{"report_id":"a604fa68-adbb-44f4-b7a8-ff18d3a44cc3","version":6,"status":"done","tags":[],"date":"2026-01-24T19:41:02Z","url":{"schema":"https","addr":"authwall-trump.cfd/","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":0,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"https","addr":"authwall-trump.cfd/","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"title":"TRUMP WALLET AIRDROP","dom":{"size":111577,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8945)","md5":"cb028cde8ff2221cc87b0b585763b70e","sha1":"6e672f1cf71a9d498ce565aeebce0991bf1f8de2","sha256":"fb1e91050e03523f20f1e351f6ad21129ac99f982573037eb8322bded25ef759","sha512":"8e5db2283462fcfea8b45ae33aad935d411d1cefa1fd11b008dab9d930b77891248c7406e507cc92568e8ed32f89f0222be0f117df6f25e2e66d51bba38fb13b","ssdeep":"1536:rhcTZjN4kfFuuzc8yJ4kt8dTZjNTPgh0kic7mbRpS9tRzJH6c:GB4kNcYkqBTlO","tlshash":"5eb3e8e963f8a3f4e006f7e4d52354a57e4a24f6ba02c264f3ac5d50ab8249dcc56cc7","dom_hash":"domhash1f160863f16231c135f12970d6144a1e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"authwall-trump.cfd/","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":0,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T19:41:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T19:40:39Z","timestamp":1769283639,"ip_dst":{"addr":"Client IP","port":60420,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 17","source":"{\"timestamp\":\"2026-01-24T19:40:39.967910+0000\",\"flow_id\":1174025555919416,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"94.154.35.90\",\"src_port\":443,\"dest_ip\":\"172.18.0.38\",\"dest_port\":60420,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400016,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 17\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-01-24T19:40:39.901688+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"authwall-trump.cfd","ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"domain_registered":"2025-09-17","domain_rank":0,"first_seen":"2026-01-24T14:59:26.791028Z","last_seen":"2026-01-24T14:59:26.791028Z","alert_count":32,"request_count":32,"received_data":1612491,"sent_data":14530,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":1,"received_data":4594,"sent_data":493,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-01-18T22:42:00.173248Z","alert_count":0,"request_count":1,"received_data":7787,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-18T22:14:28.232245Z","alert_count":0,"request_count":1,"received_data":38590,"sent_data":553,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"authwall-trump.cfd/","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":true,"md5":"152deb3c86d92571612ab0143c2b87bf","sha1":"594d20d98071265b11f8a79e8aa98525bae43dca","sha256":"9ca99e42e4f5347371a5aeb57aeb806e4ce017e850f1ffe293dcab436cc5eddd","sha512":"f5ca780ccbc618507cfb0b834f444aacb6ccc9743de6b0067ef2bb5701a12c6a5de13b977c085f4b88fe04437bd7f70bce201bcbe64f0ccc17184ff1166cd8a5","ssdeep":"","tlshash":"6621d816a161243f44d75ce9f3c75dcc7e28988fa40695633a9c9b0e0fa38e185b26fd","size":1442,"data":"","first_seen":"2025-08-16T22:50:52.679611Z","last_seen":"2026-01-30T07:14:01.475814Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-1.2.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7199,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-08T17:43:18.353086Z","times_seen":23470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/js/script.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b787601fee286bba9a9845c142dd8c8","sha1":"b94bfc5ae20afeca103ec1bdba2c4a24850258f1","sha256":"4e1c5073aa1b27323ad1f9b7606c1bdc49ed4f8fa54e5ffcaa2673f44f8049d9","sha512":"33fd5cf9beeb0161b42bffef41ddcdd10a69d7ef3ea456706a57968ad74cdf446d181116e7ddc6111e34792aa2ea77a69013f62874e1e36918be2a9526133f5d","ssdeep":"","tlshash":"62413508a7b614923d27a3878fae72143aa944b7354ad190708c2f8e3fc7764411fef5","size":2290,"data":"","first_seen":"2025-08-16T22:50:52.669562Z","last_seen":"2026-01-30T07:14:01.472101Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/js/jquery-3.6.3.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"24fa855a7678b1938f16235881e3e80b","sha1":"67b6c9946134456d67c07765d230130d8679f8c6","sha256":"f2a84bc4f4cb8ae04162f42f1f3ebed1e05725d9b5bf666b885356c7698a071f","sha512":"d1eab0379a8736f8b14e73478f101a2656912c7fbb9b7d90707e6e8f782c09bec4b017eb86781e5b4d4ae8a37b3f89a931249527e839f28bee1389de21bd79c7","ssdeep":"6144:7Mahx/8LY8CvzokFFr2QFbPKs3J0G2H90KUWJEe/Vp896ZdY19lJQV2YpHe4habe:5OQFbPP380KUWJEe/f895HeTHevbhEJf","tlshash":"f554b3d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d996c24a081883fafbe","size":290960,"data":"","first_seen":"2023-03-07T01:28:34Z","last_seen":"2026-05-17T22:32:21.45927Z","times_seen":448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/opener.