{"report_id":"0c24b576-62e2-4ab6-a48e-2185974a01ab","version":6,"status":"done","tags":[],"date":"2026-04-15T13:46:01Z","url":{"schema":"http","addr":"trust-forestc.com","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":0,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"final":{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"title":"Vele","dom":{"size":20844,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14347)","md5":"f9bdd21c4eb230700d502a017a99cd1b","sha1":"2cabfa3d1942b75d99ebe4dacc7dfa4226246e69","sha256":"e42303da5bd330c04116374ab70d266b0895500f320168bfbc8ab15d31359f3a","sha512":"46b49cfa314f48f48ffbd5e95c9836068ef934f942e13727393112d49625b3c396d1cee53fb4ff49cb121442345c8cdc09533a8d500bf6e55b40c38098981584","ssdeep":"192:eXT7KzQGZCxfd2nfD3bk5AoBrWFlFCFqFu4eD2eURs0SXLaBwdB1nYIYE1fw:E6ZZCx12+AoBrWFlFCFqFu4HGY1oI","tlshash":"ae920e347a08416703b799c5f271bf1eb2d2f30bc00a8455babd91892fc3db5bb66465","dom_hash":"domhash77b68f9cd83e5eeb7ad672e3616f3cc8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trust-forestc.com","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":0,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T13:46:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":14,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:44Z","timestamp":1776260744,"ip_dst":{"addr":"47.79.64.221","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":59504,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:44.940356+0000\",\"flow_id\":1652474012772855,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59504,\"dest_ip\":\"47.79.64.221\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo-res-3.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-04-15T13:45:44.403959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52428,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.008022+0000\",\"flow_id\":1743514434559941,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52428,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.352197+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52454,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.012643+0000\",\"flow_id\":944680582275198,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52454,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.352382+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52442,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.018349+0000\",\"flow_id\":572259673071651,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52442,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.352291+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52408,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.021413+0000\",\"flow_id\":1312458631831243,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52408,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.351947+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52418,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.025640+0000\",\"flow_id\":1079585505042260,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52418,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":905,\"bytes_toclient\":1634,\"start\":\"2026-04-15T13:45:44.352084+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52464,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.028231+0000\",\"flow_id\":942344120084830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52464,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.371038+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52472,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.236476+0000\",\"flow_id\":1451774486000734,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52472,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.603230+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.64.221","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":59508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.237934+0000\",\"flow_id\":1719771855388546,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":59508,\"dest_ip\":\"47.79.64.221\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo-res-3.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":6037,\"start\":\"2026-04-15T13:45:44.655234+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52482,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.247205+0000\",\"flow_id\":266793009034502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52482,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.603398+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52498,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.250531+0000\",\"flow_id\":440627515372912,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52498,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.603504+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52510,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.263879+0000\",\"flow_id\":1738485027845619,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52510,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.603635+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52528,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.266205+0000\",\"flow_id\":1086341488606969,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52528,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":905,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.622329+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-15T13:45:45Z","timestamp":1776260745,"ip_dst":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"ip_src":{"addr":"Client IP","port":52512,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-04-15T13:45:45.278932+0000\",\"flow_id\":2032978050430565,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.4\",\"src_port\":52512,\"dest_ip\":\"47.79.48.225\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"leabonc.oss-ap-southeast-1.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5965,\"start\":\"2026-04-15T13:45:44.603749+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"trust-forestc.com","ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":68,"request_count":34,"received_data":3647613,"sent_data":14196,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"webapi.trust-forestc.com","ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":34,"request_count":17,"received_data":51928,"sent_data":8899,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-03-04T14:34:27.064537Z","last_seen":"2026-03-19T19:49:14.589041Z","alert_count":0,"request_count":21,"received_data":336909,"sent_data":9714,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"echo-res-3.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.221","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-03-04T14:34:27.061275Z","last_seen":"2026-03-19T19:49:14.277094Z","alert_count":0,"request_count":1,"received_data":35407,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trust-forestc.com/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":true,"md5":"91b63f1c25432b4acb0f24341ae94f1d","sha1":"89685bdc523fe0519c6c4b9f547b8645db00059a","sha256":"90c36e322f3ba2895287543360090c3be8b76bc1db15345b362c732b79060dbb","sha512":"f77828046823d257bf8160f0f3f5ac8528c60fcb2e2dd1b111901798fda4d3622e42f9b5af9a1602c9eae7c41d821ff143cd22a89574eb6a0f3fc994aa0bfa98","ssdeep":"","tlshash":"f311abfe291a602d6303404f976b7801642660a9400a185177cc9a9dbb9afbde0cfb8c","size":1048,"data":"","first_seen":"2026-03-19T19:49:31.938101Z","last_seen":"2026-04-15T13:47:12.613619Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"83678961efc93c088d42dd78bc6ea6dd","sha1":"8007d82eec4894fa2867c628e925f1fcfa443fa3","sha256":"d6045334796ceaf006da578968c4ce319e6d4127c9c36ea88297daf6c6713026","sha512":"cd5e028a3850ceca98e01b30d338a9874404eba5a4d8fce81855dc9f8a6189c9c202e6caf3fe736b10295b4c81a1361a68fda5abeeca58d358c8fdb9c02a282d","ssdeep":"","tlshash":"13c08cc4a0c23e106602681124af24e4a0244027704c6b02cde4d8492ea34b8a233e98","size":147,"data":"","first_seen":"2023-07-28T08:36:26Z","last_seen":"2026-06-08T13:56:48.13287Z","times_seen":665,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-07T17:52:02.05263Z","times_seen":702,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-08T12:43:52.00621Z","times_seen":348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-08T16:32:21.017519Z","times_seen":1329,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-08T12:43:52.033748Z","times_seen":1013,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-b8ea8ef7.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"13cfcfd8c4d7c8614f6084823488ce68","sha1":"ab1a1dead6b3bcdbf4de023dff672ede49c2cbc8","sha256":"afca09db5f0530734f7864c739d403a2f3d6799364f3b5069fe06343a4369d68","sha512":"455bc9fb0c7e0e722a657875018c6f719cb4707252f4b75c821d945eba8c90d5a9eca867f235f77fd3735b796cb58d6dfb5c0f6577504db18cf104832e3a4238","ssdeep":"","tlshash":"c301f8f8fc0d8ebb0ea20a4101d03601140a2fddfa1419e198867e6a1be4980dbce32d","size":776,"data":"","first_seen":"2026-03-19T19:49:31.910073Z","last_seen":"2026-06-07T17:52:02.045256Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-08T19:03:14.72457Z","times_seen":36484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/vendor-fb922bcd.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"bd7ebfe5594ef31c2af6b6cb4f120b95","sha1":"20c9e993393df79543749e26d293eb1b1a8bc22f","sha256":"b2f2418e32ac7c9e61b412c18953e30e6625d2db1a1e79ef22abbddb5167fe4c","sha512":"1036d437984614b1c3e908386fae9968ba031d6503963829ecb4e44dfc82dd5b73439313feb95f53b9b392e33a4844368029d2b8853891dc3643879328098556","ssdeep":"24576:y7TNdOQcWLh9SwlzNpAypYeWqPLdJfNa2Y:2TNdOQHLFzNp1pYeWqj3fZY","tlshash":"dd152ac57292f06147ab24e150bb0006f33d6e59740e8498f1ad98eb7d79d89e2b7f38","size":906318,"data":"","first_seen":"2026-03-19T19:49:31.923319Z","last_seen":"2026-06-07T17:52:01.972872Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-dd8d3492.