{"report_id":"839338c0-0dd9-47ab-bfe9-443affa2f64d","version":6,"status":"done","tags":[],"date":"2026-03-19T00:31:40Z","url":{"schema":"http","addr":"trustwcllet.com","fqdn":"trustwcllet.com","domain":"trustwcllet.com","tld":"com"},"ip":{"addr":"45.205.7.28","port":0,"asn":0,"as":"","country":"Australia","country_code":"AU"},"final":{"url":{"schema":"https","addr":"trustwcllet.com/","fqdn":"trustwcllet.com","domain":"trustwcllet.com","tld":"com"},"title":"trustwcllet.com/","dom":{"size":57,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with no line terminators","md5":"fe0a83620de12dcbe260852fd137ee66","sha1":"fab8e591c45685216b50d429d5996b1771a4f412","sha256":"70aeac15fbde0c0906f1f8141bbb5094fb950be93de184c5e6bc6d89222605fb","sha512":"b9906c8a2a9c0d9eb3b6c2d97022f079d3ad11eac4a634cd9243690718b642fe84d54593d5011d4287b9e6a69c6c6f79615b96d929e83fd2565f16549aa71c2d","ssdeep":"","tlshash":"629002fd9151148edc6535800dc557822d65d36521439d1555c8697c8408525893278c","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwcllet.com","fqdn":"trustwcllet.com","domain":"trustwcllet.com","tld":"com"},"ip":{"addr":"45.205.7.28","port":0,"asn":0,"as":"","country":"Australia","country_code":"AU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-23T00:31:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwcllet.com","ip":{"addr":"45.205.7.20","port":443,"asn":0,"as":"","country":"Australia","country_code":"AU"},"domain_registered":"2025-11-12","domain_rank":0,"first_seen":"2026-03-19T00:31:40.972923Z","last_seen":"2026-03-19T00:31:40.972923Z","alert_count":4,"request_count":2,"received_data":17872,"sent_data":921,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwcllet.com/","fqdn":"trustwcllet.com","domain":"trustwcllet.com","tld":"com"},"ip":{"addr":"45.205.7.20","port":443,"asn":0,"as":"","country":"Australia","country_code":"AU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T00:31:19.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwcllet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 26 Jan 2026 14:18:49 GMT","end":"Sun, 26 Apr 2026 14:18:48 GMT"},"fingerprint":{"sha1":"5B:58:1E:E1:DA:80:F0:96:26:EC:F5:BA:78:08:63:A3:48:E1:AE:B8","sha256":"A4:7A:CE:DF:DE:55:1B:86:1F:11:46:63:57:6C:42:B9:C7:C7:EC:9E:6A:28:DF:0D:67:26:2A:F7:F8:E7:92:A0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwcllet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 19 Mar 2026 00:31:20 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400, quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nserver: nginx\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"dc419d4e0f9f8db55aef8293bda664d6","sha1":"b749d5a1943d1a396ea5ef6d852806a15bf310d2","sha256":"960dabd2ed348d081cf0187370f55cea93d14243d107a67b065fa523711516a2","sha512":"85abc0f58bfa2fed624dac3dca09cb7a32025e19208788f8780f90319c56056928a97c35ffbe0bc21367d4ba9f4607467f8679cc385b3b0b3f5d728338d96778","ssdeep":"","tlshash":"857000000200088ac082000002080a80380222220283880280880a0800000200230008","first_seen":"2025-10-26T03:53:55.383177Z","last_seen":"2026-06-12T23:52:03.9558Z","times_seen":316,"resource_available":true,"data":null}},"time_used":1447,"timings":{"blocked":491,"dns":153,"connect":159,"send":0,"wait":465,"receive":0,"ssl":175},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwcllet.com/favicon.ico","fqdn":"trustwcllet.com","domain":"trustwcllet.com","tld":"com"},"ip":{"addr":"45.205.7.20","port":443,"asn":0,"as":"","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwcllet.com/","date":"2026-03-19T00:31:20.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwcllet.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 26 Jan 2026 14:18:49 GMT","end":"Sun, 26 Apr 2026 14:18:48 GMT"},"fingerprint":{"sha1":"5B:58:1E:E1:DA:80:F0:96:26:EC:F5:BA:78:08:63:A3:48:E1:AE:B8","sha256":"A4:7A:CE:DF:DE:55:1B:86:1F:11:46:63:57:6C:42:B9:C7:C7:EC:9E:6A:28:DF:0D:67:26:2A:F7:F8:E7:92:A0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustwcllet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwcllet.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 19 Mar 2026 00:31:20 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Fri, 21 Nov 2025 12:50:31 GMT\r\netag: \"69206017-423e\"\r\nalt-svc: h3=\":443\"; ma=86400, quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nserver: nginx\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"ac9e941a47f4d4b61ceb4df42967d105","sha1":"f61df42abc7966b07517b0f7519538c3c81c6687","sha256":"010e967162f7e39c9d09502a830351927d34d08067179dc9bec4daa44bb9234d","sha512":"0b3eeccb5b2a5f04be52a703a6947968290dc5620926c4f9cd1c790cc585eeef4f0109126429b8035bce8c6317ee3bae8b2938ef6c8d91c576e11d847635746c","ssdeep":"96:s0rqO4V1NfAOP1D4M4nVRiIrMTm6jNnhq73Hgz2/ioX9G462C3AUYkEEkYzLR:H54Vzv4nVEI4Tm33wMtVNKEEPN","tlshash":"67720f6476b7dc27f0c607b526e3dd304864be50bc32853a3945b39a5d7f28bf8260a5","first_seen":"2025-11-27T17:36:43.788311Z","last_seen":"2026-06-12T23:52:03.956538Z","times_seen":36,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"trustwcllet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}