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"626f102d503e6c1fa82f9030873fb044","sha1":"5e9b6f5ac49392cbf9556702e6921ff79955d16a","sha256":"f3dd42f739dc3b33cf782de87e214403874b464a4ffcf8bbe54d7703272b743b","sha512":"98a7442d7449824879c86160c1ca1ec552e38e0a719781d769db7a6bf29b5ba1be94a7387f568977e913a01c62d2fc1e6183ae802b99cb4bf0660c6879a06947","ssdeep":"768:Tgu/tk4n0Nki0kGOHicaVzK9EbeasQjx4XDsw9AWtna5kosRJYLC6G5Nf/tWGdNA:TgH/0kic7mbRpS9tRzJH6ylWGxO","tlshash":"b65319dd27f463f4e417e7f6d9234456ba0a24f7aa428774f3bc9e04ab62498c845cc2","size":61834,"data":"","first_seen":"2025-07-31T16:18:58.312379Z","last_seen":"2026-04-10T14:32:00.973739Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/nami.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/nami.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-c32a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49962,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"67c8416c5c38d8b6ae946e09647c49b3","sha1":"ac140d45cdce166ec74a2a3adea2efff9ff12775","sha256":"7944c312359b61358d31084f3e29c677c2541485c967d89bac182a13b513aa05","sha512":"010864d753844a4f0cec754a8e9c6dc412a6d950bd74beac5013346001bd78f779bb25e438e9fbddafb074c1550540a7f2d20d08ac5f4bc149ff9172f582c567","ssdeep":"1536:RJX0vKJzkf6BipjPiE0hpxTgljig9ByncfH:RJEvKJAiBSODxTgl94cfH","tlshash":"2b23f1fe9565c71acf44e0e4c0c32bb7a928952f819eceb984f2d153726c1416f43a8b","first_seen":"2025-07-31T16:18:58.278328Z","last_seen":"2026-04-25T07:21:54.063442Z","times_seen":19,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":144,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/trustwallet.webp","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.899Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/trustwallet.webp HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11146\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-2b8a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11146,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"75d729cd68c40d8c513f63968fc56ba3","sha1":"19fd61443b1e233a26d11ede36b584f152e29223","sha256":"10f4c8325fe8e7ac296e886ffc66e8838a980da1da865e0b9b2bee6399c47429","sha512":"826917f257507c632a9dcff95ac4e31235391bd07297328bf7f049ef21a44eccd4c5342b163e4f8330b420a4f8f5dd60edc46b506307cd8ebaa32abfe688f545","ssdeep":"192:7CodSXLJDENToeURQSdZk/FdVHwkCrHvm+qurYIAuhXM9C:7Td0DWoxuSodhwkEmqrYINXmC","tlshash":"0932c02b7806b05a806dc7be1a296ece06b5fb1e5d2c3401619fe4d68585cfe8bc550d","first_seen":"2025-07-31T16:18:58.307194Z","last_seen":"2026-04-25T07:21:54.069023Z","times_seen":18,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/js/jquery-3.6.3.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/js/jquery-3.6.3.js HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-47090\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":290960,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"24fa855a7678b1938f16235881e3e80b","sha1":"67b6c9946134456d67c07765d230130d8679f8c6","sha256":"f2a84bc4f4cb8ae04162f42f1f3ebed1e05725d9b5bf666b885356c7698a071f","sha512":"d1eab0379a8736f8b14e73478f101a2656912c7fbb9b7d90707e6e8f782c09bec4b017eb86781e5b4d4ae8a37b3f89a931249527e839f28bee1389de21bd79c7","ssdeep":"6144:7Mahx/8LY8CvzokFFr2QFbPKs3J0G2H90KUWJEe/Vp896ZdY19lJQV2YpHe4habe:5OQFbPP380KUWJEe/f895HeTHevbhEJf","tlshash":"f554b3d9734f116f4ba233aae43b5149ff7dd1b0520550acb58d996c24a081883fafbe","first_seen":"2023-03-07T01:28:34Z","last_seen":"2026-05-17T22:32:21.45927Z","times_seen":448,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":139,"dns":1,"connect":70,"send":0,"wait":128,"receive":138,"ssl":81},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/header_ds.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/header_ds.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1355\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-54b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1355,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d15d71795fd4533764210207f1501ddb","sha1":"0886fbbbae7b80df7c43e71c0862e2ac0038e828","sha256":"4613c711329e5a206aa81e46636ed4ba2be3af9de95faa970e1423355dab63c6","sha512":"d36a27c2ca1c86207c9044d0baa9c70ad2ae30f76dcf20b27312b030716fb343dd1a6b7da76af9e199cf8b07900e5d41458b04a6c5487397be1ffcdf46c072c9","ssdeep":"","tlshash":"70217ee6838df6e0f388dbf443156875b57270e16d2185394fa66e51fa1007fc8cd481","first_seen":"2025-07-31T16:18:58.309578Z","last_seen":"2026-01-30T07:14:01.436002Z","times_seen":11,"resource_available":false,"data":null}},"time_used":893,"timings":{"blocked":399,"dns":0,"connect":72,"send":0,"wait":75,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 24 Jan 2026 19:40:40 GMT\r\ndate: Sat, 24 Jan 2026 19:40:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3908,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"935871d1a732f1e46db8fac63abf0dcd","sha1":"1c67935ab647d6cb5bfa911856397443ab4a64ed","sha256":"b8eec3c6430ec7af2ae527219f944b1f3fde1695eb73efc2a56b3cabb23e2481","sha512":"2a9cb9036467308726cc6b979cab5e2c7159ec088436136f4aefc70cf43b6e90c7ebd277697beca525b052f2a8f8dc5909d9b9e5e4b09afc930e290a7195a571","ssdeep":"","tlshash":"2481c0910517a504da471cc523cf7e26de0e66767494d5797ffe2ca8bdeac220324b2c","first_seen":"2025-09-05T02:18:57.460387Z","last_seen":"2026-06-08T20:09:44.16893Z","times_seen":82123,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":137,"dns":1,"connect":21,"send":0,"wait":31,"receive":0,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/header_tg.