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9ba715db1e75616ff5f00dd409e1783","sha1":"72ec5c030b3f4cfe20865f00348e4307a2f5192f","sha256":"34c3f4a99765bd306ac6233f77f774787443d3239a3890ab6bc7ccc219a3b36b","sha512":"bd3fb0fa634cf3cfa40d5de7f3b1ca7c59d670c27f5d72941e98dda9ab64b92ed5c3a64a4435d9589e6ff9addae740dc873b0373fe1817256553c3861b48a5dc","ssdeep":"1536:mg4vN9U5HiB+KMSMf3MDr5+q3u8Kj4t037v0tQrYlxoz:sPU9g+kDr5+q3u8Kj4tm6oz","tlshash":"53a33ccda50b0eff6cbd0845a94b9a1021681f93588ccc9773ba7f4527fac94729a71c","size":100771,"data":"","first_seen":"2026-03-19T19:49:31.921471Z","last_seen":"2026-06-07T17:52:01.993423Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-9bd35a43.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"95f3bed4955611049bd71a4b23f79886","sha1":"c9688cc77f0eafb16c2de3ea6fc7dd33ba1d6234","sha256":"fbd238728bed74030984ebea65996e5978a1de996c9700f3bf70a0dbedf40f0d","sha512":"d5f62f0e66456ab501037529108c3d0e5cc04a6da3297561ab8e607ceab05b480d2ab38d94bf27dc844a1495307992a8ef79382129a0d8323d9fcaa7bc9b39e0","ssdeep":"","tlshash":"4bf0052f797a84721bb384e891631811b7182b4a3b50c5f495860714873cce6d26f524","size":510,"data":"","first_seen":"2026-03-19T19:49:31.90446Z","last_seen":"2026-06-07T17:52:02.049709Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/currencyItem-0408d09a.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"b83d0a03adfaea16ef3f485ccda95ca7","sha1":"8f36321dcd357a8ba1d2cfb0f3f98a10e12bf139","sha256":"0f97d847241aae34daf0a3b40066126478ee8d648a739d0a375e109b5f381721","sha512":"2fc03a2d6fa3c90bf6b2c484c11653c71e6b24dfb37c444351c987f5a856f090676f04d668dc76c0df96411ea51b84e0c48dab4d41b902af321940972e43c4df","ssdeep":"","tlshash":"b321df9aa902c7b1cbbe906281bd4414130d7fda700181c1ebed158a378b6fcd728a31","size":1206,"data":"","first_seen":"2026-03-19T19:49:31.89781Z","last_seen":"2026-06-07T17:52:02.040693Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-08T16:32:21.001756Z","times_seen":881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/filters-9482f320.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"ab97a0c4411210f76d66778fc675e952","sha1":"d4c4cb86461a902cbb77d0b78fd4a1b38f5ba49e","sha256":"f7bb561b768d6c7042db66a0ef408e38e7ae727ead7e619396b3775b30e98ac0","sha512":"4ec41f2df42fe53bbfa15424f4b918ffd83c0bc5fe8a997380723b702fe1531b6a9ad07b45a3a84276c2954692eddd5a0e077e36333c2025715e51eabb97bed4","ssdeep":"","tlshash":"135135edfcd7613356ea6ef940288410728ebe20686e0a4df54bd0455933888e0bf778","size":3102,"data":"","first_seen":"2026-03-19T19:49:31.886434Z","last_seen":"2026-06-07T17:52:02.035893Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c51e92812024c4509b0b6b45c1b9b5ab","sha1":"1bc9d855f1f41e867d29634123b1f9be531c0e68","sha256":"8c2b197ea628d6a693b2a210d4b36df5dc482c485ac41cfad399e525666f6c19","sha512":"9cbd0534837b4b5574955a9af167a4c8c8732741368cdc3ce5f3cbfb827aff177fe0cba09142905f71ded2213dfe8fd8172fc0d25aaaebd82a5b4cefddb591c9","ssdeep":"","tlshash":"4dc08cc4a0c22d101602641120af26e4a024402a70889b128c94d8482e220b08237e98","size":137,"data":"","first_seen":"2024-12-02T16:36:01.409431Z","last_seen":"2026-06-08T05:16:21.762094Z","times_seen":187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e29cc4b739166fb0de3dd3960891cf94","sha1":"32bf92595a210346b3fa579ce87df4987f109d95","sha256":"d3b8857aaf83eedf7762ae5079cebc09d4924e13766d06fd68dbb746634f95e3","sha512":"854eba232753dfc9183d3029c72a8ec545156e6a966cbf69fbad7acd252632ee09b17f9666f3edfb4541f58d3d3bbfc9841f999c37cac48586997700b245e0af","ssdeep":"","tlshash":"7bc08cc4a0c26d102602651021bf38e490248027b0481b038c94d8482e630b08237ea8","size":140,"data":"","first_seen":"2023-06-05T11:50:58Z","last_seen":"2026-06-08T16:51:31.609674Z","times_seen":3212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-08T12:43:51.981055Z","times_seen":528,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ced6204993ccd4d4792486f3b3c899b1","sha1":"c16ea5b8c59dcea2b9b03d844467f9db0d358cdc","sha256":"317f80fdd1cb3e7b69648541320cfeb07fd3ea3d1b70d3aab180edce7c3c4ac5","sha512":"dbf99b86ffabe8deeb56f836821b1f3c58fe9b502b89210ec5082f60b4cb4e30f060645fc970bf48f5c3f20073f0e79845925b0dfb4ac89df0319d4c26bdb795","ssdeep":"","tlshash":"b8c08cc4a0c22e509622651410af38e89034402ab08c5b52dc98e94e3f260f49237eac","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-08T12:43:52.029914Z","times_seen":360,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/en-27d24c1e.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3965f5063130c65b4950156dec3d57b","sha1":"701481a193df7dd199a7759c92e50ceb045b5311","sha256":"d9b7b77568283ea9aa7aec88da4efff2b878f7d6dbf22011bc729a7ce507d2e4","sha512":"ec883b6f79b1189c8f05f0b1289a4f007b46860d27cb0797a843bc914245c6f0934cf27f94c7df47682a3767b0cefee263e136d49f38cefe480f74a412d32af5","ssdeep":"768:+GtZcEw/o7rNO3HsifnAMcRrAaA1F6oP6+hsPJaJ1m6O6fpk7aOHRea:iponNO3HTuRrIF6WsPcJGHRT","tlshash":"5813e7893e1a98da05f3676774ce6e2020f50ac18255841f4fedc9fd53e2b67a363728","size":42687,"data":"","first_seen":"2026-03-19T19:49:31.891341Z","last_seen":"2026-06-07T17:52:02.05109Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-08T16:51:31.596607Z","times_seen":3525,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ea79f674.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"importedModule","is_inline":false,"md5":"60e71e7ddc6adf09b784ac1f44c3796d","sha1":"39ac84975b67dee1d0f14223999c744bbd21154f","sha256":"a628c81d5fd1dba253b07d599425b62ba67263737294fd924504902b093b0da9","sha512":"84ab8959daa7bc9306c80c41bf48c7416349946966d7cb46ce204ff803065a9f3d718930f1c4cd3008151bae7224d045cfe08ceaae48496cca88530a3a11e927","ssdeep":"96:AdE5YYwforblYsGqCwGH44d3TLw5FDlrbVevwHgr3hr0VBAf23zEpjp:gE5YYwfEYNqCwGbTLw3jlAThr0VBU+zs","tlshash":"d4a1968eb8068579aeb7644194980411319c3be5b27844f6f2fdac4a77b5abad780321","size":4659,"data":"","first_seen":"2026-03-19T19:49:31.932674Z","last_seen":"2026-06-07T17:52:02.055966Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-08T12:43:52.026474Z","times_seen":667,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"070c2678f964c4ed67831ca9037225f7","sha1":"b1c47031dcb6772f4841b345e722d2794d89464a","sha256":"5f6d8bf06461ca15965afd48622a90850620a130ef8669df3de64ed66d62e0ed","sha512":"75dfd92ff51198b173f218f512739bde9eb3231d058ca3939b3edfc2960e7f90df2b379c4cd5d3e9b0ad7ee785d9ec6cec9c272e68f4477826a61f06ca715b72","ssdeep":"","tlshash":"8ac08cc8a0d62d006a02741060bf34e49024442670481b028ca4d8582e624f48233e98","size":141,"data":"","first_seen":"2026-03-04T14:34:33.79828Z","last_seen":"2026-06-07T17:52:02.042163Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-06-08T12:43:52.043194Z","times_seen":965,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T18:19:10.794053Z","times_seen":5637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ef3e379d.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":false,"md5":"d495f22178364248aea44dbb23dc34cf","sha1":"5b770b1ed9c7f7ecac88aab2cdf9f20c0fe0706f","sha256":"008f4d625e150cc6d8e8436d4823202f394bc033c3737881ef2adecf7ed56b53","sha512":"b4b5731d8ddc24137fbfa2492ca4f383fc3a59ca1cc4b5f8cd069d80fed490d8356ae42ca3e6e8e27442a3b60388ce2ed2528da3ad7c580e0d12470e657bd54c","ssdeep":"384:iPfSuAzJRUpFBOPkfLlAwRwGty8yNg3lMxUGaXuCCe1vO:iyfMBekfL3SilGaXuCCeU","tlshash":"9e62b495f9069a3cf6b7a06050880420326e7fdb40098de2b4bd6d96b752efcb74a75c","size":14799,"data":"","first_seen":"2026-03-19T19:49:31.88323Z","last_seen":"2026-06-07T17:52:02.026419Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7ab6dc81a5c1758a8381906989c4f704","sha1":"c3550c4675f6cb594031a333a3919f4d9428a278","sha256":"5eea0b86438aaa77b6a0b077bd01275ac57ab8586461564354417051a2554648","sha512":"1f75183d8956f47b911386e6a074bb83a858d49f67e7b7e63e9a1ac721f06bbe905dd07686f270d1da45e8cb224361ac7ccf68e9bfb7a85af070d24ac0b81a1a","ssdeep":"","tlshash":"ddc08cc4a0c23e001612641819af24e4a034802770481b238ca4d8482e220b09233e98","size":140,"data":"","first_seen":"2023-06-06T20:45:10Z","last_seen":"2026-06-08T16:32:21.016438Z","times_seen":197,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fc568bcdbb162fe9304e755852900f42","sha1":"cb74e7725c96e477c1b1c4057b94372e156870da","sha256":"83cb80f3d04e9d8c0742099cd8e1077d1e54f33180b3e787b4f96a824ba94a90","sha512":"7069fe98c95ab1fa4e09ee25eec8768df21d40535ab09d6d1d6982e067a212d327cae9fc2f7591465984cfaa60d4e01ba48353e1de0902fc05c6869da4646451","ssdeep":"","tlshash":"e9c08cc4b1d22d002602785054bf34e49024842a70481b028c94d8483e630b0a233e98","size":139,"data":"","first_seen":"2026-03-04T14:34:33.81582Z","last_seen":"2026-06-07T17:52:02.046776Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"36f26a090abdcc337bfc430f7eba2abf","sha1":"bde4b3d8e5ebea671a9a85174cfb4058a4bf0adb","sha256":"217e71e9b0dbcd6bf49e06ed0c8570fc448a800192167db81cba4cbaefddce78","sha512":"a191f331612f086b236bcab8dc8340639cec8859afceb86edcaa7913e42165ff3d184a5a5f4bac7ea93f59aeea3c76e505c456f9f5da206347076658fc271a87","ssdeep":"","tlshash":"12c08cc8a0c72e101a12655015bf24e4a024402a70489b038c94d8482e230b09233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T06:01:07.24381Z","times_seen":1577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-08T12:43:52.006872Z","times_seen":526,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/charting_library/charting_library.min.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-08T12:43:51.940123Z","times_seen":1001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-08T19:02:12.784239Z","times_seen":38767,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/#/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-06-08T12:43:52.020895Z","times_seen":896,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-9bd35a43.