{"report_id":"eee7fecf-23bf-4879-a7eb-fcc7455c9db9","version":6,"status":"done","tags":[],"date":"2026-05-03T10:01:54Z","url":{"schema":"http","addr":"trustwalletcards.info","fqdn":"trustwalletcards.info","domain":"trustwalletcards.info","tld":"info"},"ip":{"addr":"91.234.34.111","port":0,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"final":{"url":{"schema":"http","addr":"trustwalletcards.info/","fqdn":"trustwalletcards.info","domain":"trustwalletcards.info","tld":"info"},"title":"Домен отключен","dom":{"size":3145,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9b3977f91f76050b38263f9471338564","sha1":"863cb6787216dc06479485ddd6848626c78621f8","sha256":"1e2508827f7b49c2b8c9bcd69ab7b691ccad166ad65bf9975e0570fce9570a10","sha512":"6c72370fe63f92f016c84e51c01a5575157afd75d45cf7d38861fd9f0c8fa1abf87442984a14164e6fee0e35f6cd801806aba18173a76f263ff52ffcc092d9d3","ssdeep":"","tlshash":"b851ecaa45f690275242d9c8e9606b0dad85d1abef5b5f1071bc0e9a3fd3c918d2305c","dom_hash":"domhash8ac86737938b8df6e45609bb6508ebcc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwalletcards.info","fqdn":"trustwalletcards.info","domain":"trustwalletcards.info","tld":"info"},"ip":{"addr":"91.234.34.111","port":0,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-07T10:01:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-03","alert":"Sinkholed","trigger":"trustwalletcards.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"thehost.ua","ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"domain_registered":"2013-04-17","domain_rank":339948,"first_seen":"2017-02-11T06:09:28Z","last_seen":"2026-04-19T11:38:06.369406Z","alert_count":0,"request_count":6,"received_data":44824,"sent_data":2657,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"static.thehost.com.ua","ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"domain_registered":"2007-10-25","domain_rank":0,"first_seen":"2017-02-04T07:56:18Z","last_seen":"2026-03-12T20:00:06.84369Z","alert_count":0,"request_count":5,"received_data":150361,"sent_data":2363,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"trustwalletcards.info","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":3656,"sent_data":896,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.16","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"thehost.ua/static/external/languageSwitcher.js","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"e72c445619aaa260f6aa5d897781c5c5","sha1":"8e5496b45e21cfc6fd9cf3ef57e52e30c7e41676","sha256":"3822b7be740c04c88d998bd1b709d78dc93bd6038e28161e992d530b57f30eda","sha512":"f9a88520128879bfa40292bf73b602518e8a3afbb2d2c3e010eaa65b1cadd8f829d81ad01a5c633daa381721ffc0640a2c20f242bfa6a023a74047f5826fe894","ssdeep":"","tlshash":"6f81a4bb709e503e05f7e536316b9784a63855c8c8457c00b691dd282cb4dda4673f9e","size":3984,"data":"","first_seen":"2025-08-22T10:38:37.7032Z","last_seen":"2026-05-31T02:00:48.49838Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/external/js.cookie.js","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"introduction_type":"scriptElement","is_inline":false,"md5":"11a1ef4f1848109bff41a882eff91b24","sha1":"f07e9a745b1160bc1e225ea85a833511c52359e0","sha256":"d01fcc516710afd47b1fa8eea0e27511e90e2dd15ef595fff9391c89a206a3cd","sha512":"ce4122a5dd4a8bf231042947f22de9fd40e4c83b5dc1bccf31cd04c53643e058329e626f6c95ceaac4af63be9ad0b3e8965d3238ad4b3641824d2c9765d6fa0c","ssdeep":"","tlshash":"a43181a874853c48015f0631837f124bf2b90b569e9e92a69308e0f0357487b822bffa","size":1620,"data":"","first_seen":"2024-08-20T05:12:27.002913Z","last_seen":"2026-05-31T02:00:48.489627Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"thehost.ua/static/external/holder.png","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/external/holder.png HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24908\r\nlast-modified: Fri, 10 Feb 2023 10:29:49 GMT\r\netag: \"63e61c9d-614c\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24908,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"829cb044c6a328af20000001126aad16","sha1":"2226f8962520f7f5cd74fcaa4c6302a0e735e6d3","sha256":"0be0ed47a14413b4b94c385edc3c2c96428771cbfb8fbe7529c56462cb12b7ae","sha512":"4250e0081127e3e3edc22cdacae88f7c7018047c35fac64f9bece9d27bb4559ff67518fb9f531335b78f2e577f8895f5b0945449d10115ae46387701a7f2278b","ssdeep":"768:wre+on/oP7pSaBborpkeOzGTGN8cqVtaLvKI:D+oKdSaGr2GCNQtaLiI","tlshash":"9eb2e23e3e8282ac3bd813460b160ba5728b6835d1d533de854844dd5fe39ee4dd74b2","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.496092Z","times_seen":45,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":176,"dns":0,"connect":0,"send":0,"wait":91,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.thehost.com.ua/bg.jpg","fqdn":"static.thehost.com.ua","domain":"thehost.com.ua","tld":"com.ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.com.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 22 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B9:29:B8:BB:0F:D8:B1:AC:F3:81:28:AB:8E:43:45:C6:B7:14:05:A2","sha256":"F0:37:14:C4:38:E9:0D:AD:C0:27:00:35:F6:B4:83:74:8B:43:33:DB:06:2C:B7:B0:A5:52:CE:9C:F7:77:C1:B7"}}},"request":{"raw":"GET /bg.jpg HTTP/1.1\r\nHost: static.thehost.com.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thehost.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 14928\r\nlast-modified: Sun, 09 Oct 2022 17:46:41 GMT\r\netag: \"63430901-3a50\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14928,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1489x331, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"11d149f200bb080cc0582b0efb9e022f","sha1":"5473cff88348c813ea0266e54e6e2c23d1c83d09","sha256":"9cd3f10dd1b556bb57cf75aa6ba5a936dfdac34dc43919da25bbaf4c985283cb","sha512":"7b3fb7d3b80b8b39ee4a36d51f737c880591cb53cf55ebf0498e457c024d730e97949c05f9571c901972d29c7aa6e5b39f6b810c6ab9f38b089a230ed59e3873","ssdeep":"384:X7Ba0G24Zx4chv153voAZInQE0O7Sa80nERznF:Xg0V4zJL3vohre","tlshash":"d262d076e1896dfcef56ad38d6132b558c415e4098fdd2b7717de3c8b719003a01a18d","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.496942Z","times_seen":65,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":192,"dns":31,"connect":47,"send":0,"wait":47,"receive":48,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.thehost.com.ua/pfdindisplaypro-italic-webfont.woff","fqdn":"static.thehost.com.ua","domain":"thehost.com.ua","tld":"com.ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.com.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 22 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B9:29:B8:BB:0F:D8:B1:AC:F3:81:28:AB:8E:43:45:C6:B7:14:05:A2","sha256":"F0:37:14:C4:38:E9:0D:AD:C0:27:00:35:F6:B4:83:74:8B:43:33:DB:06:2C:B7:B0:A5:52:CE:9C:F7:77:C1:B7"}}},"request":{"raw":"GET /pfdindisplaypro-italic-webfont.woff HTTP/1.1\r\nHost: static.thehost.com.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://trustwalletcards.info\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thehost.ua/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: font/woff\r\ncontent-length: 40324\r\nlast-modified: Fri, 25 Oct 2013 14:19:04 GMT\r\netag: \"526a7dd8-9d84\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40324,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 40324, version 1.0","md5":"0b9beadb1c0572ec9f0db35ddfc65c01","sha1":"22c3f4dd01c725972031733a806a9064f49a7e25","sha256":"ce0a07d7bd430ba9c41f301e6ee68a8520a39000e28b8b45a79ee8aab735b476","sha512":"6d410c682c1340536d2ba28e4a2c84d654d8532f6001ef5523e54605f293de57109beafb5526147c3cb6d031a350a08b9634cdf765a36b0642bda77bc9809ad0","ssdeep":"768:50O4X1ciQO/bXdvAfSTgp5KmCSZvEQBWHR86Bj4nFwenUPM:yXZ5A7bCSbWx5Mnu1E","tlshash":"2a030248f6ef0d59e670dc29a8f85a21a12700faa73574e73d17950b2e4f123c6e97d0","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.491536Z","times_seen":51,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":203,"dns":15,"connect":53,"send":0,"wait":51,"receive":101,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/favicon.ico","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/favicon.ico HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 2862\r\nlast-modified: Mon, 16 Jun 2014 16:18:19 GMT\r\netag: \"539f18cb-b2e\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2862,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel","md5":"53cd4412943fca2421a7bd974efc1891","sha1":"bde3e1f5dbe7331d90c5cc7925cccde41f778796","sha256":"1ef6eb105ab6806800db2ebd484bd8c66bc27591a929bf928557d14e91583004","sha512":"a93dd66693dc2c0f26f0ab4479af2385c045a020d64b664dd7073603a6fa7d2b6f0aa54c24ee39536c00f9a05abd9a24edaae309fed197263b34a7a73edb37ce","ssdeep":"","tlshash":"4551324763c58c10fb640231e0fb9fa818bdc4630e7923f7add5d84ebdf9194526852a","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.495057Z","times_seen":88,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalletcards.info/","fqdn":"trustwalletcards.info","domain":"trustwalletcards.info","tld":"info"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-03T10:01:33.709Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwalletcards.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T20:29:48.587722Z","times_seen":16589263,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":92,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-03","alert":"Sinkholed","trigger":"trustwalletcards.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/external/js.cookie.js","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/external/js.cookie.js HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 707\r\nlast-modified: Fri, 10 Feb 2023 09:32:22 GMT\r\netag: \"63e60f26-2c3\"\r\ncontent-encoding: br\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1620,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1620), with no line terminators","md5":"11a1ef4f1848109bff41a882eff91b24","sha1":"f07e9a745b1160bc1e225ea85a833511c52359e0","sha256":"d01fcc516710afd47b1fa8eea0e27511e90e2dd15ef595fff9391c89a206a3cd","sha512":"ce4122a5dd4a8bf231042947f22de9fd40e4c83b5dc1bccf31cd04c53643e058329e626f6c95ceaac4af63be9ad0b3e8965d3238ad4b3641824d2c9765d6fa0c","ssdeep":"","tlshash":"a43181a874853c48015f0631837f124bf2b90b569e9e92a69308e0f0357487b822bffa","first_seen":"2024-08-20T05:12:27.002913Z","last_seen":"2026-05-31T02:00:48.489627Z","times_seen":40,"resource_available":true,"data":null}},"time_used":464,"timings":{"blocked":187,"dns":30,"connect":45,"send":0,"wait":85,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/external/style.css","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/external/style.css HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: text/css\r\ncontent-length: 1686\r\nlast-modified: Fri, 10 Feb 2023 09:32:22 GMT\r\netag: \"63e60f26-696\"\r\ncontent-encoding: br\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7601,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7601), with no line terminators","md5":"a872bc34840976409acefedb70ddf625","sha1":"2496353882b8f5a16a76403309845db29e03a039","sha256":"f4574b6cc8d4e7678ed22f11d129abca0ae912b39712627e3b2c264a1f393780","sha512":"09a9bd144ffe2b0f39279e311d12318fdba5181a4739cdeb17aad210c526fb53413ddb3dea87dc6eabaefb4313735937eefca9ca9d2101e8f0e67f97c73cd73a","ssdeep":"192:2jJk8y0+IkNZJbhk5UOaUklhAGwkhFXj4Tzc3zeGmZeFMqdJycy+N27G2GMXHGM2:2jK8y0+NNZJbS5UOa5lhAGlhFETzwMZ6","tlshash":"2cf1c6b29446915ce416e9d0b1cb1b5bf83674288c9f9e36db27b954ee8b0ed0333b44","first_seen":"2023-04-10T05:55:32Z","last_seen":"2026-05-31T02:00:48.497506Z","times_seen":46,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":181,"dns":31,"connect":45,"send":0,"wait":46,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/external/languageSwitcher.js","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/external/languageSwitcher.js HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1762\r\nlast-modified: Fri, 10 Feb 2023 09:32:22 GMT\r\netag: \"63e60f26-6e2\"\r\ncontent-encoding: br\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3984,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3984), with no line terminators","md5":"e72c445619aaa260f6aa5d897781c5c5","sha1":"8e5496b45e21cfc6fd9cf3ef57e52e30c7e41676","sha256":"3822b7be740c04c88d998bd1b709d78dc93bd6038e28161e992d530b57f30eda","sha512":"f9a88520128879bfa40292bf73b602518e8a3afbb2d2c3e010eaa65b1cadd8f829d81ad01a5c633daa381721ffc0640a2c20f242bfa6a023a74047f5826fe894","ssdeep":"","tlshash":"6f81a4bb709e503e05f7e536316b9784a63855c8c8457c00b691dd282cb4dda4673f9e","first_seen":"2025-08-22T10:38:37.7032Z","last_seen":"2026-05-31T02:00:48.49838Z","times_seen":11,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":193,"dns":29,"connect":51,"send":0,"wait":78,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.thehost.com.ua/pfdindisplaypro-bolditalic-webfont.woff","fqdn":"static.thehost.com.ua","domain":"thehost.com.ua","tld":"com.ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.com.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 22 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B9:29:B8:BB:0F:D8:B1:AC:F3:81:28:AB:8E:43:45:C6:B7:14:05:A2","sha256":"F0:37:14:C4:38:E9:0D:AD:C0:27:00:35:F6:B4:83:74:8B:43:33:DB:06:2C:B7:B0:A5:52:CE:9C:F7:77:C1:B7"}}},"request":{"raw":"GET /pfdindisplaypro-bolditalic-webfont.woff HTTP/1.1\r\nHost: static.thehost.com.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://trustwalletcards.info\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thehost.ua/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: font/woff\r\ncontent-length: 40544\r\nlast-modified: Fri, 25 Oct 2013 14:19:04 GMT\r\netag: \"526a7dd8-9e60\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40544,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 40544, version 1.0","md5":"de153d8ec4ed97c01b65a53905e5355c","sha1":"fcf16435a84293e51fefd21ec20fe57195238e7b","sha256":"e7827ef7765db9220ef5ec76ffeaa1b0c56de78ae545ade19879c89ced1a50ab","sha512":"b73eb7a323f25352b19df41d4a59862f722080ead7abb4a3bf4e3c66c52bdfb9a1f98256d5f00bd3c04da6fa5604ff734b30f9a19c944e4fb79d46f66fbe0bfe","ssdeep":"768:s8viWE9OdPh6iAsflIED+yPXewSaCMjPXQWcwiNjX4oOuNn6F6P4:X6WEAdPY7stIkPXlrdb5oOuQf","tlshash":"3403f1bfe65c6a8390a390ba06075b0e0d74a20ffc9d8fe4250cdd75a5476af808d776","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.494569Z","times_seen":64,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":202,"dns":10,"connect":53,"send":0,"wait":149,"receive":1,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.thehost.com.ua/disabled.png","fqdn":"static.thehost.com.ua","domain":"thehost.com.ua","tld":"com.ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.com.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 22 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B9:29:B8:BB:0F:D8:B1:AC:F3:81:28:AB:8E:43:45:C6:B7:14:05:A2","sha256":"F0:37:14:C4:38:E9:0D:AD:C0:27:00:35:F6:B4:83:74:8B:43:33:DB:06:2C:B7:B0:A5:52:CE:9C:F7:77:C1:B7"}}},"request":{"raw":"GET /disabled.png HTTP/1.1\r\nHost: static.thehost.com.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thehost.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3564\r\nlast-modified: Thu, 12 Dec 2019 18:44:54 GMT\r\netag: \"5df28aa6-dec\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3564,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1dd3dc181df70e9ab9681619234b7a1a","sha1":"0878656e72b479087a2d8a58ad38dca3fec71fad","sha256":"1c4e1cb8ee51b8a386f002ea67fd59e31fb3e3f80cb24691455c3abd2a9e0a80","sha512":"85380d30307ee43c452311a4566254c0ffbc39fd60bea9e6a1e69ab56fdc99e213fc19bf1194e1d06fccd8cc9d0d85aadb37ea8b6eefd9e75570c550e44caf21","ssdeep":"","tlshash":"59716e79cd4573362c2072c7237e9b69f22e8e5c41f578cc9975af60547e528223454f","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.494015Z","times_seen":46,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":217,"dns":26,"connect":53,"send":0,"wait":114,"receive":0,"ssl":133},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.thehost.com.ua/icons.png","fqdn":"static.thehost.com.ua","domain":"thehost.com.ua","tld":"com.ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.com.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 22 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"B9:29:B8:BB:0F:D8:B1:AC:F3:81:28:AB:8E:43:45:C6:B7:14:05:A2","sha256":"F0:37:14:C4:38:E9:0D:AD:C0:27:00:35:F6:B4:83:74:8B:43:33:DB:06:2C:B7:B0:A5:52:CE:9C:F7:77:C1:B7"}}},"request":{"raw":"GET /icons.png HTTP/1.1\r\nHost: static.thehost.com.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://thehost.