{"report_id":"786b299b-54ff-4865-b0df-b2d1c17a93e9","version":6,"status":"done","tags":[],"date":"2026-02-20T13:39:28Z","url":{"schema":"http","addr":"phantom-wallett.blogspot.hu","fqdn":"phantom-wallett.blogspot.hu","domain":"blogspot.hu","tld":"hu"},"ip":{"addr":"142.251.142.225","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"title":"Phantom Wallet - A friendly Crypto Wallet","dom":{"size":16456,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (909)","md5":"00267489380c1abadfff5bbdb65d3c63","sha1":"8578151a8ddd81328685dd2c5ef19cd74080dc30","sha256":"4bbf09590bd6bafa6af28f605ecc253b4cbf3daecff798b4b28d412c8aad74b8","sha512":"457d715d9ce9342dc626ea018ba278ac10bddf24233e187fc523341e6d829f878d08584e8b290f515e7ca09175cae3d4e16582dff0d78873cba039996c21cd46","ssdeep":"384:wdriVd6trasVWWdAyEr29L2J8g8yF0h2OVKfWeRu1k:wdrIYrvkWdFEr29Lq87h2OAfWeRu1k","tlshash":"c3729527e3865a23053240dee57f93e54646c168d3528f94637ec2bebdcd8b03a652ce","dom_hash":"domhasha80991e4218613f48af6be7e23ae1161","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"phantom-wallett.blogspot.hu","fqdn":"phantom-wallett.blogspot.hu","domain":"blogspot.hu","tld":"hu"},"ip":{"addr":"142.251.142.225","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-27T13:39:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.hu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"phantom-wallett.blogspot.com","ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2000-07-31","domain_rank":0,"first_seen":"2026-01-31T14:36:02.708575Z","last_seen":"2026-01-31T14:36:02.708575Z","alert_count":6,"request_count":2,"received_data":22478,"sent_data":946,"comment":"","tags":null,"fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-15T22:20:44.607116Z","alert_count":0,"request_count":1,"received_data":310888,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.linkpicture.com","ip":{"addr":"103.224.182.253","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"domain_registered":"2018-06-25","domain_rank":4298173,"first_seen":"2019-07-19T19:10:53Z","last_seen":"2026-02-14T02:27:52.969936Z","alert_count":0,"request_count":2,"received_data":152,"sent_data":916,"comment":"","tags":null,"fingerprints":null},{"fqdn":"phantom-wallett.blogspot.hu","ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2006-08-02","domain_rank":0,"first_seen":"2026-02-20T13:39:28.435195Z","last_seen":"2026-02-20T13:39:28.435195Z","alert_count":1,"request_count":1,"received_data":15290,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb7b02810dd3503bb4164e8559163abf","sha1":"e954bbc7c22a158eeb616b5bad5b9b6550615ce5","sha256":"17f2c07b760e06b34d4345fed029005db74b70365728bac2e433683871dfc0c9","sha512":"41bf3817e2f72e47780ed96ea7fce48517675a2ca1fda57260200060dd8f5463f554304fd5227bdc88d047da1b31fe9e1970a8a18bfb0bf35eb4b34649ca87d3","ssdeep":"","tlshash":"64c09b88215a4c7195fb3741cb7ff604b442321495e9db31495d73455d30e1bd754855","size":155,"data":"","first_seen":"2026-01-31T14:36:07.359644Z","last_seen":"2026-04-13T05:33:25.909993Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"38ee2f6ddbe8a478e5795030e72ba35d","sha1":"d332319b04b273e3b9a93ffa22ba9036d59b8e99","sha256":"97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319","sha512":"15610a3ce0ff69817776e355c350aebc006a7744a941c1258fe16a2e73445d964fd94885bd4b50bb2e9ea773a5f95bf1aa124fd90a3252ab2769d2870e5fbb95","ssdeep":"","tlshash":"20d02ef7f4d5ac218809a3200865e9083032e6feb3a08de094c0063a488a8ba9306fa0","size":275,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-06-07T08:09:46.269043Z","times_seen":108