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-9bd35a43.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 510\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-1fe\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"95f3bed4955611049bd71a4b23f79886","sha1":"c9688cc77f0eafb16c2de3ea6fc7dd33ba1d6234","sha256":"fbd238728bed74030984ebea65996e5978a1de996c9700f3bf70a0dbedf40f0d","sha512":"d5f62f0e66456ab501037529108c3d0e5cc04a6da3297561ab8e607ceab05b480d2ab38d94bf27dc844a1495307992a8ef79382129a0d8323d9fcaa7bc9b39e0","ssdeep":"","tlshash":"4bf0052f797a84721bb384e891631811b7182b4a3b50c5f495860714873cce6d26f524","first_seen":"2026-03-19T19:49:31.90446Z","last_seen":"2026-06-07T17:52:02.049709Z","times_seen":7,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":299,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getMt5Amount?coin=xauusd","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/common/getMt5Amount?coin=xauusd HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3e1407367904705c55c44391b3470dc1","sha1":"0917a5bcd2b14dfc9a33920b504728f73e27e104","sha256":"f3006344f98187f74850201f6d9180eedc82c36df036ef178fc78e11ee05f2f8","sha512":"ffbf9096aeb99ebd28cddb03a82f33de7dbaad3ab27822442f80b6ef5dfdf9ba37e62aad68ead1f38196fa54c06dafbce1d99a7c58b44e3fc1319146bf75240a","ssdeep":"","tlshash":"2e9002552c189252a98300a5d5071204016475602a7493484c599129c198163605085c","first_seen":"2026-04-15T13:46:10.085189Z","last_seen":"2026-04-15T13:46:10.085189Z","times_seen":1,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img9f36ed5fc82f44c5bf98ef9043b772d3.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img9f36ed5fc82f44c5bf98ef9043b772d3.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 801\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF96897CC7753532D026AC\r\nAccept-Ranges: bytes\r\nETag: \"2AE028AC8B83BBB61963669703398AF4\"\r\nLast-Modified: Sat, 24 May 2025 15:59:40 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6784440504219574938\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: KuAorIuDu7YZY2aXAzmK9A==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"2ae028ac8b83bbb61963669703398af4","sha1":"68dd8f2c5241331ced97f7400e31d40bba2900db","sha256":"57a1356686884718fc655255495c865822cb2d0714565da6e9898240d9889c01","sha512":"a9cf6e012e04f6e51ace9259dae3f7d1ca057934a0b95bedbe183f561fc8f8d0b6ae48f478eec442d61834441d787b0a9d521b9d89a5d1673946711255a80e6f","ssdeep":"","tlshash":"8801c56b03b358b0ca12d83fc1130ce7b8b7d0273a40e24c5b1fc370085b0020074364","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-04T04:33:14.435272Z","times_seen":101,"resource_available":false,"data":null}},"time_used":2336,"timings":{"blocked":1006,"dns":3,"connect":329,"send":0,"wait":331,"receive":1,"ssl":663},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/binance-coin.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/binance-coin.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF9689269DA8393719EEF3\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Sun, 25 May 2025 04:36:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.266893Z","times_seen":677,"resource_available":false,"data":null}},"time_used":1648,"timings":{"blocked":1307,"dns":0,"connect":0,"send":0,"wait":339,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/solana.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/solana.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF9689385D5B3438FA332D\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Sun, 25 May 2025 04:36:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.294395Z","times_seen":678,"resource_available":false,"data":null}},"time_used":1652,"timings":{"blocked":1302,"dns":0,"connect":0,"send":0,"wait":341,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/imgdd5442529b304dc1b288895b45d69a08.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /imgdd5442529b304dc1b288895b45d69a08.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1321\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A23FB0A3732BB10F2\r\nAccept-Ranges: bytes\r\nETag: \"B86773B6AA18C4A58D9C9879EBBA8892\"\r\nLast-Modified: Sat, 24 May 2025 15:52:48 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2019276143507127384\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uGdztqoYxKWNnJh567qIkg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"b86773b6aa18c4a58d9c9879ebba8892","sha1":"cb93b7a65e61e1206a92c01b63e9484b09885a5c","sha256":"1265faf359314ea74da3377a409087910279422db110469598b5cd514c918b91","sha512":"b2141ef8ef08d94acf6e764614667adc6c5893f057d55035d9a76c66b3ece5760ae98a67f500d8af66351a3ac6b7e254a65f21ce8ae6565e222bc89f3af61bd2","ssdeep":"","tlshash":"d321fbc2b3414eb836baae955312dc525efa7b6003198d8d3d212a67cd82311f962289","first_seen":"2024-08-19T20:18:19.617789Z","last_seen":"2026-06-01T14:33:57.945303Z","times_seen":110,"resource_available":false,"data":null}},"time_used":2254,"timings":{"blocked":1916,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/charting_library/charting_library.min.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:40.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a267-2a6b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-08T12:43:51.940123Z","times_seen":1001,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/vendor-fb922bcd.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:41.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/vendor-fb922bcd.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:33 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a267-dd44e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":906318,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bd7ebfe5594ef31c2af6b6cb4f120b95","sha1":"20c9e993393df79543749e26d293eb1b1a8bc22f","sha256":"b2f2418e32ac7c9e61b412c18953e30e6625d2db1a1e79ef22abbddb5167fe4c","sha512":"1036d437984614b1c3e908386fae9968ba031d6503963829ecb4e44dfc82dd5b73439313feb95f53b9b392e33a4844368029d2b8853891dc3643879328098556","ssdeep":"24576:y7TNdOQcWLh9SwlzNpAypYeWqPLdJfNa2Y:2TNdOQHLFzNp1pYeWqj3fZY","tlshash":"dd152ac57292f06147ab24e150bb0006f33d6e59740e8498f1ad98eb7d79d89e2b7f38","first_seen":"2026-03-19T19:49:31.923319Z","last_seen":"2026-06-07T17:52:01.972872Z","times_seen":7,"resource_available":true,"data":null}},"time_used":839,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":563,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getCoinList","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":2081,"timings":{"blocked":903,"dns":56,"connect":274,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/bitcoin.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/bitcoin.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF9689385D5B3438DB322D\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Sun, 25 May 2025 01:19:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-08T17:29:55.947136Z","times_seen":21674,"resource_available":false,"data":null}},"time_used":2304,"timings":{"blocked":986,"dns":1,"connect":327,"send":0,"wait":331,"receive":0,"ssl":656},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/imgbf6acc44fdbc4f2da9548ed577d4b601.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /imgbf6acc44fdbc4f2da9548ed577d4b601.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 525\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A6B4B133635770633\r\nAccept-Ranges: bytes\r\nETag: \"39EF9D38FE0AAB83585DD87672DB2F9F\"\r\nLast-Modified: Sat, 24 May 2025 15:56:09 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17681862502574744688\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Oe+dOP4Kq4NYXdh2ctsvnw==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"39ef9d38fe0aab83585dd87672db2f9f","sha1":"73beb0a9847b3f98e5e96b384767896452dfaa33","sha256":"ab447108bbc8e802ba2d67626f51554cb9f1fab5db2bfeabfc8371eff71204cd","sha512":"5a1441bce9b88fbc5f0ecac5aee541406dd05eec641a6d2db62c6c38d7d59365d5568aeb95efdacacd125d808fd0d9e64c7954305b6da00dab35ec659b7a75c6","ssdeep":"","tlshash":"b7f00ce9f558cc65461855e6cf79742100fefc5cd57cf81c8d45f564f54d41259502c1","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-04T04:33:14.45593Z","times_seen":146,"resource_available":false,"data":null}},"time_used":1973,"timings":{"blocked":1637,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=INFORMATION_NOTICE","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:45.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/notice/list?key=INFORMATION_NOTICE HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:37 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1179,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0fda8547235c199cc5805dd557d21445","sha1":"6c9ac0d4e05237976e9a752a2819515f783b6c77","sha256":"6c5f9370012b70f74a21a47f56eb56130d18af1842e243c1c44bc473957964c1","sha512":"99786fb2bb468e1acb67cbc3a5e939dabc836f3e47eb4a685bbaa4f045b216cf9833e46ae78f135212d0a9289689b5f8db07b88565a89fd74fab915f33b66cff","ssdeep":"","tlshash":"69216746f2a87d76894210cfe1797bc5e64c2193d3614c247def8e48e5d2432493bd0b","first_seen":"2026-03-04T14:34:33.758428Z","last_seen":"2026-04-15T13:47:12.576786Z","times_seen":7,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/vendor-fb922bcd.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/vendor-fb922bcd.