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/header_tg.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1749\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-6d5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1749,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cc553b8123e8c17ddc32780c425e6691","sha1":"fa405193343efc440bcfb7e3503f386471b0a593","sha256":"c1bac8e2252fd60e990f732b430b8550d37145e66b931d2b71d84671df5f0e72","sha512":"cc62c88cc77f78e794fbfb6048a47c8caaac501b4263165e2f3877d334dd01023f723deef608c39bcce899d2f384d586725b74c4ce52bd1bb1449aceca3b7903","ssdeep":"","tlshash":"053112a813fdb9e0b906dff0d77a44716b1e21e12b67ce394b4abe70e10102e5464cd4","first_seen":"2025-07-31T16:18:58.293557Z","last_seen":"2026-01-30T07:14:01.4534Z","times_seen":11,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":476,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/about_image1.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/about_image1.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-2bf1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11249,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 176 x 246, 8-bit/color RGBA, non-interlaced","md5":"7db3f813b2a2f868cb120ddd7df246da","sha1":"00b711daf1e5d8c3d5be342882625a15963662b4","sha256":"ce1b3660044d89e6560bffbbc7b48a2039affa913904b8f794dc750fbfaa8c14","sha512":"70b8d3546426179a86c6c0d81422c9c499fcb979987be19e4992bafe99196acb60e437cb8a6f3840d9c7199a4d0f6a2603435b40280a21868e92815c7e5825d6","ssdeep":"192:TSspK+NNzAakRA+2InFT/w1hxBEtiRRxoxGjzJhpA8fJTN7aQOIBUht9uZdRXA02:GZ+NNzRXrInxYnXWoxPuUZ7aFIBULkKV","tlshash":"ed32af761f17c9edb38832fff82ec6aa612fb9f398800810119287cd5a76053565bec5","first_seen":"2025-07-31T16:18:58.310986Z","last_seen":"2026-01-30T07:14:01.449329Z","times_seen":12,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":470,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/about_image2.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/about_image2.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-e49\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3657,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 208 x 240, 8-bit/color RGBA, non-interlaced","md5":"58893c89c9932ae89dd15aaba4a679f4","sha1":"1eaf894de2cfdb31c1356dc62d10e97c344cb3d0","sha256":"cac4dc7c118b5d155a32e664c6f537885ad12a81f35532a46b71fc20e666310e","sha512":"28b3d31d84805d06839173419644438441039c2f8b13b98b2bd7597c1df1a4a3caa2f44aff026f2431925bcf1f57fa777d581a7b16a0464b54e0ea427781f25c","ssdeep":"","tlshash":"4c715c27fa5f067ae986d8703095f9bc14673988bd130f97d758d0db049b8742267341","first_seen":"2025-07-31T16:18:58.300403Z","last_seen":"2026-01-30T07:14:01.450737Z","times_seen":12,"resource_available":false,"data":null}},"time_used":470,"timings":{"blocked":395,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/about_block_image.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/about_block_image.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-4dd2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19922,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 364 x 298, 8-bit/color RGBA, non-interlaced","md5":"810679269193d6bdbb847e871e47d7cb","sha1":"9bc62b40e2708f3c64a93ee1ec0af58a0a085e0c","sha256":"70a7c76dfaf94186295927a4f3f03a3c038c67d57c1ac4214f1226a69e69bca2","sha512":"81005a5902c8a2a458cc2da208c1e39de6ee5aa3672006949ab4314c8b678eac93adc1d6e2b1628b382aab6eb9fbf9fe7ef058d38f7ac8442a77115d9520375f","ssdeep":"384:bSSHu1Uei6xUfBrS218nwMLNDePTdSoTPNXzfdXSBNqvU5fx:2X1Uei6ypTNIk77PBlSS85fx","tlshash":"ec92e0809079e28b6bfa2e7ea3f490f502649c97595235c85c2fef5570703fc206e718","first_seen":"2025-06-28T21:14:36.020915Z","last_seen":"2026-01-30T07:14:01.459563Z","times_seen":15,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":538,"dns":0,"connect":0,"send":0,"wait":68,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/js/script.