{"report_id":"c214af55-dc15-4d7a-8b4c-09d951540f31","version":0,"status":"done","tags":[],"date":"2026-06-12T09:33:54Z","url":{"schema":"http","addr":"tronlinkdesktopwallet.com","fqdn":"tronlinkdesktopwallet.com","domain":"tronlinkdesktopwallet.com","tld":"com"},"ip":{"addr":"203.188.171.156","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"tronlinkdesktopwallet.com/","fqdn":"tronlinkdesktopwallet.com","domain":"tronlinkdesktopwallet.com","tld":"com"},"title":"TronLink Wallet | Secure \u0026 Stable TRON Wallet","dom":{"size":888343,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (30957)","md5":"22418d44558f242a9ee86424dcc1113a","sha1":"9025410a024fe68bfa53e9f61742d0652b6bf058","sha256":"22698a390c6e7ff5cd236f84fee89173121e53a950159c0775661ef65d0158bb","sha512":"14c285cd65e4c647eb167654dfbe0fb0d77dfe2dd0dd2d800be72d1b4b19a469604a225a40b82f63f9d46d093c3e410c8fe6f0b0c40611f87af11b0d4603cc99","ssdeep":"12288:uugdfy7TbW2RxuW+YtGfKs2QZfSGYizkbNSdIqT/BovCEj3fpKv+kRI5xeQ+i:pRMW+YU23gkbAdFJoamm+rX","tlshash":"2415f160722ce43f6d3355e4e28cf92c6525b1d1e90941eefe5830125ac7ff23ab6a58","dom_hash":"domhashb14410ecfff9b0a7766fcb60ca5715dc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tronlinkdesktopwallet.com","fqdn":"tronlinkdesktopwallet.com","domain":"tronlinkdesktopwallet.com","tld":"com"},"ip":{"addr":"203.188.171.156","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-17T09:33:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"tronlinkdesktopwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"tronlinkdesktopwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tronlinkdesktopwallet.com","ip":{"addr":"203.188.171.156","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-06-02","domain_rank":0,"first_seen":"2026-06-12T09:33:55.200467Z","last_seen":"2026-06-12T09:33:55.200467Z","alert_count":2,"request_count":1,"received_data":922949,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tronlinkdesktopwallet.com/","fqdn":"tronlinkdesktopwallet.com","domain":"tronlinkdesktopwallet.com","tld":"com"},"ip":{"addr":"203.188.171.156","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"33286ff94f986f04221b64404ceb6782","sha1":"cf7598dec50b861e625e19d7473ed2df9152b300","sha256":"c81402569b6fd2536c584d3c88d1bb5e9081d8ce8d499d8a26c0dc70ca6144cc","sha512":"e9790418a63c51047798573ea4d9bfff60a00ff7e1bef6b42e51bc8cb989b2ef53752600ac97f7eb7c6770b4372fd0c436ae3da8ea9dd6ba72a033ecf549d353","ssdeep":"","tlshash":"bd015927222233707cd9d5dca8b6d98e39bb500ae40a0090a08e844c1834bc544f7bdc","size":843,"data":"","first_seen":"2026-06-08T13:08:16.104529Z","last_seen":"2026-06-21T05:24:35.340314Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tronlinkdesktopwallet.com/","fqdn":"tronlinkdesktopwallet.com","domain":"tronlinkdesktopwallet.com","tld":"com"},"ip":{"addr":"203.188.171.156","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-12T09:33:30.032Z","timestamp":1781256810032,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tronlinkdesktopwallet.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Jun 2026 19:56:09 GMT","end":"Mon, 31 Aug 2026 19:56:08 GMT"},"fingerprint":{"sha1":"24:66:81:28:7D:04:EB:E8:AB:8A:67:21:75:4A:0A:0E:84:19:3E:A4","sha256":"73:BB:9E:35:F8:0D:B7:BF:26:DC:EB:61:2E:CC:57:BB:47:17:97:19:E0:F3:F1:9D:39:36:CA:F6:66:74:CD:4E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tronlinkdesktopwallet.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nalt-svc: h3=\":443\"; ma=2592000\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Fri, 12 Jun 2026 09:33:30 GMT\r\netag: W/\"6a1f42fb-e1437\"\r\nlast-modified: Tue, 02 Jun 2026 20:54:19 GMT\r\nserver: nginx/1.24.0\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":922679,"size_decoded":731363,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (30946)","md5":"ea7f5388b61adeb4d3981d64a1b803f9","sha1":"2a07140e18a2674e2e9593bc408d30c91d40f0a1","sha256":"47f34cca00168c14e524633c7ebde363d7026c0865cc1aec31175bf53cf5cffa","sha512":"d0d9cf365bdc1bceb8faad4ae5a2db267cb3fac8f789aae64a53008db0750a45968477239e148732966349195b992db8b04324297a8a0a7854e48cb8a4bf883e","ssdeep":"12288:tugdfy7TbT2GxuW+YtGfKs2QZfSGYizkbNSdIqT/BovCEj3fpKv+kRI5xeQ+y:NGMW+YU23gkbAdFJoamm+rb","tlshash":"dd15e1607228a43f6d3355f8e28cf92ca515b1d1dd1a41eefe5420225ac7ff23ab7a14","first_seen":"2026-06-12T09:33:58.928548Z","last_seen":"2026-06-12T10:49:25.032041Z","times_seen":2,"resource_available":true,"data":null}},"time_used":417,"timings":{"blocked":0,"dns":4,"connect":99,"send":0,"wait":102,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"tronlinkdesktopwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-12","alert":"Sinkholed","trigger":"tronlinkdesktopwallet.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}