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a267-dd44e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":906318,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bd7ebfe5594ef31c2af6b6cb4f120b95","sha1":"20c9e993393df79543749e26d293eb1b1a8bc22f","sha256":"b2f2418e32ac7c9e61b412c18953e30e6625d2db1a1e79ef22abbddb5167fe4c","sha512":"1036d437984614b1c3e908386fae9968ba031d6503963829ecb4e44dfc82dd5b73439313feb95f53b9b392e33a4844368029d2b8853891dc3643879328098556","ssdeep":"24576:y7TNdOQcWLh9SwlzNpAypYeWqPLdJfNa2Y:2TNdOQHLFzNp1pYeWqj3fZY","tlshash":"dd152ac57292f06147ab24e150bb0006f33d6e59740e8498f1ad98eb7d79d89e2b7f38","first_seen":"2026-03-19T19:49:31.923319Z","last_seen":"2026-06-07T17:52:01.972872Z","times_seen":7,"resource_available":true,"data":null}},"time_used":2902,"timings":{"blocked":1515,"dns":0,"connect":0,"send":0,"wait":279,"receive":1108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/filters-9482f320.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/filters-9482f320.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-c1e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"ab97a0c4411210f76d66778fc675e952","sha1":"d4c4cb86461a902cbb77d0b78fd4a1b38f5ba49e","sha256":"f7bb561b768d6c7042db66a0ef408e38e7ae727ead7e619396b3775b30e98ac0","sha512":"4ec41f2df42fe53bbfa15424f4b918ffd83c0bc5fe8a997380723b702fe1531b6a9ad07b45a3a84276c2954692eddd5a0e077e36333c2025715e51eabb97bed4","ssdeep":"","tlshash":"135135edfcd7613356ea6ef940288410728ebe20686e0a4df54bd0455933888e0bf778","first_seen":"2026-03-19T19:49:31.886434Z","last_seen":"2026-06-07T17:52:02.035893Z","times_seen":7,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/ethereum.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/ethereum.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 9807\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF96897CC7753532FD27AC\r\nAccept-Ranges: bytes\r\nETag: \"12D9722461759CEFFF02D9076A3D2718\"\r\nLast-Modified: Sun, 25 May 2025 04:36:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9445008190181339835\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: EtlyJGF1nO//AtkHaj0nGA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"12d9722461759cefff02d9076a3d2718","sha1":"6b763fea0b17257a36b90c465593e1629aee0564","sha256":"af89450e1873196692af0d9d4d0c03218b4be8091171b9d8f7349298d4e82586","sha512":"8eb0f616162be914a3945fb383250796e1134da22e8ae612f403f28804ac04b7fd0f607e132403dc28505d80377c9281601cb23ef1f0814e08584428f3efa05f","ssdeep":"192:4V3ZO9Gxo9H+wp5qh6BKfMPaB2kXTfwoVqO2Rzhj7TfhBcHEhaI9yLKKD:4V4GxoYwp5wQKfMP6LXT7V+RzhzncpLb","tlshash":"7112bf66ab39a301d66d2bbe5cc59302db15ad10dfe14a3fcb840980370c6f9de5a6c4","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-08T12:43:51.926272Z","times_seen":601,"resource_available":false,"data":null}},"time_used":1637,"timings":{"blocked":1305,"dns":0,"connect":0,"send":0,"wait":331,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img4fa81d8fc1814cb19ee25e1bc9ff4e65.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img4fa81d8fc1814cb19ee25e1bc9ff4e65.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 614\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A269DA8393761EFF3\r\nAccept-Ranges: bytes\r\nETag: \"288529B0E33D3B66A2731D058A0EDB26\"\r\nLast-Modified: Sat, 24 May 2025 15:54:35 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12140603420238383984\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: KIUpsOM9O2aicx0Fig7bJg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":614,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"288529b0e33d3b66a2731d058a0edb26","sha1":"45e95e851bc5f5ecf47f60051a2f337c4618b343","sha256":"c0a8c66763227f10f381f4aa054b2a851693e6519fd8daa435c326c4831bb34b","sha512":"47bd6e3b05c428e8fd039220d02a9e5498a8027c1aab085a7d04024472b2c88644e7b5097ddac8d2593c4d1ab7681ea57891066e36f782cbb28f34fef388432b","ssdeep":"","tlshash":"cff04751dff9f27d6bc1b051a7cd1027f2397c51403428308a18541cf01849afc56202","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-04T04:33:14.412301Z","times_seen":146,"resource_available":false,"data":null}},"time_used":1944,"timings":{"blocked":1611,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img96a807eef0c74d519d4f94dc3ab31d72.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img96a807eef0c74d519d4f94dc3ab31d72.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 499\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A385D5B343854362D\r\nAccept-Ranges: bytes\r\nETag: \"758505DEC73355A50FA0EA7479FA0223\"\r\nLast-Modified: Sat, 24 May 2025 15:56:13 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8231209139480566513\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: dYUF3sczVaUPoOp0efoCIw==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":499,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"758505dec73355a50fa0ea7479fa0223","sha1":"f625f75d14059f9ca2f10573bb2c8634c6dc0b8e","sha256":"9ba4907adb5327ca635f6187be09172b1598fcfc0e96b62fb9736d9b17ac23d9","sha512":"de61b7e447da38fb2dad09bafceb7749b71e7fcd5cfa1e1d595c79bbb59e48c630c15c57c88d5154b3fdd22364d12d5fc6569173fedfb98fedbef50ae5191ac1","ssdeep":"","tlshash":"3ff054ed83a4ec7cf60bc3608f20e828c630b96b348d0c16256eb6309b4d09c2db11f6","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-06T04:02:55.269582Z","times_seen":157,"resource_available":false,"data":null}},"time_used":2276,"timings":{"blocked":1947,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/imgdd09e3f1bc56441ba56353b5099d89d5.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /imgdd09e3f1bc56441ba56353b5099d89d5.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1020\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968923FB0A3633F70CF2\r\nAccept-Ranges: bytes\r\nETag: \"FEFC4C2FEE1744A34034DBBAEF82316F\"\r\nLast-Modified: Sat, 24 May 2025 16:01:10 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1657945692254989793\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: /vxML+4XRKNANNu674Ixbw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"fefc4c2fee1744a34034dbbaef82316f","sha1":"ad1774785b02870643113d742c59a861007902ae","sha256":"b9f7aa27195c249887b07ec3b570819e71f7373b36e5a25ae23f55517816b760","sha512":"ebd655eaf1f6896c483cde3b8ddeea93beb609a77207f85aa102822734f26e7882f0f42c5a2704c3d9b3aa52c1d01032c9d92204b200cb0290a84ddf25d394d3","ssdeep":"","tlshash":"4911d8cd6671cf7543f88250823fc86892396d9c50e31df8a21c7543687e130221ccc1","first_seen":"2025-01-06T18:38:04.012508Z","last_seen":"2026-06-01T14:33:57.942222Z","times_seen":86,"resource_available":false,"data":null}},"time_used":2341,"timings":{"blocked":1004,"dns":0,"connect":332,"send":0,"wait":333,"receive":0,"ssl":667},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/svg/light/mengbanzu13.svg?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu13.svg?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1202\r\nLast-Modified: Thu, 09 Oct 2025 11:54:19 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26b-4b2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1202,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d850b982245ca50f3a2e230e0b1398d","sha1":"283d9ec8c786aa91786d80ba54164723bb6699b4","sha256":"852697a3439e4c3cb0d426221c5b3a345e333b69bd39ff63f731fe02a1a04826","sha512":"2884fe7d0dbc512dbc44a091be6f35bf6f66cb15c8ca1f763c60896d101df4b196c29ec631e040cc8116edc43dfdcf63b48c4a9c1b0c420940f32d960ec7a710","ssdeep":"","tlshash":"072144b9c510128a62814f8cdbd82b06623ef167f3f54d9db39016b20d78d9f11bca21","first_seen":"2024-12-28T13:26:38.912526Z","last_seen":"2026-06-04T04:33:14.456617Z","times_seen":322,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/imga96d7809a59846df92d15761bee04cb9.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /imga96d7809a59846df92d15761bee04cb9.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1353\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A7CC77535321429AC\r\nAccept-Ranges: bytes\r\nETag: \"3374D8DCC672161C3E942D71643DD6DF\"\r\nLast-Modified: Sat, 24 May 2025 15:52:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18229691747106943305\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: M3TY3MZyFhw+lC1xZD3W3w==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1353,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"3374d8dcc672161c3e942d71643dd6df","sha1":"1eb89d286896e972f6f9e433541e1a406d336db1","sha256":"26a7521cd56d484b5a9775d11c173e6f67c45c68c2bde5feee095b3ff5be0bdd","sha512":"02c86573b4cf743a1576007a70029a3808734d6893546fde74c13a3912a6ad2e850309c5eb0130492321eba8a73b7256f402ea483c861761934463a14eb6aaf9","ssdeep":"","tlshash":"c921084493f1682c99fe6034d1fa5a10dc9de10e392cc8a2ffb9a804722142adcb11b1","first_seen":"2024-08-19T20:18:19.617177Z","last_seen":"2026-06-06T04:02:55.282855Z","times_seen":138,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":1604,"dns":0,"connect":0,"send":0,"wait":330,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/currencyItem-15550dda.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/currencyItem-15550dda.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-6d6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"0a88af6b4dca3c130c74addeb274fb10","sha1":"fb0c4b8a0f7b7c4bac8e193999f99b4070ffcfad","sha256":"15550dda13edd7fe55a2d29edacb7ba57f23f39ef10d087669c0f75facae0763","sha512":"5d046b442f0f471b2063fcd34fb68b1d95b79647ec7e50cf5290ebd866febcd12e9b890a1784512959c4f4a433d3f31d57540254b4e0abbb6f55dc7773677619","ssdeep":"","tlshash":"ed31c05457110375da3bc8866ea8010dc0d47fd1901765cae8afaa2b2ccfa931b7096b","first_seen":"2024-08-19T15:53:11.157884Z","last_seen":"2026-06-03T22:15:44.553345Z","times_seen":346,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ea79f674.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-ea79f674.