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 48670\r\nlast-modified: Thu, 02 Nov 2023 08:27:17 GMT\r\netag: \"65435d65-be1e\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48670,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c04797a323bfc37d4438ad118187268c","sha1":"1eb4a672a08f575f763dfd14634aa6dd60b78546","sha256":"c19536317592976f5962cfb02b102166f8a68730dec916d2e74a046fcaddb5d4","sha512":"19969dee2b1e30edee6a94abaa9d3b39036d6b046233467cfc0ea3e6a26e2c1f3365a53885e800e432798fa2f9f986a127c95c38e73f723ae647dd3954496f38","ssdeep":"768:DTqKVhEOn71jFUbun5qWpIu/dHpXOEpxeFTF7idGcw/wMKX6OJpGWBoKi:K2D7rb5rpIuFHpXOExePeMwMKX6OJpvW","tlshash":"842302849ed756e13743aec4a796c03743e319789a34fa20f647f8e8aa051cb3a44de5","first_seen":"2023-11-04T22:33:44Z","last_seen":"2026-05-31T02:00:48.49884Z","times_seen":41,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":196,"dns":25,"connect":51,"send":0,"wait":85,"receive":49,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustwalletcards.info/","fqdn":"trustwalletcards.info","domain":"trustwalletcards.info","tld":"info"},"ip":{"addr":"91.234.34.111","port":80,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-03T10:01:33.856Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwalletcards.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Sun, 03 May 2026 10:01:33 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.16\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.16","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3475,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"afd790f8280f0508464f28d9b05120ac","sha1":"f68a13830f59fb86a869d20156de0602dc25433c","sha256":"a7bdcc1beec2dcd3d676c05ee9d603088b3037cab71a5a090a5c86bc44998574","sha512":"a09ca551978a7845a31c9e817e6c2ae8a12bcc11c39c93244d6fa18a0960621ba23a8ed9f3e8e8447436fb857a6015bbec548980d84f81dc04a418e6942bc009","ssdeep":"","tlshash":"29611f7a49fa55574282d4c5a8a02b0dae85d2afef0b1f1175bc099a7fd3c968d2304c","first_seen":"2026-05-03T10:01:59.997778Z","last_seen":"2026-05-03T10:01:59.997778Z","times_seen":1,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":52,"dns":0,"connect":52,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-03","alert":"Sinkholed","trigger":"trustwalletcards.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"thehost.ua/static/external/logo.png","fqdn":"thehost.ua","domain":"thehost.ua","tld":"ua"},"ip":{"addr":"91.234.32.2","port":443,"asn":56485,"as":"Oleksandr Siedinkin","country":"Ukraine","country_code":"UA"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwalletcards.info/","date":"2026-05-03T10:01:34.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thehost.ua","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Mon, 07 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:A5:FF:45:49:5C:E0:7B:7F:2F:74:93:94:D5:4E:2A:52:BC:4A:DE","sha256":"1E:41:2E:36:DD:E5:4E:EF:00:1E:0F:D6:ED:E8:11:31:AD:93:D1:60:3B:8F:E9:C4:55:DF:A2:AC:B4:44:BB:EC"}}},"request":{"raw":"GET /static/external/logo.png HTTP/1.1\r\nHost: thehost.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://trustwalletcards.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 03 May 2026 10:01:34 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1594\r\nlast-modified: Fri, 10 Feb 2023 10:29:49 GMT\r\netag: \"63e61c9d-63a\"\r\nexpires: Tue, 04 May 2027 10:01:34 GMT\r\ncache-control: max-age=31622400\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=15768000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1594,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cac107f15fc55e1214e5c639b1c3535e","sha1":"47e1528308f92745db862c85823bb0e5c1ea6069","sha256":"309ec4271d10e08396449845d793c7d487f9b3bbd3860ec6956eebb6f5126fca","sha512":"2ca5ce9186ce1b401619e27ee919f2d947e43538315d86393bbbf563f7da1c38a495d718cf40fbb1019bd49364ec190f3f2b7433e259383c31544402ed5ce009","ssdeep":"","tlshash":"3f310a6af1142ba73987215fd9c5c36faa04052f02d5c97e8ade32cb46df1c4658a427","first_seen":"2023-05-02T16:05:25Z","last_seen":"2026-05-31T02:00:48.492765Z","times_seen":56,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}