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/js/script.js HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-8f2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2290,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4b787601fee286bba9a9845c142dd8c8","sha1":"b94bfc5ae20afeca103ec1bdba2c4a24850258f1","sha256":"4e1c5073aa1b27323ad1f9b7606c1bdc49ed4f8fa54e5ffcaa2673f44f8049d9","sha512":"33fd5cf9beeb0161b42bffef41ddcdd10a69d7ef3ea456706a57968ad74cdf446d181116e7ddc6111e34792aa2ea77a69013f62874e1e36918be2a9526133f5d","ssdeep":"","tlshash":"62413508a7b614923d27a3878fae72143aa944b7354ad190708c2f8e3fc7764411fef5","first_seen":"2025-08-16T22:50:52.669562Z","last_seen":"2026-01-30T07:14:01.472101Z","times_seen":10,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/configs.json","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/configs.json HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: application/json\r\nContent-Length: 2332\r\nConnection: keep-alive\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nETag: \"91c-63f0361eab8e4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2332,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1fea3f717f2adde778dbf322b6f98ba2","sha1":"c1685f602fc4f2c4cc6afd998f783c2d0fcb3a69","sha256":"a33c88a742c362d8f718feffc9bf4c30b1d6ccbd2b33068a9cf74885c139eb46","sha512":"aa2ba2fc4c3bc2705005d9f677db203efc796554e6e1eec03c4eff6473c5ba93c739730a5b2c8789d900c7b8b8f27944f46847d600829e9c47dbd2d4cb1b85ff","ssdeep":"","tlshash":"c841a567db849e3b9839236668b643b7f5a5136f63050c2b3bfc594c9f72920346390a","first_seen":"2025-07-31T16:18:58.289732Z","last_seen":"2026-04-25T07:21:54.065118Z","times_seen":18,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T19:40:39.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 9676\r\nConnection: keep-alive\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nETag: \"df5f-63f0361ef7ba7-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":57183,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8880)","md5":"15d9b08b138918155e410ce639caefb4","sha1":"1cd59a9641bc522a9b9ba644e13f56e60cdee764","sha256":"3bea76aaa55b7413b9323bb26daebf9a12d9dd2f949fdc250270dba6c06a52f7","sha512":"b3bfefa43c5064ac9273441231776a915d5e9c91a07ea23e408bd811591a8114a999c3a7f9b8eb045f55ac87552ba5b3d8b871fd0614c63af0535e1207ca05c5","ssdeep":"768:HQJ6VcOzCEwTGgE0lkfFuuzc8N8J4Ja5Wt5QJ6VcOzCEwTGgE0DIpcIiF:HQgjNqkfFuuzc8yJ4k585QgjNY","tlshash":"8a43d7a0a3fde1f0a041f3f8a22668657f4629f7bb06d055f29c4c51af4684d8c5b8db","first_seen":"2026-01-24T14:59:15.878635Z","last_seen":"2026-01-30T07:14:01.44171Z","times_seen":6,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":188,"dns":51,"connect":66,"send":0,"wait":78,"receive":1,"ssl":74},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/zerion.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/zerion.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-28d0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":167180,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"837dc8014028d1bf9e4c24f732aecebe","sha1":"5bedb142ddcae467282ea54db8443ea854927c59","sha256":"2142ef80e406b0f60488d0bede350ee24a5d7447febd8bd625e9672cdb0f58aa","sha512":"2259ce1909df9c2905c52a85e905e2cfe1ecd74f337904ebba85d5b5ab30159d48ebbb5e61380ee5c8a1d02c7d0f7732b091c862df31c01048f895f1c91347e6","ssdeep":"3072:pymloANFAlziOlKkn/XEh7Y1kYBTIh7AcrNp24HsnMHNJg/tu5Jl03dTaTuSV:pymlvE5PMManXAcrNp2OsMHNJg1uW3ap","tlshash":"aff31242328bd757444c1f230e17965686ef383ab21fc8285a70d9acfda55346ff2a1c","first_seen":"2025-07-31T16:18:58.28796Z","last_seen":"2026-04-25T07:21:54.046994Z","times_seen":19,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":153,"dns":0,"connect":0,"send":0,"wait":72,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/ronin.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/ronin.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-166f9\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91897,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2800 x 2800, 8-bit/color RGBA, non-interlaced","md5":"8129de471e3f14ce6266f63ee321a81f","sha1":"9d7c31bcb0024bbb1c296d9e7c5ffa7fc40002c2","sha256":"3549608e2ae6543678344cab7bc5c6140481afd540b6742be0cfd88e18f679ed","sha512":"29574ac567ff227129b95cc56d63a079358022bb1fc00687a50771f91c162f62e528727cab212084d4eb3665d67304c340c16e39c93388ab2a72b3f82c2aade4","ssdeep":"1536:rIsyaGKT5cubsgHbz2MmI+zczMIOzbaYSbh4hCsKn+qWFqZmYIO:o0cubsgHb6Mf+z8OJSbaGt8nO","tlshash":"699395ab4d32a719e6734cb56cb20fe44d0db5ea3ea8be46c72526b31ccc15b1b46071","first_seen":"2025-07-31T16:18:58.271592Z","last_seen":"2026-04-25T07:21:54.071118Z","times_seen":19,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":175,"dns":0,"connect":0,"send":0,"wait":88,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/header_tw.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/header_tw.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1164\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-48c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1164,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"31393067a2a3e7d6fdc4383635575c41","sha1":"727724d767c479570f5ebba82918fe372d76033a","sha256":"465a602a69856b26ab95dc1185912b7e600519f36a9b1d2b1025bf94a58c4426","sha512":"a4fedb9b9f427ec5cfcced71be24ef2b8b75d1bd1f8bb4c678598fcc5cf9a9f59af26b00b948b079cc82737b4e5fc3e7ee129181b8c29300fa10619156ea3d69","ssdeep":"","tlshash":"e42111eb53f677d0e418d3a5956025363adf20fe171283a882658de0955732e0e9c090","first_seen":"2025-07-31T16:18:58.292389Z","last_seen":"2026-01-30T07:14:01.448102Z","times_seen":11,"resource_available":false,"data":null}},"time_used":615,"timings":{"blocked":404,"dns":0,"connect":65,"send":0,"wait":68,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/header_mail.