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-1233\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4659,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4654)","md5":"60e71e7ddc6adf09b784ac1f44c3796d","sha1":"39ac84975b67dee1d0f14223999c744bbd21154f","sha256":"a628c81d5fd1dba253b07d599425b62ba67263737294fd924504902b093b0da9","sha512":"84ab8959daa7bc9306c80c41bf48c7416349946966d7cb46ce204ff803065a9f3d718930f1c4cd3008151bae7224d045cfe08ceaae48496cca88530a3a11e927","ssdeep":"96:AdE5YYwforblYsGqCwGH44d3TLw5FDlrbVevwHgr3hr0VBAf23zEpjp:gE5YYwfEYNqCwGbTLw3jlAThr0VBU+zs","tlshash":"d4a1968eb8068579aeb7644194980411319c3be5b27844f6f2fdac4a77b5abad780321","first_seen":"2026-03-19T19:49:31.932674Z","last_seen":"2026-06-07T17:52:02.055966Z","times_seen":7,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/svg/light/mengbanzu12.svg?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu12.svg?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 802\r\nLast-Modified: Thu, 09 Oct 2025 11:54:19 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26b-322\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":802,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"184d38c97adf35302491834eaf17aee3","sha1":"a21f6508e3eb8b4bf52a510ac9dd219783f561bc","sha256":"5cdcdf5fb66c61d69b6c308a4569e093ff7b0e178fbb1c7d94a599473339bf99","sha512":"a88827fe8f336cb9f4de9cbaade38ff0026d003f03cc096dc443724052a51c417432d1b96b7006e21c49498791fac31678492626f5643eb09d5b94b32afdb9f0","ssdeep":"","tlshash":"d201f6764321c19dd2538b80c7d93f44927eb65bb2d00448b3a32aa74e34f7f55bc595","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-04T04:33:14.422649Z","times_seen":360,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img8ab5067278014998a36c875aa2c836ff.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img8ab5067278014998a36c875aa2c836ff.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 619\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A7CC7753532422AAC\r\nAccept-Ranges: bytes\r\nETag: \"6CFE73F06DA3C5604FFE6B41D284540D\"\r\nLast-Modified: Sat, 24 May 2025 15:54:40 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1104380098065402225\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: bP5z8G2jxWBP/mtB0oRUDQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"6cfe73f06da3c5604ffe6b41d284540d","sha1":"9e9fa8144a7cb0f1da7daa4e5858fa49106c171c","sha256":"c0f3d5204944bd902aa03323ff6d9543ce33f9c8a523ef06b9953dabcd5e1556","sha512":"db8346b7c7d8216db595641f02a1fecccbbe268f7384be291647e939883348696f6d8b2d6754b62559eaf23a47ed50322013c87837c674745a05556bc64f665c","ssdeep":"","tlshash":"fbf0685df3fc843d5be15b598535f1b5d414ce3bc4e151080bd06891522b4553851b11","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-06T04:02:55.299168Z","times_seen":157,"resource_available":false,"data":null}},"time_used":2259,"timings":{"blocked":1928,"dns":0,"connect":0,"send":0,"wait":330,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img586dc0fcab954deda90b89f5d99e5814.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img586dc0fcab954deda90b89f5d99e5814.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1874\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A385D5B343823352D\r\nAccept-Ranges: bytes\r\nETag: \"FEE16CE16A23A37EF3920798742FEFBC\"\r\nLast-Modified: Sat, 24 May 2025 15:55:15 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8433800826941682001\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: /uFs4Wojo37zkgeYdC/vvA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1874,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"fee16ce16a23a37ef3920798742fefbc","sha1":"f862e3e61b12495b9f683a71d3d06053bc407b0a","sha256":"dfca8887d489be448d10cbd211b271db5330d73d299fe9c76f3e3300a9045a82","sha512":"560e8d3bbee698aac3f311defb7031f289096c6101339fc642889b10e9887000240109dd3e25139f0f12b6b7583b0b185f96e86248bc98d3252e1bcc5ecec990","ssdeep":"","tlshash":"d731f7da97b3107f3e5d8374563429c5555b85d1ba050a2efcdebc4c9f066e70128071","first_seen":"2024-08-20T11:40:30.958723Z","last_seen":"2026-06-04T04:33:14.462408Z","times_seen":127,"resource_available":false,"data":null}},"time_used":1948,"timings":{"blocked":1619,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/type/defi_activity_type","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang, language\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":120,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-b8ea8ef7.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-b8ea8ef7.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 776\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-308\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"13cfcfd8c4d7c8614f6084823488ce68","sha1":"ab1a1dead6b3bcdbf4de023dff672ede49c2cbc8","sha256":"afca09db5f0530734f7864c739d403a2f3d6799364f3b5069fe06343a4369d68","sha512":"455bc9fb0c7e0e722a657875018c6f719cb4707252f4b75c821d945eba8c90d5a9eca867f235f77fd3735b796cb58d6dfb5c0f6577504db18cf104832e3a4238","ssdeep":"","tlshash":"c301f8f8fc0d8ebb0ea20a4101d03601140a2fddfa1419e198867e6a1be4980dbce32d","first_seen":"2026-03-19T19:49:31.910073Z","last_seen":"2026-06-07T17:52:02.045256Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1501,"timings":{"blocked":386,"dns":0,"connect":274,"send":0,"wait":274,"receive":0,"ssl":566},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getAllSetting","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13416,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"379bc1f5d10f6670959adb043fb3bc08","sha1":"96e4ae628e9823ccdf3ef2d8295add02cf9874a1","sha256":"8ab7d8e88bfd67ce90f03688fdb5bb5f5cd5d9bebc9f98963e381f73928beee5","sha512":"6b72ef65d861714246ba5f42d0da75a41fc0c052cad8578736a58e9b6783d4b53ca9afc7a7329fbc2a8605a7351e0f9085837fb116de851368bfde4155248087","ssdeep":"192:kwxsxwPBzzOSpQ+UQD+RbKcLcZauNHxHq8FTiUiYUAbJFqtLjzsOsi8qBPMNiRPq:liKBn/NvmQONM4RPvxY6s","tlshash":"fd52644d37cccc7d96d62ae1546733d9b7dc34e7a884988ee0a2ae1c4c9aab7440f01d","first_seen":"2026-03-19T19:49:31.924809Z","last_seen":"2026-04-15T13:47:12.594038Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1459,"timings":{"blocked":-1,"dns":61,"connect":280,"send":0,"wait":307,"receive":1,"ssl":597},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getCoinList","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14937,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"22aed4c7394bd4b12ee60ba4d5031e5d","sha1":"1c3d0b052716ccb71feafc74fc1a073036aa63cc","sha256":"e2e8bc1030b937d03f82f7c3b754d62222202f36bacee3fed8a16dc6ee891d02","sha512":"c3a1098b224c332c5e277d95551c446d9d2d5d1fc805d3b96cfdb86cc23936b041ce8fc1ca6bcc739b1dc535f606358e71c43a85aa88889bd5c243078a39a9a6","ssdeep":"192:wXrJX4FXGK0XesAGX5uGXpVZsX8oS5XcNJ8XbASXguzK7owYAYfeSCKifnjWwXWf:gYZYDn","tlshash":"9662225a622895bcc5b5d4d01ebf7a1362cc346fecc98d1f87d94c8889d4ef2560af06","first_seen":"2026-04-15T13:46:10.117065Z","last_seen":"2026-04-15T13:46:10.117065Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":-1,"dns":57,"connect":277,"send":0,"wait":298,"receive":1,"ssl":600},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getMt5Amount?coin=xauusd","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=xauusd HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/fonts/DINOT-Medium.otf","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-forestc.com/assets/index-0dcb7d8e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 73096\r\nLast-Modified: Thu, 09 Oct 2025 11:54:18 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26a-11d88\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-08T05:16:21.696807Z","times_seen":961,"resource_available":false,"data":null}},"time_used":918,"timings":{"blocked":123,"dns":0,"connect":0,"send":0,"wait":263,"receive":532,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/fonts/Arial.ttf","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-forestc.com/assets/index-0dcb7d8e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 1047012\r\nLast-Modified: Thu, 09 Oct 2025 11:54:18 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26a-ff9e4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-08T12:43:51.916247Z","times_seen":1330,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":273,"receive":317,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-bc011be9.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 397\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-18d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-08T12:43:51.890252Z","times_seen":708,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-24fdfc46.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-24fdfc46.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-29d4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10708,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10707)","md5":"746436f59eb34d627815350425b15e4c","sha1":"adf537f6aa3ac5af1e497b74c5e79ec43975a9c2","sha256":"24fdfc4616f2f97af0f2ee0c4b5e84bf6bcbd2f9b94afa06eb5fa3b1605f0f34","sha512":"ea84ee45fb86567bea6fbaff6338f110166b922dc5ebb4f4c438d04acbe0e9bf3e4cb19dc5a8e57b2a591e8df2d61ac152e2d105d7a0b0e9e15d491cd96d79c6","ssdeep":"192:RmI6EpO5gOB2YqbM5U9lV3ePf+EY9HLDnsf3CJMjtIGBYavPeLsJ3q:4iX9HLDsf3CJMjtICq","tlshash":"9c22653cf7a92738ac37d199abd84dcce219b921e653dca4f15b59621ccb5e72a3004c","first_seen":"2026-03-19T19:49:31.901317Z","last_seen":"2026-06-07T17:52:01.996962Z","times_seen":7,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo-res-3.oss-cn-hongkong.aliyuncs.com/logo/litecoin.png?2.0.1760009539818","fqdn":"echo-res-3.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.221","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /logo/litecoin.png?2.0.1760009539818 HTTP/1.1\r\nHost: echo-res-3.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF9689AB67323431C33372\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Fri, 27 Dec 2024 08:14:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-08T12:43:51.945483Z","times_seen":631,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":-1,"dns":25,"connect":267,"send":0,"wait":290,"receive":17,"ssl":541},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/ripple.