{"report_id":"ef0efac7-e555-445f-9ac3-be5cdd2c2c5a","version":6,"status":"done","tags":[],"date":"2026-03-25T21:20:21Z","url":{"schema":"http","addr":"card-phantom.com","fqdn":"card-phantom.com","domain":"card-phantom.com","tld":"com"},"ip":{"addr":"37.140.192.11","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"card-phantom.com/","fqdn":"card-phantom.com","domain":"card-phantom.com","tld":"com"},"title":"Phantom FinTech — Next-Gen Virtual Payment Solutions","dom":{"size":9258,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (407)","md5":"dfa330f6489b028d3b4fed4e678b0d70","sha1":"36344abbb7cb397a895cbd363712f898a2ba04bb","sha256":"dcf874fd7ebdacf9c2ad366ef479cdeb2dc4acf44579714b32f7cee0111b01f9","sha512":"9e7a4af8262173439efd35f990280b3aaf6d46108c245c4f3bbd6e09fc527915e77f6cad616b63932fd66d9c4143fbc321b9c6cd96fe8d9c3e43f650821e3bd2","ssdeep":"96:n5A6sG0renncnQfFCV7Iho4FV4e5JfXHcuCLB9c03Wop2kdmgwIIFagksVzk+FB:u1GSeccsUo4FhJfX70Bd/OCOPFB","tlshash":"4212932ab2f310235493407737e7a74a5774d003ca0fce547aed8248ef86b65e6a368d","dom_hash":"domhash0b60f0a967c6216f145156f8ce6ec746","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"card-phantom.com","fqdn":"card-phantom.com","domain":"card-phantom.com","tld":"com"},"ip":{"addr":"37.140.192.11","port":0,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-29T21:20:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"card-phantom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"card-phantom.com","ip":{"addr":"37.140.192.11","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":779400,"sent_data":924,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.27","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"card-phantom.com/","fqdn":"card-phantom.com","domain":"card-phantom.com","tld":"com"},"ip":{"addr":"37.140.192.11","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-25T21:19:54.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"card-phantom.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Sun, 21 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"98:6A:0A:28:BD:75:49:5A:2C:B4:37:D9:42:73:13:9D:29:6D:C5:EF","sha256":"15:6E:0B:37:3A:9E:82:4C:DE:82:0D:DB:BB:D1:7A:30:E4:A3:62:00:40:FA:49:28:08:00:85:B5:ED:C6:26:D9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: card-phantom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 25 Mar 2026 21:19:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.3.27\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.27","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9534,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (407), with CRLF line terminators","md5":"48a12443461e7fcfb611f83242801597","sha1":"136feab343c3c3ca63d0eddf070979e595f6af81","sha256":"e33c4148d6077f963fbcc57cea5615d25ed4349d8503fd6c7903502c4972d021","sha512":"23d43bf3797d88c386f94fd53831b80bca4f47e2cfa35ba5b319f50d3c3b52760365650caa3191101d72cb6b47c55b7ff67c3efc4996fb7e013eb72a5fadb3c1","ssdeep":"96:PA6LGPcihm+wd7RP8y+k/NSHj2O9YecuC3B9c0F4opIkdmgoQIIdPgksIzk+K5:YAGklttB+k0jF7oBd57n5PK5","tlshash":"f912a72ab2c024134473426b7fe39349eb75c043c7065754bafd5347afb2624d263a8d","first_seen":"2026-03-25T21:20:26.321765Z","last_seen":"2026-03-25T21:20:26.321765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1144,"timings":{"blocked":414,"dns":56,"connect":28,"send":0,"wait":316,"receive":0,"ssl":327},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"card-phantom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"card-phantom.com/favicon.ico","fqdn":"card-phantom.com","domain":"card-phantom.com","tld":"com"},"ip":{"addr":"37.140.192.11","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://card-phantom.com/","date":"2026-03-25T21:19:55.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"card-phantom.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Mon, 23 Mar 2026 00:00:00 GMT","end":"Sun, 21 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"98:6A:0A:28:BD:75:49:5A:2C:B4:37:D9:42:73:13:9D:29:6D:C5:EF","sha256":"15:6E:0B:37:3A:9E:82:4C:DE:82:0D:DB:BB:D1:7A:30:E4:A3:62:00:40:FA:49:28:08:00:85:B5:ED:C6:26:D9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: card-phantom.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://card-phantom.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 25 Mar 2026 21:19:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 05 Jun 2025 23:02:26 GMT\r\netag: W/\"bbd7c-636db1b6b3bda\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":769404,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22012)","md5":"fbf333402815cc9951a944510ed16915","sha1":"83faa0d17b48cbb21375600be6efaedc5e420e47","sha256":"8f244972384ac1abc337941a91a0a941ec20347c9b0cba6a56ddf9458d77c5cf","sha512":"f4db91eabc7f427f3c9bd362fe25ad71a074a7ab5ff0e989db59faf000a8004c40c3b43cc6d1f1522b42fccd919cafb9f8258128d1f2854cf11dbf6460616bfe","ssdeep":"6144:W0T9gq5TgX8gscru33oyBsQ70t6o1ysXAUEPusTCNwPdvgJ:P3oyBsQ70t6o1ySArdeJ","tlshash":"5df409c8abf02c5e921b86316c3f89c6f30a76d4b6fc4407694df791e25e116f226678","first_seen":"2025-08-04T02:15:43.014348Z","last_seen":"2026-04-19T18:31:55.7101Z","times_seen":13,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-25","alert":"Sinkholed","trigger":"card-phantom.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}