962c994eb5f6","sha256":"bc8c53975f4f2d4408bc9cc82cd1a8caf2ec0b06bd12b3819a113baeb40b7310","sha512":"f55990725ac3a5000f9deb2c60d2b7889708d9ebee018eb38c5c67d1f688768687deb1803d39a206be97f8cb01c4473d574893c088b291762225222ce3df6b52","ssdeep":"24576:2fD5F5S8RBZpYancn9DR/B+3p294Ybxxu9uZmJ:eoCyli8hQJ","tlshash":"152502fa4f37bfce101523a4320631959c9cc1a79585c0d1fbece55aefb8c216992ab4","first_seen":"2026-06-16T07:43:57.361317Z","last_seen":"2026-06-17T14:45:57.798749Z","times_seen":2,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":287,"connect":59,"send":0,"wait":68,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"bluwalletdesktop.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"bluwalletdesktop.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}