{"report_id":"b378a8c0-48ad-43ec-91fa-523684248d67","version":0,"status":"done","tags":[],"date":"2026-06-30T22:08:52Z","url":{"schema":"http","addr":"trustwallets.com.cn","fqdn":"trustwallets.com.cn","domain":"trustwallets.com.cn","tld":"com.cn"},"ip":{"addr":"111.68.12.201","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"trustwallets.com.cn/","fqdn":"trustwallets.com.cn","domain":"trustwallets.com.cn","tld":"com.cn"},"title":"Trust Wallet - 最值得信赖的加密钱包 | 安全存储比特币、以太坊等加密货币","dom":{"size":73007,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (552)","md5":"b36fe32847f9ea8b3a98953cd92b972e","sha1":"3a0c74dcd35ffc6439de188dd389125c830b3dec","sha256":"26e006e881f5d0c629c79b33e7a0ed0f8692e95649098e787ed2981a8a554908","sha512":"fdc178f6f179a38627a8eb4f21824ecbee2e6ae6b861dbe85f3d41c13710a149927393c4d3661ca230aac9127fead412b1ad503dc84a43c749290f888773b21f","ssdeep":"768:Bq3sX+pFQR9nCUjPKvRfzbhe9vae68OII13i194BQFM+dgYw2Z:8xqnRyvRfzbhe9vae68OII8sd6gYwM","tlshash":"5f63a56a67f31069680395a56bbb475a2734e047d90bcd293bed03488f86bd8ed8374c","dom_hash":"domhasha29c0260bf1fb534aac7dcbf799bf66e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwallets.com.cn","fqdn":"trustwallets.com.cn","domain":"trustwallets.com.cn","tld":"com.cn"},"ip":{"addr":"111.68.12.201","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T22:08:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallets.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallets.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwallets.com.cn","ip":{"addr":"111.68.12.201","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-06-26","domain_rank":0,"first_seen":"2026-06-30T17:40:44.556337Z","last_seen":"2026-06-30T17:40:44.556337Z","alert_count":2,"request_count":1,"received_data":71030,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trustwallets.com.cn/","fqdn":"trustwallets.com.cn","domain":"trustwallets.com.cn","tld":"com.cn"},"ip":{"addr":"111.68.12.201","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3460e0e052e9b38dcd8afdfb0bd24e08","sha1":"c26025ea532b427e16c4a6cf4e4d5de5eccbc26b","sha256":"3ace092c55dec8da28b4835d19270131f4e3f794a5d043ee3626c719664c55de","sha512":"88256ccccf8dd1e2ed7da024f577186deca014bd52323c9cadb9de264b2078eae63047e2489abba124ebfc71fa82d1829f3b12fbd4c0b61b592461cfb24e2ecd","ssdeep":"","tlshash":"0f81fd6b11b2207a407b65ae53cb87a07b2410873442d9663e6ccb8d2fd1b616db3ad6","size":3889,"data":"","first_seen":"2026-06-30T17:40:50.872299Z","last_seen":"2026-06-30T22:08:55.340827Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"🔐 Trust Wallet Demo Page","filename":"https://trustwallets.com.cn/","line_number":1738,"column_number":17},{"level":"log","text":"安全、去中心化的加密钱包 - 演示页面","filename":"https://trustwallets.com.cn/","line_number":1741,"column_number":17}]},"http":[{"url":{"schema":"https","addr":"trustwallets.com.cn/","fqdn":"trustwallets.com.cn","domain":"trustwallets.com.cn","tld":"com.cn"},"ip":{"addr":"111.68.12.201","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T22:08:28.429Z","timestamp":1782857308429,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallets.com.cn","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 12:51:32 GMT","end":"Thu, 24 Sep 2026 12:51:31 GMT"},"fingerprint":{"sha1":"CE:E9:C6:B3:C6:28:AA:E5:CB:EE:E3:ED:18:59:75:27:A8:FF:16:93","sha256":"C3:3A:BA:08:9C:89:5B:3A:A9:3F:93:A7:E6:9D:92:AE:B0:B6:E8:06:6A:DB:18:CF:9D:DB:E3:D2:D7:FE:FF:20"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallets.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 26 Jun 2026 13:44:25 GMT\r\netag: \"11459-655284e9707e7-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 14420\r\ncontent-type: text/html\r\ndate: Tue, 30 Jun 2026 22:08:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":70745,"size_decoded":14705,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1188)","md5":"ecde2bd4a9dd908f7c578def70b996c7","sha1":"78268dd99925266d847e0391c601c32c28c22b8e","sha256":"92472e50fd7ad388423f67feddad0c6a34425e5a196cbd4931f39c20001bdb56","sha512":"5f9cec9258a547bf3715ae51ed38a7b08a3f172cba652c6fb2b28cb9e281a68b9e9378086103387a8a179b5657f9694c53ba6cbfe4530852d6c230d90a3771e0","ssdeep":"768:dqIxS+pFQR9nCUjPKvRfzbhe9vae68OII1EJhp4BQFeFdgYwTA:QgqnRyvRfzbhe9vae68OII6szHgYwc","tlshash":"9063945a67f31066681799a52b7b475a3765e043c80bca293fec13488fc6fd8ad8374c","first_seen":"2026-06-30T17:40:50.871373Z","last_seen":"2026-06-30T22:08:55.337831Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1852,"timings":{"blocked":-1,"dns":951,"connect":185,"send":0,"wait":350,"receive":0,"ssl":366},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallets.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"trustwallets.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