164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7422fcfc6a91ec3c8bcf0fdc5f3215ad","sha1":"dd1a7f71b5367fb9d13a3ae6798c7fd0a4c37ef2","sha256":"620719ac57a503dc90e978186aaa9c5540094089b2dca79327b6833d58e011c7","sha512":"155620083064aaa723034d0433f8404d1169bdba5d602f8c820e8f9f4f018ae3ae3f0c08bacc5d0a7809cc583c290386efa94f114f88fdf38e8a2024383e9a7f","ssdeep":"","tlshash":"4f016d137508e31431a714347b8baa18fd2ac2561c95453f391cf9324f57a63ced6ae3","size":776,"data":"","first_seen":"2023-04-06T23:48:51Z","last_seen":"2026-06-06T23:36:19.547992Z","times_seen":4730,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/js/cookienotice.js","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","size":6513,"data":"","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-06-08T21:13:36.720847Z","times_seen":121520,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-222882761-3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d73ad631d2ed64f7f9a9d6c827d24d1","sha1":"5156149b377322d7ea4e699db086e2404ce63764","sha256":"96f02e36d7af511af848f48fd7081beb64c091e18691708db82d995b80a3646a","sha512":"15ceaadd472b0077804c95f840e3f83c2d5eb0a1118b70165b7d431c2135a158f7260868fe6800c51d5a101e413c0d01b8254034896b30e24c4d90d563f9d089","ssdeep":"6144:L4D8ASaAJljxXU18kKDe+KJN5hSppv/U4ZSv:swASaixk18FD/US+","tlshash":"ea6408ccb3d6702683a36478503f114bb23bb992f848c894f186d9d52e74a6a4277f7d","size":310238,"data":"","first_seen":"2026-02-20T13:39:31.393033Z","last_seen":"2026-02-20T13:39:31.393033Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/sandbox%20eval%20code","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-06-07T08:18:38.896325Z","times_seen":921522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-06-07T08:18:38.899011Z","times_seen":919823,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/js/cookienotice.js","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://phantom-wallett.blogspot.com/","date":"2026-02-20T13:39:07.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:36 GMT","end":"Mon, 20 Apr 2026 08:40:35 GMT"},"fingerprint":{"sha1":"19:76:0C:5D:5F:07:34:96:B3:D1:1F:26:D7:45:DB:74:96:D7:C2:C8","sha256":"E6:94:D3:FD:FB:1D:1C:F0:6C:68:F2:15:2D:E1:66:45:E7:B5:3B:61:4C:95:2A:10:24:5B:B9:D7:FC:AE:54:A6"}}},"request":{"raw":"GET /js/cookienotice.js HTTP/1.1\r\nHost: phantom-wallett.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phantom-wallett.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"blogger-tech\"\r\nreport-to: {\"group\":\"blogger-tech\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/blogger-tech\"}]}\r\ncontent-length: 2026\r\ndate: Fri, 20 Feb 2026 13:39:07 GMT\r\nexpires: Fri, 27 Feb 2026 13:39:07 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 20 Feb 2026 09:50:46 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6513,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"a705132a2174f88e196ec3610d68faa8","sha1":"3bad57a48d973a678fec600d45933010f6edc659","sha256":"068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568","sha512":"e947d33e0e9c5e6516f05e0ea696406e4e09b458f85021bc3a217071ae14879b2251e65aec5d1935ca9af2433d023356298321564e1a41119d41be7c2b2d36d5","ssdeep":"96:q54UPzHFcJZ7haKemb/m2GzrzCXAl/MStzo41Pm+YsttcVcbYhyjcso13EZDjiat:q5rPzHgxm2GzaXeMnuzYstyryPhZD9","tlshash":"4fd1630938a7127d125fa03fb6bf515ab66410238101db08786dfa785fd5f42a8e4ffa","first_seen":"2023-03-07T01:02:24Z","last_seen":"2026-06-08T21:13:36.720847Z","times_seen":121520,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-222882761-3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://phantom-wallett.blogspot.com/","date":"2026-02-20T13:39:07.