{"report_id":"f256eb40-0b4b-4cd9-899f-b613246996c8","version":0,"status":"done","tags":[],"date":"2026-06-24T10:29:40Z","url":{"schema":"http","addr":"trustwallet-inc.com","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"trustwallet-inc.com/","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"title":"trustwallet-inc.com/","dom":{"size":86,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"fa94f52629c7097924c0db765d4e841e","sha1":"ac87e37021ac4022ef7218bc0803b643e12bbc72","sha256":"98df2b9ea4e84dc7aa16bdfd3212cc393dfaeb57ecf4ade55f83d59ae671afd7","sha512":"fba5400120ec129f27a948672d1d7d47687e4400b2667b749e6d8880d8c7d8e77a19fb44ca2e5e209a4668a505776e4b41ff66c8508ee4847a5a996a1e757075","ssdeep":"","tlshash":"3ba012ea5d404819b5b079c008d0674c0c14c514a002890005d02010411038d8d02980","dom_hash":"domhashe7878feada357c83b98d617f7576c066","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwallet-inc.com","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T10:29:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustwallet-inc.com","ip":{"addr":"176.65.139.8","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":4,"received_data":794,"sent_data":1689,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwallet-inc.com/","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T10:29:15.029Z","timestamp":1782296955029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwallet-inc.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA DV SSL CA 2","organization":"ZeroSSL GmbH"},"validity":{"start":"Wed, 24 Jun 2026 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"96:CF:0C:8D:81:55:D2:EF:D5:50:F8:BB:59:75:5B:0E:46:D7:E7:AA","sha256":"63:3A:D9:3A:29:10:B8:FD:23:E2:A1:60:B2:42:EB:E2:20:4D:5A:79:B4:20:38:59:4E:7F:EC:3A:36:DF:3A:9A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-inc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 456 \r\ndate: Wed, 24 Jun 2026 10:29:16 GMT\r\ncontent-type: text/html;charset=utf-8\r\nserver: nginx\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":173,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-29T04:24:44.206388Z","times_seen":300,"resource_available":true,"data":null}},"time_used":1102,"timings":{"blocked":-1,"dns":963,"connect":33,"send":0,"wait":29,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-inc.com/","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T10:29:16.306Z","timestamp":1782296956306,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet-inc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Wed, 24 Jun 2026 10:29:17 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":207,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-29T04:24:44.206388Z","times_seen":300,"resource_available":true,"data":null}},"time_used":1001,"timings":{"blocked":-1,"dns":943,"connect":29,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-inc.com/_guard/html.js?js=p456","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustwallet-inc.com/","date":"2026-06-24T10:29:17.431Z","timestamp":1782296957431,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /_guard/html.js?js=p456 HTTP/1.1\r\nHost: trustwallet-inc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-inc.com/\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Wed, 24 Jun 2026 10:29:17 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":207,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-29T04:24:44.206388Z","times_seen":300,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustwallet-inc.com/favicon.ico","fqdn":"trustwallet-inc.com","domain":"trustwallet-inc.com","tld":"com"},"ip":{"addr":"176.65.139.8","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustwallet-inc.com/","date":"2026-06-24T10:29:17.477Z","timestamp":1782296957477,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustwallet-inc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustwallet-inc.com/\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 456 \r\nDate: Wed, 24 Jun 2026 10:29:17 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"456","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47,"size_decoded":207,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"9c60b0110a52115602b05b7114b06b21","sha1":"72ffda53d5db0bb667bd5306b3e1a3a4c6ade7dc","sha256":"5bc8a03740bb4a54855235dfda75a77725612b9c61d41581a4e08b4a8f40ba47","sha512":"fc3c3ed99b233aeeebe7f8eaa34ea71e6c29480aa3a922645d8c6a8d69784a280b8ea3c4a3618e89bec95193f5a337ccc161657b0e8097912e9157957f28350e","ssdeep":"","tlshash":"e49002061e4488556260a8454060aa5c4821c908d056855405e4000002202cc4955d00","first_seen":"2025-07-26T07:30:42.052123Z","last_seen":"2026-06-29T04:24:44.206388Z","times_seen":300,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"trustwallet-inc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}