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/header_mail.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 518\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-206\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":518,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"12fe876cb0c921eca333281c4b08c5e6","sha1":"bf3ec31d40216bd5a6c92fc6e197e642acbff3ba","sha256":"54e0462d61c77880115295f875d62d4fbf83c87c947a8703a7edf7dcd186f5ab","sha512":"22e723f375b56257545a76ac0b023ed80d9a1a963844d07ff0a9a7e0c0b42901517a2cdd805849340877e8a28c716e85a867cb99674ea19c645c32435ac04dff","ssdeep":"","tlshash":"f0f0c0a9505ef998e401e728e2346c3120be12caaa280ce51bc0154be1495dd2ee5724","first_seen":"2025-07-31T16:18:58.252965Z","last_seen":"2026-01-30T07:14:01.455109Z","times_seen":11,"resource_available":false,"data":null}},"time_used":892,"timings":{"blocked":398,"dns":1,"connect":67,"send":0,"wait":74,"receive":0,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/about_block_stars.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/about_block_stars.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 991\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-3df\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":991,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d6166363253c310063056d65ab519f2","sha1":"46c4efe0ac47416f0311f6376b0335dfeded22cc","sha256":"a8dbea323cb3fa4815b050e066ca067c1909dbe5e2c7320b53d46fb57f4000c1","sha512":"f58b453f3bac6f5b3e14aa1ed05e9e23382a62719b8fe2ca7c226ff8e5cc878ed1dd70ee837278fc90281ea8b165a36d30964ebab36eef6ed3d16705a504890e","ssdeep":"","tlshash":"5311af8acec597d0cf286376a80d18f114bec0ebead47494486a62d3928958e6948d48","first_seen":"2025-07-31T16:18:58.301463Z","last_seen":"2026-01-30T07:14:01.440322Z","times_seen":11,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":538,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/participate_left_top.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/participate_left_top.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-5837\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22583,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 242 x 271, 8-bit/color RGBA, non-interlaced","md5":"6f33ab8507c8070aed19ca68e29c4ff6","sha1":"628cf07dd2a48841a8c8b81326b223d5e5de0a03","sha256":"cc42d5deaffb0b9ab94f9789b4de1326a138d2e82ce2cc6bc2daf49d48a2c165","sha512":"5e74b591b814d4118156eb720fe3b5a856dceda255ebe4f48b0f0d26cdac348a4dffd79866ef96816b4e3952d0a6e5c406c41b083f2ffad0b5b62e253791cc6b","ssdeep":"384:fROC4V9l4OdSoZekU3jWMN25CSGItfYXrMQvMhAOFkSTKi14bn4nAeQtykhSK7x8:JOxTlVzM3jjN2g+tfGhUSKTT1CnoP","tlshash":"c7a2d0b339b0aefa951dd106afdcd9faf9004ead8a3535bb85134c45d7228522ca60d3","first_seen":"2025-07-31T16:18:58.302687Z","last_seen":"2026-01-30T07:14:01.439175Z","times_seen":12,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":391,"dns":0,"connect":0,"send":0,"wait":69,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/gerowallet.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/gerowallet.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-1b6fe\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112382,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"97807d331a90ad4c4b8c833ef96a7c56","sha1":"8c0f6102264ba01556c4d3e3279d308fbdbf8fbb","sha256":"d7bf3d72bf78123ee12a34cda72b44922c0971ae58a32cca8f9e40268e9a50d6","sha512":"3b2070fd118c5fc47fa39b596dab50b03d8a167c3ff0c71aa5a97ab057feba5b763a71fbc004669791d41f9425e73628b43988d113d74558375735ad256481c2","ssdeep":"3072:u4WUVl0tzHsEh3Yep0fc5umRIoLQTc3ldV9agPbjGJZ:u4dluM63RqKOnElL9a0yZ","tlshash":"02b312c976dac898e135b90e2718d43ade07a8870e1f650b79d3cddc67791299afc00b","first_seen":"2025-07-31T16:18:58.276736Z","last_seen":"2026-04-25T07:21:54.057238Z","times_seen":19,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":74,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/rainbow.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/rainbow.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-1fa17\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced","md5":"866a10b70a683c18a8211e7cdac60615","sha1":"cb7d6a4fdb86b66d1f26046a9814f8a7c5fe9267","sha256":"8d4853d3888b296f8c1e54fa6febcbfe4fe478695b2753bfab2eaf3b8a839451","sha512":"269fb4402948a17200319ae0d895807612a94fe48c20e33046d5adf8a9be491915b88528364221b532d54c9b2eeddf401d8b5b936e089339469b9eb8dae4a6f5","ssdeep":"3072:uPJpoXngswJQ8y2m100N9qdYQK383ZRDkGbJcN0QOPrJe15DydA5:uDoBwJbcsYd8JRoNkrJe15X5","tlshash":"e0c3121ca33c526af5f46b028541e2cbd9fb78891e7fb878009864b70151ecbb974d6b","first_seen":"2024-03-17T05:24:49Z","last_seen":"2026-05-02T00:13:54.376618Z","times_seen":110,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":174,"dns":0,"connect":0,"send":0,"wait":84,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/flint.