{"report_id":"9dda6acb-b8a5-4a33-aabe-511eb5b29f63","version":0,"status":"done","tags":[],"date":"2026-07-03T05:40:51Z","url":{"schema":"http","addr":"trustwallet-apply.online","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"title":"Почти готово! Домен успешно привязан к хостингу","dom":{"size":768357,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"236a8263f6c7fd909c3bf678da386f2f","sha1":"f44fce9f65f2a5dbe8ce276a6818733761663ef1","sha256":"ef7b02a61ee76ea87d5348e07adcd1a2554df4c45776e3bb92511fd1aa19a082","sha512":"bb866799252b11ed00e777740ddb4b089fce785abc08e434b936bf315b2ceb43c63e09473740964f3289e0c8d26636ff5f9a6bc59237bc153b4abfa499fb283a","ssdeep":"6144:s0T9gq5TgX8gscru33oyBsQ70t6o1ys3YfwRXQebnLCNwPdvgH:B3oyBsQ70t6o1yvfwp1n2H","tlshash":"b3f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","dom_hash":"domhashcf5334f2d974ddbaf245a75d8719e9aa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwallet-apply.online","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T05:40:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"trustwallet-apply.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"files.reg.ru","ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2005-10-31","domain_rank":5588631,"first_seen":"2022-11-17T08:46:40Z","last_seen":"2026-06-27T00:42:02.461306Z","alert_count":0,"request_count":3,"received_data":262839,"sent_data":1608,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"trustwallet-apply.online","ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-07-01","domain_rank":0,"first_seen":"2026-07-03T05:40:53.054984Z","last_seen":"2026-07-03T05:40:53.054985Z","alert_count":4,"request_count":4,"received_data":2306812,"sent_data":1697,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"01f8da1f6f1551b84202ad0aad70efd2","sha1":"f7410e44750232e13085e0a3ba649d93239c3efe","sha256":"09a1c3a0db7beafab34929ff0070589812f724b67621a79e2374047e302bbed9","sha512":"006e7bc128add405b845275ebfc8239a260b191873ce85b468bbe7dca5f102371e3e3ac4c6cdaccb07683e790751b6762874da6f30f2a0f2075f83c9dd43ccc4","ssdeep":"","tlshash":"0ea02208a000220888203022c2b3f0080aa3000c8e08c80202020008002000b88888bc","size":59,"data":"","first_seen":"2025-02-02T04:11:25.38907Z","last_seen":"2026-07-03T08:07:11.715201Z","times_seen":1991,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"d276783c3eff75365ec2af2eb275b4dc","sha1":"13be1a62346242bc92b7b2d61cbfc54556d69505","sha256":"c1e2076faa42b9dabb88ded60783c45dca8163ecc05cb63b375275b67bb82edb","sha512":"21f9b5025cf0f942c04f315a01dfad3148e525328e8162ef6256f234085f43cf7f627efd0aeedc241ff7e45efaad4ecd041d8fbfbe62a36d475789eed85a3d87","ssdeep":"96:9s2RDpVjtVzQuHLn6h7u1ixk8LDk1y7VAU20Jc8De+/:9Dp7Vrrn6h7u187VbMa","tlshash":"8c91b7ba2354e5bb269009d05a2ed197fa157037252b94f0ab1bdc76f87cec08466b70","size":4278,"data":"","first_seen":"2024-10-13T12:37:54.659345Z","last_seen":"2026-07-03T20:13:32.31429Z","times_seen":2601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8e2d9b76e9458363d6f965e0f4270960","sha1":"cf4eda3788fc9b76ab694233838018075713e1a6","sha256":"951819b4acc883fa5e8e3bf3ade8bf32e79bc7895de07f2665097b8c15ccb748","sha512":"37a79eeb3bc0b14c36e2ef6e836a37a511141c2265076c8f51f15477e166995c0462c1f1c610ac31980f1d1d89abc460a80fecbb3066a6e221ac4019a0b84870","ssdeep":"768:hZgOQuhhf/wNvdVnR4I/6rorELrKN260RJB9:X3l9/wlRCMUrp","tlshash":"be839344faf0aea51679a111b36bc4c3f967425090e3841466cef9e4ec6f53e71a3b2c","size":85185,"data":"","first_seen":"2024-10-13T12:37:54.663849Z","last_seen":"2026-07-03T20:13:32.303924Z","times_seen":2590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"5f6e4df2bd02450c99bbe730eb7f52e8","sha1