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/ripple.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A23FB0A3732720FF2\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Sun, 25 May 2025 04:36:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-06T04:02:55.304252Z","times_seen":638,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":1602,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/type/defi_activity_type","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-06-04T04:33:14.419392Z","times_seen":666,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":556,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fc49bc95a5bcda4df1fccf3351a21829","sha1":"eab431f7f734b517ef8aeb35d9e572dfad7fccf4","sha256":"89db034b12287f140f134b9be205fbc6e0d3067da3e14be338fe5ad82fb1a25f","sha512":"234471fb9002a2b553ad63dbf24f7e6b2fe8c5ece10411e3ca75cc1f4e65cf74122313c47559bc5cdcced9c86d020e8f4c965a8bf2fabb6d11b1c505307f8f64","ssdeep":"","tlshash":"e1f08b1e1a788e69180605e724c9bec9a24e1287d660cc709666cf1840e55b70b0e504","first_seen":"2026-03-04T14:34:33.794028Z","last_seen":"2026-04-15T13:47:12.56147Z","times_seen":7,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/platform/dev/logo_144.png?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:46.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:38 GMT\r\nContent-Type: image/png\r\nContent-Length: 73455\r\nLast-Modified: Thu, 09 Oct 2025 11:54:17 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a269-11eef\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73455,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 422 x 422, 8-bit/color RGBA, non-interlaced","md5":"7f22dd92dad42738fe556f38ecc19c35","sha1":"30e37375a74c6e2b145363e4926d81cf63d4b73c","sha256":"4178d2a68a3a88168366b4731310ba06a953edfa87c6214a2c0b4e646ba1850b","sha512":"f1e0e2d264c54e5f123c886dbe181bf76b5576b04271ed9119375dac4db83fd0f672fdf26a63d73d5bc06415fb0fffd483f0dd566d7d47461fc700b7ca2ffd9a","ssdeep":"1536:RjPzkn/rT7r6E6L4TjmCxPaC6iTKPlhjB57WSu2nlVe2mbbKP4:Vo/rT7rFw4eHiSuT2HeKP4","tlshash":"8073021df497f90e5e992027a3b3810c5c672dc566c8d1e780cea54d94e3ac96fe0bd8","first_seen":"2026-03-19T19:49:31.878549Z","last_seen":"2026-04-15T13:47:12.592467Z","times_seen":6,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-0e7b8647.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-0e7b8647.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-a01\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2561,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2560)","md5":"eea0153dc61fa36fc63b81f0851caf3e","sha1":"74594459de5dd27b766fa8aadc2c9a7334955163","sha256":"0e7b8647757fc5b6789820dafa14ef7c4d247df4dddd3bfd3c37604cc9e41549","sha512":"f5d5ef94846ccaef6cb9b28c8183c97c61716e3fd9849c5f471dec8ab2a8cb911e45a55c21bbb479deda5e2ab59dfbb338b70f6d20b7e7757bd8455fdb8bc364","ssdeep":"","tlshash":"b351f24df7ad16391c77f58f6e985f8cd0006e82e186ed85f147c6260acf7b32a2121a","first_seen":"2026-03-19T19:49:31.876044Z","last_seen":"2026-04-15T13:47:12.595772Z","times_seen":6,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ef3e379d.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-ef3e379d.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-39cf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (14798)","md5":"d495f22178364248aea44dbb23dc34cf","sha1":"5b770b1ed9c7f7ecac88aab2cdf9f20c0fe0706f","sha256":"008f4d625e150cc6d8e8436d4823202f394bc033c3737881ef2adecf7ed56b53","sha512":"b4b5731d8ddc24137fbfa2492ca4f383fc3a59ca1cc4b5f8cd069d80fed490d8356ae42ca3e6e8e27442a3b60388ce2ed2528da3ad7c580e0d12470e657bd54c","ssdeep":"384:iPfSuAzJRUpFBOPkfLlAwRwGty8yNg3lMxUGaXuCCe1vO:iyfMBekfL3SilGaXuCCeU","tlshash":"9e62b495f9069a3cf6b7a06050880420326e7fdb40098de2b4bd6d96b752efcb74a75c","first_seen":"2026-03-19T19:49:31.88323Z","last_seen":"2026-06-07T17:52:02.026419Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1635,"timings":{"blocked":1366,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img170688b42b2b4712bb44db8c97351f9a.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img170688b42b2b4712bb44db8c97351f9a.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1907\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A269DA8393787F0F3\r\nAccept-Ranges: bytes\r\nETag: \"9459A1B16A6346A8DAF9E2E700D8A0AF\"\r\nLast-Modified: Sat, 24 May 2025 15:55:20 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17079821215456291766\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: lFmhsWpjRqja+eLnANigrw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1907,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"9459a1b16a6346a8daf9e2e700d8a0af","sha1":"7aeef8fb0483dd8f7089324bf338a8baff19c377","sha256":"fdbb68edeff25fa09404179dfc144d6343af95599093ad71043bd44939983a04","sha512":"87f2d69526f66e1169d4ca8a4ede4337e912b04ceab6438d0cb29021f3687a3e6802fc103fb77f7af9ad5ec1ebba3e404794cf0daf8a13f2c05c2be05c7e1376","ssdeep":"","tlshash":"c141f9a8f7a5f50fec540152146b69040df94844b560c04f06df94be4aa7af38c9f584","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-03T22:15:44.560437Z","times_seen":130,"resource_available":false,"data":null}},"time_used":2281,"timings":{"blocked":1946,"dns":0,"connect":0,"send":0,"wait":335,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang, language\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/filters-9482f320.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/filters-9482f320.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-c1e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"ab97a0c4411210f76d66778fc675e952","sha1":"d4c4cb86461a902cbb77d0b78fd4a1b38f5ba49e","sha256":"f7bb561b768d6c7042db66a0ef408e38e7ae727ead7e619396b3775b30e98ac0","sha512":"4ec41f2df42fe53bbfa15424f4b918ffd83c0bc5fe8a997380723b702fe1531b6a9ad07b45a3a84276c2954692eddd5a0e077e36333c2025715e51eabb97bed4","ssdeep":"","tlshash":"135135edfcd7613356ea6ef940288410728ebe20686e0a4df54bd0455933888e0bf778","first_seen":"2026-03-19T19:49:31.886434Z","last_seen":"2026-06-07T17:52:02.035893Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1361,"timings":{"blocked":265,"dns":0,"connect":270,"send":0,"wait":268,"receive":0,"ssl":558},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/en-27d24c1e.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/en-27d24c1e.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-a6c1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42689,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (42664)","md5":"e3965f5063130c65b4950156dec3d57b","sha1":"701481a193df7dd199a7759c92e50ceb045b5311","sha256":"d9b7b77568283ea9aa7aec88da4efff2b878f7d6dbf22011bc729a7ce507d2e4","sha512":"ec883b6f79b1189c8f05f0b1289a4f007b46860d27cb0797a843bc914245c6f0934cf27f94c7df47682a3767b0cefee263e136d49f38cefe480f74a412d32af5","ssdeep":"768:+GtZcEw/o7rNO3HsifnAMcRrAaA1F6oP6+hsPJaJ1m6O6fpk7aOHRea:iponNO3HTuRrIF6WsPcJGHRT","tlshash":"5813e7893e1a98da05f3676774ce6e2020f50ac18255841f4fedc9fd53e2b67a363728","first_seen":"2026-03-19T19:49:31.891341Z","last_seen":"2026-06-07T17:52:02.05109Z","times_seen":7,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img7c8bbaf30f094b35af8c08684dcb0a6c.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img7c8bbaf30f094b35af8c08684dcb0a6c.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 598\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF9689269DA8393796ECF3\r\nAccept-Ranges: bytes\r\nETag: \"CB1474A6586606366122E796E7C7B790\"\r\nLast-Modified: Sat, 24 May 2025 16:00:50 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 52651854032997638\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: yxR0plhmBjZhIueW58e3kA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"cb1474a6586606366122e796e7c7b790","sha1":"65e5b65ac7af71f7c74943cbbb786c502da79f51","sha256":"59ffe909363cd4f08954e3d43522913d7f06837b0a726f4f094d07e4443970e7","sha512":"24e9f1f19d63ad08cae741f4a599ed906a4b047498dd9805dd8a5ef69eecb48ba4beaebeee27f86e61b054c5b894da1da38e1ba466ee616a4de71d851d798faa","ssdeep":"","tlshash":"57f041ea69d79ad8a36c0fb3564205908447d0d0f305d7536459f7fd272074016b9a36","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-04T04:33:14.413133Z","times_seen":121,"resource_available":false,"data":null}},"time_used":2342,"timings":{"blocked":1004,"dns":5,"connect":331,"send":0,"wait":332,"receive":0,"ssl":667},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/svg/light/zu29.svg?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/svg/light/zu29.svg?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 840\r\nLast-Modified: Thu, 09 Oct 2025 11:54:19 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26b-348\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":840,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a11daaf1382f31c1a57202739adf7748","sha1":"ef2b1485dde5d0c14809b2759acbd9a09c18af80","sha256":"9ae3a8a520a4491119fa30d193bc35d15d8a12cc1b62136ce1e89b3db3e71251","sha512":"9b8089fa1eca241be91a837da97c88ab917a50336f820d1d855343b9f8a86d63692bfd4ea3b22d408f748e47580107339b789bc9f4d243379a093b5348dad640","ssdeep":"","tlshash":"280112bf4736a3fdd6644a80aad42799343de042e17404ecb3817e177e2062a0abcd95","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-04T04:33:14.405543Z","times_seen":328,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getAllSetting","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang, language\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-9bd35a43.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-9bd35a43.