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/flint.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-53a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1338,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"a8e8560ba500aa61f43b6e054cc04b36","sha1":"fc15453d4bd3a6000a77a51dc82b579cc8cadb9c","sha256":"b0ceeb876aa169695c28a8556f9d67c30aeca66ae9968e5bef80528ef6efed02","sha512":"edf1cf9c9eab46f8d0bcb2cefad94bd52f7db4dd1a9661893b1e28821561da51abc8f45a53c0504307bafc94add209f07c49877d76f1d215e3b41b092422d13f","ssdeep":"","tlshash":"3421081fc76c1d38ebdc5e6890213000863456458f224381b48da90ffedaf9f92238c5","first_seen":"2025-07-31T16:18:58.261654Z","last_seen":"2026-04-25T07:21:54.056149Z","times_seen":19,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/metamask.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/metamask.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-2084e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":133198,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced","md5":"778360312c0461f038f3eba2ef5b40de","sha1":"911124d9be3957cc48bcb6c78315948cc4272403","sha256":"ab665b3a366c2da2f80b4092c9cf7367c6a1bd2a3dc002706c8527ffd994444f","sha512":"cf4f597cf898aa358bf23025fd55a97b3254195c2ec0523a5ec6684733401428022255c2b7fe456863c93c8403038b7ccbf6c81b5537346ff63717760e005bed","ssdeep":"3072:ImSd/dUBiEIdTsN1BDBGkv/DOoqJinITRAxXlTmbobH4TalFca:Ljqsp9DXDMMITRbEDjt","tlshash":"fad312fea562c361eafc26f35dc643ce47c5f1a7c353944206982144e8893b8afab715","first_seen":"2024-08-19T09:05:53Z","last_seen":"2026-06-04T10:48:29.69676Z","times_seen":42,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":143,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/typhonwallet.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/typhonwallet.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-a6b1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42673,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"42325f6a21d8e1018d656baf42742c2c","sha1":"2a6a31373a772732c6e7cbc270939310cc12b7c6","sha256":"953d5981bbf2c07e1008f7b5450aa57ed6a0aeeab08e53d4b6cfc8dee414689f","sha512":"5c7c0a6feed9f0f310cee8904b990591d82f3732b5a818a85874218e50a6b7ed21bcebbd9a94999c87ac3bfe1ff6eb29899b2cb3926150d97fc2b8145a823957","ssdeep":"768:H4D/gHAMB+OExbBbDWO32hyvJUcg6T8bxeReEzFI/3waFGCq9NMZGyX/qc0w:H4DYgMSxbBaO32wicXqnES/gaFGiZ9XL","tlshash":"ae13e16d5d36e9062c2b42358b8b5fb2d16304c9dafe8f3dc21485268c60d1de57a2f6","first_seen":"2025-07-31T16:18:58.297475Z","last_seen":"2026-04-25T07:21:54.04509Z","times_seen":19,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":104,"dns":0,"connect":0,"send":0,"wait":75,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/css/style.css","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-418f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16783,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2381a09724ed2e2dba456ffa3feab6d0","sha1":"76639b4b7aebbc4a3dab577f2e788bc3d65604de","sha256":"677119328777a7209e5171ac944650a3f2457f516e30dd26dbb566f918f2319f","sha512":"4a8738108987bfb97a886f33063f408db1b35a268ce5bba42cab4271b9a18535ba809e575838229034a52bbc683a25556f70a9dffcf00ceaa5b0e9924111b29f","ssdeep":"192:RcsMLz5+xF1HPTc4NaNtgICYHIbfPAYs2RVexPcn3ULhTtQTmMtvQCEgyhyq5YK4:6pkglkE42Cgvy3VodIz","tlshash":"2c7252866ab06100b51bf8e8be939f58631ce053a14ecdfdb7d0604cef891c95672b5e","first_seen":"2025-08-16T22:50:52.655343Z","last_seen":"2026-01-30T07:14:01.458599Z","times_seen":10,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-1.2.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-migrate-1.2.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1c1f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 24 Jan 2026 19:40:40 GMT\r\nage: 1408543\r\nx-served-by: cache-lga21931-LGA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 5, 12146\r\nx-timer: S1769283640.366748,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 3063\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-06-08T17:43:18.353086Z","times_seen":23470,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":53,"dns":24,"connect":13,"send":0,"wait":16,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/intro_image.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/intro_image.