":"44a96a1c9d4f0f3bf9baa20328daf3f913958fb6","sha256":"0501ce77df502667c3729876d8e40ef70d672dcca30fd4990951e46db24287c5","sha512":"0c05c193eb837eeb715540aa565ebcd4315416a5d0a9023c45ee7c45c6ff8f6816b7a8d42c2039828616eafd772a88564d18e76774c6bc6a16a384316b14502f","ssdeep":"1536:ewCNwl2fuPGzycYsClVsLuqf6BlVoFSdexsJPF/2Xuzt:HCN5vYsCPskDzeW5F/2X+","tlshash":"51d31789bad1bd6113ba11a1686f88c7f63a5944584f8818f24ef4e5bc3d83e5137b3c","size":130960,"data":"","first_seen":"2026-05-25T23:45:07.194229Z","last_seen":"2026-07-03T08:07:11.71876Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"files.reg.ru/fonts/inter/Inter-Medium.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustwallet-apply.online/","date":"2026-07-03T05:40:26.322Z","timestamp":1783057226322,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/inter/Inter-Medium.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://trustwallet-apply.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-apply.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 05:40:26 GMT\r\ncontent-length: 105924\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://trustwallet-apply.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"75db5319e7e87c587019a5df08d7272c\"\r\nlast-modified: Tue, 25 Oct 2022 11:42:32 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mtime: 1666084004\r\nx-request-id: df9501c359f2cbb9fee43a7bde5f4768\r\nexpires: Thu, 24 Jun 2027 05:40:26 GMT\r\ncache-control: max-age=30758400\r\nContent-Type: font/woff2,font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105924,"size_decoded":106821,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105924, version 1.0","md5":"75db5319e7e87c587019a5df08d7272c","sha1":"92b30527304b5dc80f45e997e0b1ac4c70110a18","sha256":"1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6","sha512":"4e556d80b52ddbadddf9287f6cdaef0d12113d0fa4a07728fd67767b97806eba5fa0f82711f71e76ee2875192d7618a9b6c277ceb6d69a30f76ca8e3ebb74aa1","ssdeep":"3072:7Jk35GDAni+UzuVEjLH8MSP02J5E4ZjJffp:7ys0iIEjz8MNGRfp","tlshash":"3ca312f46132150feebafcb00b9354415488ea21d39746ebeb74a5a3644dcdb8ea06c3","first_seen":"2023-04-08T13:53:30Z","last_seen":"2026-07-03T09:43:32.238382Z","times_seen":10525,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":42,"send":0,"wait":48,"receive":129,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"files.reg.ru/fonts/aeonikpro/AeonikPro-Medium.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustwallet-apply.online/","date":"2026-07-03T05:40:26.335Z","timestamp":1783057226335,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/aeonikpro/AeonikPro-Medium.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://trustwallet-apply.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-apply.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 05:40:26 GMT\r\ncontent-length: 55388\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://trustwallet-apply.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"0214496abecf780ec7172e9eece36b28\"\r\nlast-modified: Wed, 10 Jan 2024 09:49:37 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-request-id: 3e82564ec7cb6bb45008665cfeb8a58c\r\nexpires: Thu, 24 Jun 2027 05:40:26 GMT\r\ncache-control: max-age=30758400\r\nContent-Type: font/woff2,font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55388,"size_decoded":56254,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 55388, version 