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:39:27 GMT","end":"Mon, 20 Apr 2026 08:39:26 GMT"},"fingerprint":{"sha1":"B2:D0:1D:A5:DD:A9:AD:E9:27:09:79:7A:EA:74:E1:AA:2A:15:0B:BA","sha256":"40:26:82:6A:41:11:A9:D8:20:62:80:26:7B:44:BF:84:9F:FA:74:0E:35:A5:08:C0:FB:E0:28:35:56:1A:CB:8A"}}},"request":{"raw":"GET /gtag/js?id=UA-222882761-3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phantom-wallett.blogspot.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 20 Feb 2026 13:39:07 GMT\r\nexpires: Fri, 20 Feb 2026 13:39:07 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 20 Feb 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 109938\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":310238,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4102)","md5":"5d73ad631d2ed64f7f9a9d6c827d24d1","sha1":"5156149b377322d7ea4e699db086e2404ce63764","sha256":"96f02e36d7af511af848f48fd7081beb64c091e18691708db82d995b80a3646a","sha512":"15ceaadd472b0077804c95f840e3f83c2d5eb0a1118b70165b7d431c2135a158f7260868fe6800c51d5a101e413c0d01b8254034896b30e24c4d90d563f9d089","ssdeep":"6144:L4D8ASaAJljxXU18kKDe+KJN5hSppv/U4ZSv:swASaixk18FD/US+","tlshash":"ea6408ccb3d6702683a36478503f114bb23bb992f848c894f186d9d52e74a6a4277f7d","first_seen":"2026-02-20T13:39:31.393033Z","last_seen":"2026-02-20T13:39:31.393033Z","times_seen":1,"resource_available":true,"data":null}},"time_used":986,"timings":{"blocked":192,"dns":1,"connect":46,"send":0,"wait":81,"receive":519,"ssl":144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.linkpicture.com/q/phan2-bg.png","fqdn":"www.linkpicture.com","domain":"linkpicture.com","tld":"com"},"ip":{"addr":"103.224.182.253","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phantom-wallett.blogspot.com/","date":"2026-02-20T13:39:07.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"it-5858.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:50:21 GMT","end":"Fri, 08 May 2026 03:50:20 GMT"},"fingerprint":{"sha1":"7E:48:8C:E2:AD:EF:75:5D:8F:A6:27:2D:C7:9B:1B:EB:49:EE:D3:9E","sha256":"A0:A5:3F:B3:E4:7B:C8:03:95:0F:83:EE:11:19:24:7D:3F:08:22:9D:1C:F5:9C:37:B9:54:FE:B5:43:33:51:59"}}},"request":{"raw":"GET /q/phan2-bg.png HTTP/1.1\r\nHost: www.linkpicture.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phantom-wallett.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 403 Forbidden\r\ncache-control: no-cache\r\ncontent-type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":1673,"timings":{"blocked":1019,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":463},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.linkpicture.com/q/phantom-logo.png","fqdn":"www.linkpicture.com","domain":"linkpicture.com","tld":"com"},"ip":{"addr":"103.224.182.253","port":443,"asn":133618,"as":"Trellian Pty. Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://phantom-wallett.blogspot.com/","date":"2026-02-20T13:39:07.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"it-5858.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:50:21 GMT","end":"Fri, 08 May 2026 03:50:20 GMT"},"fingerprint":{"sha1":"7E:48:8C:E2:AD:EF:75:5D:8F:A6:27:2D:C7:9B:1B:EB:49:EE:D3:9E","sha256":"A0:A5:3F:B3:E4:7B:C8:03:95:0F:83:EE:11:19:24:7D:3F:08:22:9D:1C:F5:9C:37:B9:54:FE:B5:43:33:51:59"}}},"request":{"raw":"GET /q/phantom-logo.png HTTP/1.1\r\nHost: www.linkpicture.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://phantom-wallett.blogspot.