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-3428d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":213645,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 963 x 716, 8-bit/color RGBA, non-interlaced","md5":"16fa178490f7dd783e12068ac7daba54","sha1":"218052cdfd80d11cc9931848fc4c075cc513276d","sha256":"8c0b394f30791a5180f9cf38f9ccd9ec750159ab2e8bf23898094c4ac65edc34","sha512":"31f538d236ffbd0e9d3a9fbcbc73ee25d9957110171480e59e52e2dccb8cc43a93a907cdaad32dc1433934ff811670e31ad4db207c3109e9159b6cbb792336c9","ssdeep":"6144:y3W4I3axIKXlUGfecXXXxNGJkQrUAhA1PIbw7nY:y3WpslyopXGJhrP61gbw7nY","tlshash":"3c24137cf4c8970cffb9ab360d691d7a411d59c82d92c9723624314ba4d8be1bacc46e","first_seen":"2025-06-28T21:14:36.016039Z","last_seen":"2026-01-30T07:14:01.470919Z","times_seen":15,"resource_available":false,"data":null}},"time_used":744,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":133,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/participate_left_bottom.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/participate_left_bottom.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-88a1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34977,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 424 x 245, 8-bit/color RGBA, non-interlaced","md5":"c4e21edbde57ac3c4c30dda44038c4a5","sha1":"fceaae957c58973d13e1a3cacd689c762b62893e","sha256":"a6caf16efeffc4ee07494e177bcccf6b1f8c3cdd71a7b213987937deb3e9c054","sha512":"a2752a803c11a3a2fbf9b8aa4fe002b37fe104cf37c6b85e14bcfeb2e82bf612ca12c28f3cd7e845b6db31f868bdeeda7a782ed562e85e22b87b45f30d8bc8af","ssdeep":"768:MDYcdVV77jYnyjDIgFTDOAvsnYExKHwifQUfYSg3HccSQB4ILa:12VZYny3IgFDvojx6wifQUfYLHVSvQa","tlshash":"2ef2f18ef925911278fc6cd59dde1005584fd2a58f6422f4886e5ecf20ce90eba02ba3","first_seen":"2025-07-31T16:18:58.282918Z","last_seen":"2026-01-30T07:14:01.456052Z","times_seen":12,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":537,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/opener.js","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /opener.js HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-f18a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61834,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (49298), with CRLF line terminators","md5":"626f102d503e6c1fa82f9030873fb044","sha1":"5e9b6f5ac49392cbf9556702e6921ff79955d16a","sha256":"f3dd42f739dc3b33cf782de87e214403874b464a4ffcf8bbe54d7703272b743b","sha512":"98a7442d7449824879c86160c1ca1ec552e38e0a719781d769db7a6bf29b5ba1be94a7387f568977e913a01c62d2fc1e6183ae802b99cb4bf0660c6879a06947","ssdeep":"768:Tgu/tk4n0Nki0kGOHicaVzK9EbeasQjx4XDsw9AWtna5kosRJYLC6G5Nf/tWGdNA:TgH/0kic7mbRpS9tRzJH6ylWGxO","tlshash":"b65319dd27f463f4e417e7f6d9234456ba0a24f7aa428774f3bc9e04ab62498c845cc2","first_seen":"2025-07-31T16:18:58.312379Z","last_seen":"2026-04-10T14:32:00.973739Z","times_seen":16,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":119,"dns":1,"connect":69,"send":0,"wait":129,"receive":4,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://authwall-trump.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 24 Jan 2026 07:38:24 GMT\r\nexpires: Sun, 24 Jan 2027 07:38:24 GMT\r\ncache-control: public, max-age=31536000\r\nage: 43336\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-06-08T20:41:31.597464Z","times_seen":508958,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":144,"dns":39,"connect":21,"send":0,"wait":24,"receive":29,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/coinbase.webp","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/coinbase.webp HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/webp\r\nContent-Length: 5788\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-169c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5788,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41cda3747eadfba06880d017f222e96e","sha1":"ba99c16f6c8bb94add263500d9b19329d42c6505","sha256":"b2905215c8fd80b5fa56e8787e77d922891fc7fcf7f386b93050ade3fb0d83ae","sha512":"82d51b0f94cf9d1986ec7c93ad61a1eb4a50f9747ff860a1af64a355d85ab126e6e4668fde6390e273c49abc17a81d8c49d80e35458506ccf01024848742e8a3","ssdeep":"96:tIWZZfWLinzorwmh0o4e/XVIB5ifjutGdOthbG3Up3Ez:tIWyLinzFfAu5iKnhK3Dz","tlshash":"86c1afe3a54bd4b56d7b313aeed2d6f54cc638733c218ea671adeacd4189dbd2062004","first_seen":"2025-07-31T16:18:58.304281Z","last_seen":"2026-04-25T07:21:54.070006Z","times_seen":19,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/cryptocom.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/cryptocom.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-1f8d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8077,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"0de735af6b37bae04a222602fb031e74","sha1":"7039a875e0e33bb227ab82e0e78a9319f7f36858","sha256":"b87bc0c06b082e2ce3148fb97701dffa2ec6ec00264eb9ca6015e8f65dab47a6","sha512":"7d8c942987674b427c3de1cb313e8c92417b1f62a924f919370ea7e8d160bc4eae87b6dd42e22d39216c658edf58bb57fba35f81c54957547a2e7f08b226ed61","ssdeep":"192:1tEkTftElw862NLN4yq77X1M+B8pNMKgWT6ZAcVkzMe:HvTfkwgEhBBXKPGycCzx","tlshash":"16f1bfdcdc144bd6f22f9c015928bc5eb09ba16f6508a7649b23273668b81a8210de4f","first_seen":"2025-07-31T16:18:58.305873Z","last_seen":"2026-04-25T07:21:54.067989Z","times_seen":18,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/participate_right.