1.0","md5":"0214496abecf780ec7172e9eece36b28","sha1":"2cf85a6851507f103df9676aae30fb99fb713e17","sha256":"26bcacbf03755770f640ef57654f59d119aecd24860d21c41f1ee57db203ebd8","sha512":"e09278cdbff71ae67f5bfd4c75513b16f8328070c1220ef176d29f18da572d1d7c940901f89d37ae8b330773ffb366d73e0e4a3a95223da9241879abbce27ddf","ssdeep":"1536:OeBVOQujjZ8qSUG/PHRU9WJShPPnLX1KV:LBVyfjBGHBJS5Pn70V","tlshash":"b24302d83c05faac579b363c04004e95f349fe5e3666fa974217c89f967683a603ed09","first_seen":"2024-02-26T22:58:28Z","last_seen":"2026-07-03T08:07:11.71324Z","times_seen":2645,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":-1,"dns":0,"connect":45,"send":0,"wait":195,"receive":1,"ssl":184},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/favicon.ico","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwallet-apply.online/","date":"2026-07-03T05:40:26.799Z","timestamp":1783057226799,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustwallet-apply.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-apply.online/\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 05:40:26 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Sun, 27 Jul 2025 22:24:10 GMT\r\nETag: W/\"bbd7c-63af0a253eac4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":769404,"size_decoded":132211,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"e3dab7c48e85af423d9ceda533df70e5","sha1":"fd262c6c4195ff6f822c760a4b4c300d505ca4e8","sha256":"8c607e752861a63eb25344a393bbcfd00841670fecf551dea031c92d8250500e","sha512":"4c5ffe3b16fff56339222dac1511fbddabdc422d69e46d06bef484a14d4f57e0500ff4e2632b3e7fe0d36972962cf31017e8a24e9f27020dde2aa5a42ecd8eee","ssdeep":"6144:W0T9gq5TgX8gscru33oyBsQ70t6o1ysvAUEPusTCNwPdvgJ:P3oyBsQ70t6o1yyArdeJ","tlshash":"0af409c8abf02c5e921b86316c3f89c6f30a76d4b6fc4407694df791e25e116f226678","first_seen":"2025-12-14T16:29:46.565943Z","last_seen":"2026-07-03T05:40:56.160502Z","times_seen":6,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":77,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"trustwallet-apply.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T05:40:25.602Z","timestamp":1783057225602,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-apply.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 05:40:25 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 01 Jul 2026 23:01:34 GMT\r\nETag: W/\"bb91d-65594ac483a9c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":768285,"size_decoded":131726,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"43c5f07c4c19727a011fbe421f381c1c","sha1":"212455eff600fefcb6fb1ec1eeb15af2237e834f","sha256":"0ce6714150a631d3a4e4ef14ab561bb7543fe3b64b6130efeafc1da4fedfdff1","sha512":"fbef39df4ee466cfbd89f728057b689bc0d78f5b07950c8c29e7ea5fdacc866fbe77c6cf5b4ce86fe600c6936abaf1a2091fe4db6bedf0a37e14c70edb7a580c","ssdeep":"6144:20T9gq5TgX8gscru33oyBsQ70t6o1ysoYfwRXQebnLCNwPdvgJ:v3oyBsQ70t6o1ySfwp1n2J","tlshash":"a1f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","first_seen":"2026-07-03T05:40:56.161589Z","last_seen":"2026-07-03T05:40:56.161589Z","times_seen":1,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":4,"connect":29,"send":0,"wait":104,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"trustwallet-apply.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"31.31.196.218","port":80,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://trustwallet-apply.online/","date":"2026-07-03T05:40:25.935Z","timestamp":1783057225935,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-apply.