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.0 403 Forbidden\r\ncache-control: no-cache\r\ncontent-type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":1622,"timings":{"blocked":0,"dns":30,"connect":190,"send":0,"wait":426,"receive":0,"ssl":976},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.hu/","fqdn":"phantom-wallett.blogspot.hu","domain":"blogspot.hu","tld":"hu"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-20T13:39:05.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:36 GMT","end":"Mon, 20 Apr 2026 08:40:35 GMT"},"fingerprint":{"sha1":"19:76:0C:5D:5F:07:34:96:B3:D1:1F:26:D7:45:DB:74:96:D7:C2:C8","sha256":"E6:94:D3:FD:FB:1D:1C:F0:6C:68:F2:15:2D:E1:66:45:E7:B5:3B:61:4C:95:2A:10:24:5B:B9:D7:FC:AE:54:A6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: phantom-wallett.blogspot.hu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://phantom-wallett.blogspot.com/\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Fri, 20 Feb 2026 13:39:06 GMT\r\nexpires: Fri, 20 Feb 2026 13:39:06 GMT\r\ncache-control: private, max-age=0\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: frame-ancestors 'self'\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 201\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":14790,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T21:16:18.866443Z","times_seen":16250262,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":290,"dns":49,"connect":40,"send":0,"wait":189,"receive":0,"ssl":198},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.hu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"phantom-wallett.blogspot.com/","fqdn":"phantom-wallett.blogspot.com","domain":"phantom-wallett.blogspot.com","tld":"blogspot.com"},"ip":{"addr":"172.217.20.161","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-20T13:39:06.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.blogspot.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:36 GMT","end":"Mon, 20 Apr 2026 08:40:35 GMT"},"fingerprint":{"sha1":"19:76:0C:5D:5F:07:34:96:B3:D1:1F:26:D7:45:DB:74:96:D7:C2:C8","sha256":"E6:94:D3:FD:FB:1D:1C:F0:6C:68:F2:15:2D:E1:66:45:E7:B5:3B:61:4C:95:2A:10:24:5B:B9:D7:FC:AE:54:A6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: phantom-wallett.blogspot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Fri, 20 Feb 2026 13:39:06 GMT\r\ndate: Fri, 20 Feb 2026 13:39:06 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Sat, 31 Aug 2024 08:20:59 GMT\r\netag: W/\"388aa32d92792d99535e92eb282787933fa5ac6cefea1437294b0667eb0e3a54\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 4699\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":14790,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (601)","md5":"ca6226ac12055fda7f21a0edc23ad513","sha1":"fcd1a30d85fa60fcc83b0d79a73937425bfd37d9","sha256":"a4641439033a7e222d92fb8c4e1af0ea8b2cbd36da30caadbf5a4d1e0037b92e","sha512":"a3d382624465caf1831b9baa5a2f68ee00c45fc4ebf07bda8903c968f3acc163ed575447be1e857f3ab1a8c6e9905903a8101d940770b867ea800eac836f1f99","ssdeep":"384:kEp3Vd6trasVWWdAyEr29L2Jrg8jF0h2OVKfWeuuq:kEpFYrvkWdFEr29LN8Kh2OAfWeuuq","tlshash":"41625327e7875a12053240cee63fa3e54652c198e3128fa4637ec2be7dcd5b07a651ce","first_seen":"2026-01-31T14:36:07.348283Z","last_seen":"2026-04-13T05:33:25.907493Z","times_seen":24,"resource_available":true,"data":null}},"time_used":821,"timings":{"blocked":279,"dns":69,"connect":53,"send":0,"wait":261,"receive":1,"ssl":155},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-20","alert":"Sinkholed","trigger":"phantom-wallett.blogspot.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}