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/participate_right.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-d037\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 517 x 359, 8-bit/color RGBA, non-interlaced","md5":"7b34deab0113558c41296da6b9944763","sha1":"5206255fe26c5280ba704655b5b509ee6ab20b05","sha256":"4b7c491b89c17460109879aff6ab583c6971ce194afdd7cd4399a1bb0139f89e","sha512":"6acf55f993922dda04f023d94c673ebb58b7be687f7553f990b905d5385bf72187c663fd839cd4f29821c73de97b9b0e5ef78e7c5405107e7de324d673efb2b2","ssdeep":"1536:UoU4epphYiaWj5thAhoZGn/zq5Hy3vLA9wwF/7:1UnpERWtthAyZG/zq5qT1wFD","tlshash":"7733f155612ececbcca4a7f97fe1e0a9a7d8584b8a55cdcf3c034912e50381ad7f9824","first_seen":"2025-07-31T16:18:58.255326Z","last_seen":"2026-01-30T07:14:01.45693Z","times_seen":12,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":541,"dns":0,"connect":0,"send":0,"wait":68,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/fckr/icons/phantom.png","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /fckr/icons/phantom.png HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"68cafd74-83b7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33719,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced","md5":"6af764d4be1436e1a31e155c1d3a3f07","sha1":"a3653f10bce8f8ed6474606e05b30bf943702647","sha256":"4fa7d2f462d5cd29a7206959ec4768132349da3b303551995820cabb0e4a0fbd","sha512":"053fe5d063051e9ba1e61e54591a5e7374aadc68f4939d370751396768d83ad2c1b8bff916cf6232d3a1752355c330607cbc7e3be99efca27944ea75274effd1","ssdeep":"768:Psc7Ni71AlNBYP/HvAoEuQE5ywPSHctrBLJq6IFUNyi34RInX:Zk1AlNB4wjE8wPSHWrxJq6IUsHIX","tlshash":"d6e2e01e8d832821e840087a23d997ec397b3b817d12e9320729fd2bed274f7e554597","first_seen":"2025-04-04T19:06:21.67054Z","last_seen":"2026-04-25T07:21:54.058427Z","times_seen":40,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":101,"dns":0,"connect":0,"send":0,"wait":73,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/favicon.ico","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:41.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:41 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 20222\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-4efe\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20222,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 61x80, 32 bits/pixel","md5":"5080bf85ef5e0952387af5eb24a71da2","sha1":"3525a525a3c40ce4bc025f198c1bf227f524d4f3","sha256":"d5b3217cc50f23ca52fbc1b1471179e323f2d70229141cdd3184c39f997b2224","sha512":"613b8ec431ef5b9e44deae15857818bec4275836ddfca883d15dd137f10b087b772c26d880ebc600feb1d6116da2bcbafd82e44f78242d37086d72245ecb6203","ssdeep":"192:lLxk19b+3QTZIE6FPjDKDs4m7dmGH85WVFPQ:lLxk19b+8ZIpFPjDKDRm7dmGH85WVFPQ","tlshash":"4592ef34c0396a46d45a1dbb4ea72310d497f3b173530a7ee61f211bf22307b6ea9476","first_seen":"2025-07-31T16:18:58.268848Z","last_seen":"2026-04-20T10:47:36.534621Z","times_seen":19,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authwall-trump.cfd/assets/img/header_yt.svg","fqdn":"authwall-trump.cfd","domain":"authwall-trump.cfd","tld":"cfd"},"ip":{"addr":"94.154.35.90","port":443,"asn":215567,"as":"Emirhan Kurt","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authwall-trump.cfd/","date":"2026-01-24T19:40:40.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authwall-trump.cfd","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 01:55:18 GMT","end":"Thu, 16 Apr 2026 01:55:17 GMT"},"fingerprint":{"sha1":"0E:FE:D0:E9:35:71:37:75:D0:10:09:D4:B1:2D:69:FA:A1:FB:8B:42","sha256":"91:8B:9E:69:34:CF:39:06:7D:F6:60:7D:09:D4:F4:E9:9F:3A:4E:13:16:E7:B5:1F:7F:DF:09:99:68:09:E0:27"}}},"request":{"raw":"GET /assets/img/header_yt.svg HTTP/1.1\r\nHost: authwall-trump.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authwall-trump.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Sat, 24 Jan 2026 19:40:40 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 773\r\nLast-Modified: Wed, 17 Sep 2025 18:27:00 GMT\r\nConnection: keep-alive\r\nETag: \"68cafd74-305\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":773,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2f67701ac9682836a5de1adeec2eabc1","sha1":"0188807b64a5397dc1bfcb953da1f338db922479","sha256":"44fd595e9abcb9b98ba8738158f2fcbfe5399805805673a1010ee549c7c55919","sha512":"97d1f3578bc476245d772cc6c1f48dbb694a2c0524943368e1c9ea14e5d36cee3b0a223db896a5a2e2dd295275d9074cfb2be07f9f3fafcb46b43f0690e62741","ssdeep":"","tlshash":"9201dcd9b39cb1c194148b744a20187239fb2cf61a42da498ff398a452a3a5fce85d9d","first_seen":"2025-07-31T16:18:58.308433Z","last_seen":"2026-01-30T07:14:01.460408Z","times_seen":11,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":478,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"authwall-trump.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}