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 510\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-1fe\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"95f3bed4955611049bd71a4b23f79886","sha1":"c9688cc77f0eafb16c2de3ea6fc7dd33ba1d6234","sha256":"fbd238728bed74030984ebea65996e5978a1de996c9700f3bf70a0dbedf40f0d","sha512":"d5f62f0e66456ab501037529108c3d0e5cc04a6da3297561ab8e607ceab05b480d2ab38d94bf27dc844a1495307992a8ef79382129a0d8323d9fcaa7bc9b39e0","ssdeep":"","tlshash":"4bf0052f797a84721bb384e891631811b7182b4a3b50c5f495860714873cce6d26f524","first_seen":"2026-03-19T19:49:31.90446Z","last_seen":"2026-06-07T17:52:02.049709Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1638,"timings":{"blocked":1369,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/currencyItem-0408d09a.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/currencyItem-0408d09a.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-4b6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"b83d0a03adfaea16ef3f485ccda95ca7","sha1":"8f36321dcd357a8ba1d2cfb0f3f98a10e12bf139","sha256":"0f97d847241aae34daf0a3b40066126478ee8d648a739d0a375e109b5f381721","sha512":"2fc03a2d6fa3c90bf6b2c484c11653c71e6b24dfb37c444351c987f5a856f090676f04d668dc76c0df96411ea51b84e0c48dab4d41b902af321940972e43c4df","ssdeep":"","tlshash":"b321df9aa902c7b1cbbe906281bd4414130d7fda700181c1ebed158a378b6fcd728a31","first_seen":"2026-03-19T19:49:31.89781Z","last_seen":"2026-06-07T17:52:02.040693Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1429,"timings":{"blocked":264,"dns":0,"connect":281,"send":0,"wait":278,"receive":0,"ssl":606},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img884cd8aa753c4883af9515f61cb0906e.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img884cd8aa753c4883af9515f61cb0906e.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1599\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF96896B4B133635150433\r\nAccept-Ranges: bytes\r\nETag: \"7982395C5BE4A71C84A0E6ED25C0FFE6\"\r\nLast-Modified: Sat, 24 May 2025 16:01:36 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10124007141188402507\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: eYI5XFvkpxyEoObtJcD/5g==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1599,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"7982395c5be4a71c84a0e6ed25c0ffe6","sha1":"47b16735c5532d2f02fd0f2d644d2e32c4a29a5a","sha256":"18c72092134e339b1b587b0791f93ce88e6d7a4e3fb8ceb46f708050d9e5caf7","sha512":"410cd3f16dfed2cae78da54fbb283132c9ea52b14649abd5ff3812f16038b1c6acd50c84c7cc202cb0f40580bf636f473ec90563f84ce246b6b17f5f156141e2","ssdeep":"","tlshash":"0b310adf6e4f2cabf7f43855e3125e48de33d1e43874071d87a2e10230516560584a45","first_seen":"2024-01-21T00:00:17Z","last_seen":"2026-06-06T04:02:55.264255Z","times_seen":125,"resource_available":false,"data":null}},"time_used":2357,"timings":{"blocked":1009,"dns":0,"connect":336,"send":0,"wait":338,"receive":0,"ssl":671},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":484,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e23f942f7e9679b0edbcaefa50de2064","sha1":"1d823c8af05c1812d781aeb30c11fcf27b75de74","sha256":"62517deff07130498abbeea764d39495a98293bbabfa09346342d8de84aeebf5","sha512":"4c1303740ef90b8c873c5a100eba05f3be7acfec92346b610c338d9c4c78fa32fb32c4b4e62faa7c4fbaaf26612d9b0f6608fde360e39e9cf5b1d533a055bdc1","ssdeep":"","tlshash":"7bf05c4e043c8e76480644c715ccbdcd517f1793d660cd34865bcf1c82f56b5071b908","first_seen":"2024-08-19T15:53:11.172011Z","last_seen":"2026-06-04T04:33:14.45383Z","times_seen":64,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/img555e12181181482c9c7bf1575081e93a.jpg?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:45.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /img555e12181181482c9c7bf1575081e93a.jpg?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:46 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 101554\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968A23FB0A3633DB0FF2\r\nAccept-Ranges: bytes\r\nETag: \"170C41143C3CFE514C74C8B1A40E8130\"\r\nLast-Modified: Sat, 24 May 2025 16:21:14 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12097300403483199051\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: FwxBFDw8/lFMdMixpA6BMA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":101554,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.9 (Windows), datetime=2025:04:30 21:29:14], baseline, precision 8, 750x400, components 3","md5":"170c41143c3cfe514c74c8b1a40e8130","sha1":"b0bf4be504f2988c94c0b92eaa11ec982c8a1afa","sha256":"637cfed3e9234608132d619e89a6446ed9dd3ece70a75be9c339b3a0d48d4fa0","sha512":"0d466d40a8fb5f4f5a581d337b4860e8343ee388a74b703bf8b729bc6c204e17b57c8b674dcfac635628f9df0f3492a1b90f82a796c9bc250f6b7f5c03655f8f","ssdeep":"1536:EmG+8u2AZd7fFFkQ46O+ZWNjh9WvMXFdfgBxvwgXL1g8wht1kNtMiqv46c+L:EmbZd7fFFkQ4ZeQt90MXFdf2VamNt2p","tlshash":"a6a30239bf7bcc22d4d34c3984e5e7b0bdaad60252e32992f6cd25847f709918c9d1a4","first_seen":"2026-03-19T19:49:31.896145Z","last_seen":"2026-04-15T13:47:12.602894Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1623,"timings":{"blocked":930,"dns":0,"connect":0,"send":0,"wait":348,"receive":345,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-24ffb324.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-24ffb324.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 124\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-7c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":124,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5b7fb735c249fb3838fc3c6da675b0c5","sha1":"552f5a3613e5f981e1b86e7a30bfba80af33913a","sha256":"24ffb324fb949482a453b7d5166c90e99e78ec6a18503a2fde9ed0aa5228b77c","sha512":"73b0e85aadada75ff6739102195116bd1e89cd2310768bc4a1c96cfe08b6e67c65fdfa5f676547bf84da19b4ddbb579b28febaafec470e58bfb967034077b166","ssdeep":"","tlshash":"dfb09b1d76861504f1655251fd07ba7dce25144353d1495187071fd937837cf1564409","first_seen":"2026-03-04T14:34:33.760151Z","last_seen":"2026-04-15T13:47:12.577606Z","times_seen":7,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.trust-forestc.com/ws/90a3b778-2034-4625-96a0-17f9131847ce","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"GET /ws/90a3b778-2034-4625-96a0-17f9131847ce HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://trust-forestc.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: eUUbdOMoLsWh4S7NpATdjw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: VSQ0nJg7pFhEmCUcIw/dHBCaDnk=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":1157,"timings":{"blocked":-1,"dns":1,"connect":277,"send":0,"wait":278,"receive":0,"ssl":601},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-dd8d3492.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:40.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-dd8d3492.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:32 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-189a3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100771,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"f9ba715db1e75616ff5f00dd409e1783","sha1":"72ec5c030b3f4cfe20865f00348e4307a2f5192f","sha256":"34c3f4a99765bd306ac6233f77f774787443d3239a3890ab6bc7ccc219a3b36b","sha512":"bd3fb0fa634cf3cfa40d5de7f3b1ca7c59d670c27f5d72941e98dda9ab64b92ed5c3a64a4435d9589e6ff9addae740dc873b0373fe1817256553c3861b48a5dc","ssdeep":"1536:mg4vN9U5HiB+KMSMf3MDr5+q3u8Kj4t037v0tQrYlxoz:sPU9g+kDr5+q3u8Kj4tm6oz","tlshash":"53a33ccda50b0eff6cbd0845a94b9a1021681f93588ccc9773ba7f4527fac94729a71c","first_seen":"2026-03-19T19:49:31.921471Z","last_seen":"2026-06-07T17:52:01.993423Z","times_seen":7,"resource_available":true,"data":null}},"time_used":556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":280,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/vendor-8c267198.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:40.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/vendor-8c267198.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:32 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 09 Oct 2025 11:54:15 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a267-16c1e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93214,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"509f1a66e8ad59bd27f081062f603f10","sha1":"323e5b51ac955ca843a2669bcee4ba00cde496c8","sha256":"8c267198fe044786df26943e5e5a048895118d991e8da41a16605df914fbcca4","sha512":"ce9dcd5836d4aa80a321213612d6aeeea98f0be7d2619818051e47c2a6729759044754796239ba08203b119fa3bfdb9920466fa924aca73894a1eaec0345dba6","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/zb:BnNIClDsIxuVS8nb","tlshash":"5e93d4a5a9c461fc6f2ae2659b8765e8f13cf671cc01daa0f105511d0fcbbf60613a3a","first_seen":"2025-06-07T20:44:36.433732Z","last_seen":"2026-06-07T17:52:01.994996Z","times_seen":77,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":269,"dns":0,"connect":0,"send":0,"wait":280,"receive":289,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ef3e379d.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-ef3e379d.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:34 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-39cf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (14798)","md5":"d495f22178364248aea44dbb23dc34cf","sha1":"5b770b1ed9c7f7ecac88aab2cdf9f20c0fe0706f","sha256":"008f4d625e150cc6d8e8436d4823202f394bc033c3737881ef2adecf7ed56b53","sha512":"b4b5731d8ddc24137fbfa2492ca4f383fc3a59ca1cc4b5f8cd069d80fed490d8356ae42ca3e6e8e27442a3b60388ce2ed2528da3ad7c580e0d12470e657bd54c","ssdeep":"384:iPfSuAzJRUpFBOPkfLlAwRwGty8yNg3lMxUGaXuCCe1vO:iyfMBekfL3SilGaXuCCeU","tlshash":"9e62b495f9069a3cf6b7a06050880420326e7fdb40098de2b4bd6d96b752efcb74a75c","first_seen":"2026-03-19T19:49:31.88323Z","last_seen":"2026-06-07T17:52:02.026419Z","times_seen":7,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/coinInfo.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/coinInfo.