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://trustwallet-apply.online/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 05:40:26 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 01 Jul 2026 23:01:34 GMT\r\nETag: W/\"bb91d-65594ac483a9c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":768285,"size_decoded":131726,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"43c5f07c4c19727a011fbe421f381c1c","sha1":"212455eff600fefcb6fb1ec1eeb15af2237e834f","sha256":"0ce6714150a631d3a4e4ef14ab561bb7543fe3b64b6130efeafc1da4fedfdff1","sha512":"fbef39df4ee466cfbd89f728057b689bc0d78f5b07950c8c29e7ea5fdacc866fbe77c6cf5b4ce86fe600c6936abaf1a2091fe4db6bedf0a37e14c70edb7a580c","ssdeep":"6144:20T9gq5TgX8gscru33oyBsQ70t6o1ysoYfwRXQebnLCNwPdvgJ:v3oyBsQ70t6o1ySfwp1n2J","tlshash":"a1f419c8abb02c5ed21b8631ac3f89c6f30a75d4b6fc4407694df791e25e116f226678","first_seen":"2026-07-03T05:40:56.161589Z","last_seen":"2026-07-03T05:40:56.161589Z","times_seen":1,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"trustwallet-apply.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet-apply.online/","fqdn":"trustwallet-apply.online","domain":"trustwallet-apply.online","tld":"online"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T05:40:25.402Z","timestamp":1783057225402,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-apply.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T20:16:42.123945Z","times_seen":16949822,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"trustwallet-apply.online","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"files.reg.ru/fonts/inter/Inter-Regular.woff2","fqdn":"files.reg.ru","domain":"reg.ru","tld":"ru"},"ip":{"addr":"194.67.72.33","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustwallet-apply.online/","date":"2026-07-03T05:40:26.319Z","timestamp":1783057226319,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.reg.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 24 Mar 2026 10:56:31 GMT","end":"Fri, 09 Oct 2026 10:56:31 GMT"},"fingerprint":{"sha1":"DB:56:E3:C0:A3:22:98:B6:7A:BB:9D:E2:65:D1:38:1D:AF:24:B5:8C","sha256":"F2:E9:10:F2:BF:5E:6B:A8:94:03:EC:C0:5A:56:25:D8:41:55:BF:82:DA:87:DE:A9:24:F0:8C:68:B6:ED:A5:99"}}},"request":{"raw":"GET /fonts/inter/Inter-Regular.woff2 HTTP/1.1\r\nHost: files.reg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://trustwallet-apply.online\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-apply.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Fri, 03 Jul 2026 05:40:26 GMT\r\ncontent-length: 98868\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: http://trustwallet-apply.online\r\naccess-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *\r\ncontent-security-policy: block-all-mixed-content\r\netag: \"dc131113894217b5031000575d9de002\"\r\nlast-modified: Tue, 25 Oct 2022 11:42:32 GMT\r\nvary: Accept-Encoding, Origin\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mtime: 1666084006\r\nx-request-id: 393c6b467e80cc6c69b9bf5856be1c5a\r\nexpires: Thu, 24 Jun 2027 05:40:26 GMT\r\ncache-control: max-age=30758400\r\nContent-Type: font/woff2,font/woff2\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98868,"size_decoded":99764,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 98868, version 1.0","md5":"dc131113894217b5031000575d9de002","sha1":"f96348260751ea78b1d23e9557db297290bdaf28","sha256":"d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6","sha512":"0aa4420c7b7dcc70238371f9d21d521d0673caf4c1883eeb2d3254c5a1dad941f4569f418350ffc61e93303466c504179b90ba0acf008250dc9c2c6ddf6f850b","ssdeep":"1536:kWKd1QBjcSqfPdRBUJEW8yB7F2W4Ob2RdFoEw1r4FM9OcU/0UDTTj:m10zEWfB7GObYof1r5icUH","tlshash":"70a312ac58ffdf34aa65a9fcd27856761094223d83edc0ac90a200c6c7b65794fdcd98","first_seen":"2023-04-05T14:51:38Z","last_seen":"2026-07-03T20:15:07.3378Z","times_seen":26405,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":2,"connect":44,"send":0,"wait":171,"receive":42,"ssl":181},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