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968923FB0A36334A0EF2\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Sun, 25 May 2025 04:36:26 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-06T23:47:44.168837Z","times_seen":643,"resource_available":false,"data":null}},"time_used":1690,"timings":{"blocked":1301,"dns":0,"connect":0,"send":0,"wait":346,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/logo/tron.png?2.0.1760009539818","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /logo/tron.png?2.0.1760009539818 HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 28273\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF96896B4B133635530533\r\nAccept-Ranges: bytes\r\nETag: \"D5CA5F90C7A46CB88E5F57B2D3046BA8\"\r\nLast-Modified: Sun, 25 May 2025 04:36:26 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 651333452456791640\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 1cpfkMekbLiOX1ey0wRrqA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"d5ca5f90c7a46cb88e5f57b2d3046ba8","sha1":"4a46fba9e1f7e0419539519e1936e6002f99b3a8","sha256":"a584af003890eeb5d527e91031218b66fc8d429ce7d8ddc5f5ceb9efaf627a40","sha512":"60e2cb71c7155b2f51159c37f53d85c567698b9baec7ffc34ec898df057fb64e2528909f68df9e901bf5243a4ee451f0ff432e210db1635ca0c448073e7811e2","ssdeep":"768:CXuoEFXvWj4CBn04bX73fOlLiRO2lFIVmfSD:9FXvWj4CueDGlLmOuIcqD","tlshash":"b2c2d005f8f592ca744cc6104925cd97f273a15b30a53eda3ddcca6f7f9c9e916a0282","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.285468Z","times_seen":581,"resource_available":false,"data":null}},"time_used":1669,"timings":{"blocked":1309,"dns":0,"connect":0,"send":0,"wait":347,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/platform/dev/favicon.ico?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:46.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:38 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 3766\r\nLast-Modified: Thu, 09 Oct 2025 11:54:17 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a269-eb6\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3766,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"254c5605049489e05e390b15ee2071d8","sha1":"df512df5982fcc995c99126127dd7852eb1ce942","sha256":"01fe68abb2899da77d7208daf41bf68d0539d4d8e868c7756c7ccae5d68443fa","sha512":"f9c1417d959ae6d587b7481974aab536127396bcaeffd9a7d9f27b0fd3452eef52803c35e715db99b68e279e06e8bc99bbe498da14a46e3e9e7b4b52331ea8d3","ssdeep":"","tlshash":"0d717d583814b0fbbc5732a3c1bcdca0cbc8a9363d36526d8763a4140dc5d8a5dcc4e1","first_seen":"2026-03-19T19:49:31.908634Z","last_seen":"2026-04-15T13:47:12.568785Z","times_seen":6,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getAllSetting","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":2031,"timings":{"blocked":884,"dns":60,"connect":261,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-ea79f674.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:42.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-ea79f674.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-1233\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4659,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4654)","md5":"60e71e7ddc6adf09b784ac1f44c3796d","sha1":"39ac84975b67dee1d0f14223999c744bbd21154f","sha256":"a628c81d5fd1dba253b07d599425b62ba67263737294fd924504902b093b0da9","sha512":"84ab8959daa7bc9306c80c41bf48c7416349946966d7cb46ce204ff803065a9f3d718930f1c4cd3008151bae7224d045cfe08ceaae48496cca88530a3a11e927","ssdeep":"96:AdE5YYwforblYsGqCwGH44d3TLw5FDlrbVevwHgr3hr0VBAf23zEpjp:gE5YYwfEYNqCwGbTLw3jlAThr0VBU+zs","tlshash":"d4a1968eb8068579aeb7644194980411319c3be5b27844f6f2fdac4a77b5abad780321","first_seen":"2026-03-19T19:49:31.932674Z","last_seen":"2026-06-07T17:52:02.055966Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1418,"timings":{"blocked":267,"dns":0,"connect":276,"send":0,"wait":279,"receive":0,"ssl":595},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/svg/light/zu447.svg?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/svg/light/zu447.svg?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 420\r\nLast-Modified: Thu, 09 Oct 2025 11:54:19 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26b-1a4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":420,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23b51e86174e8f6920f0afedc42bb423","sha1":"cdd01b04898627077aff5bfcfe4c8d1729d89397","sha256":"3a30987fe9e27f43c0c43f5aea739a13a599a6f633131b6f042f039f15de83e7","sha512":"4c3eae2304dc9d458aac7064d93cfc502fca1543b29bd5490adb51fb806dd0596a2c854b560f605d99a78243e8cd1fe60cbd6b09b663594d4333beda3820533c","ssdeep":"","tlshash":"fee05c16cc15100e51010e95c3d11f68a47ff183c2a508aefbe0127b4ab5c0a6cbc32a","first_seen":"2024-08-19T15:53:11.170684Z","last_seen":"2026-06-04T04:33:14.432722Z","times_seen":390,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang, language\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":2488,"timings":{"blocked":117,"dns":61,"connect":280,"send":0,"wait":276,"receive":0,"ssl":790},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/common/getAllSetting","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13416,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"379bc1f5d10f6670959adb043fb3bc08","sha1":"96e4ae628e9823ccdf3ef2d8295add02cf9874a1","sha256":"8ab7d8e88bfd67ce90f03688fdb5bb5f5cd5d9bebc9f98963e381f73928beee5","sha512":"6b72ef65d861714246ba5f42d0da75a41fc0c052cad8578736a58e9b6783d4b53ca9afc7a7329fbc2a8605a7351e0f9085837fb116de851368bfde4155248087","ssdeep":"192:kwxsxwPBzzOSpQ+UQD+RbKcLcZauNHxHq8FTiUiYUAbJFqtLjzsOsi8qBPMNiRPq:liKBn/NvmQONM4RPvxY6s","tlshash":"fd52644d37cccc7d96d62ae1546733d9b7dc34e7a884988ee0a2ae1c4c9aab7440f01d","first_seen":"2026-03-19T19:49:31.924809Z","last_seen":"2026-04-15T13:47:12.594038Z","times_seen":6,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"leabonc.oss-ap-southeast-1.aliyuncs.com/imgc7113e4177054b8cbd9c7e1ea6aa4ad4.jpg","fqdn":"leabonc.oss-ap-southeast-1.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.48.225","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ap-southeast-1.oss.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 08:21:21 GMT","end":"Sun, 23 Aug 2026 08:21:20 GMT"},"fingerprint":{"sha1":"B9:90:C9:A4:F9:5C:D9:49:DE:99:F9:50:6F:7C:79:A9:07:4D:8B:1C","sha256":"C7:2D:29:D0:BF:4B:5B:A3:1E:70:8C:EC:31:B7:94:9E:7A:9E:C8:DC:DA:3E:FD:82:74:D1:49:D0:5D:DC:01:2E"}}},"request":{"raw":"GET /imgc7113e4177054b8cbd9c7e1ea6aa4ad4.jpg HTTP/1.1\r\nHost: leabonc.oss-ap-southeast-1.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 15 Apr 2026 13:45:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 73455\r\nConnection: keep-alive\r\nx-oss-request-id: 69DF968923FB0A3732E30CF2\r\nAccept-Ranges: bytes\r\nETag: \"7F22DD92DAD42738FE556F38ECC19C35\"\r\nLast-Modified: Sat, 24 May 2025 16:03:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11919154364659854961\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: fyLdktrUJzj+VW847MGcNQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":73455,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 422 x 422, 8-bit/color RGBA, non-interlaced","md5":"7f22dd92dad42738fe556f38ecc19c35","sha1":"30e37375a74c6e2b145363e4926d81cf63d4b73c","sha256":"4178d2a68a3a88168366b4731310ba06a953edfa87c6214a2c0b4e646ba1850b","sha512":"f1e0e2d264c54e5f123c886dbe181bf76b5576b04271ed9119375dac4db83fd0f672fdf26a63d73d5bc06415fb0fffd483f0dd566d7d47461fc700b7ca2ffd9a","ssdeep":"1536:RjPzkn/rT7r6E6L4TjmCxPaC6iTKPlhjB57WSu2nlVe2mbbKP4:Vo/rT7rFw4eHiSuT2HeKP4","tlshash":"8073021df497f90e5e992027a3b3810c5c672dc566c8d1e780cea54d94e3ac96fe0bd8","first_seen":"2026-03-19T19:49:31.878549Z","last_seen":"2026-04-15T13:47:12.592467Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2659,"timings":{"blocked":1010,"dns":7,"connect":326,"send":0,"wait":333,"receive":325,"ssl":655},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.trust-forestc.com/api/notice/list?key=INFORMATION_NOTICE","fqdn":"webapi.trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:45.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"webapi.bitcryptoforesta.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:17:25 GMT","end":"Tue, 23 Jun 2026 22:17:24 GMT"},"fingerprint":{"sha1":"95:EC:AB:1B:D1:4C:33:E3:82:03:75:86:B8:B5:5D:51:16:70:EC:5C","sha256":"FA:1B:B9:44:BB:71:56:85:C3:2A:C8:BA:F6:6C:2D:08:E1:BA:C7:92:24:64:BB:02:4B:2C:71:08:11:98:09:C9"}}},"request":{"raw":"OPTIONS /api/notice/list?key=INFORMATION_NOTICE HTTP/1.1\r\nHost: webapi.trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://trust-forestc.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 \r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:37 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://trust-forestc.com\r\nAccess-Control-Allow-Methods: POST\r\nAccess-Control-Allow-Headers: lang, language\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Max-Age: 1800\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"webapi.trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T13:45:39.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:32 GMT\r\nContent-Type: text/html\r\nLast-Modified: Thu, 09 Oct 2025 11:54:59 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a293-14ad\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5293,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094), with CRLF line terminators","md5":"a330ce1850e1d08c5bdd884424037863","sha1":"fea962aa028c4edb67cdc5fd49afbd13e291a9a0","sha256":"efae4ca6e5e6deccccbcd1ad4999c0b77c6661a399e16b263aaa5dcd8ace5e79","sha512":"79a28446300eb08922837b5d28cee00adead0482c4a38fe852c73fd2a9bad405f32a8a891e89e335622682e8a464a5fc2ac2a25d28a48ab84dbbe8d1d32afaad","ssdeep":"96:+r82Nff53uSPEoQVXist/MRr6aCZydHRH/9L2mUsGKAiowGwuB1GiHDiHk1H/T:+FB9PEHLlZCxfd2nfD3bwuB1GijiE1fT","tlshash":"95b13eb368a4881a1372412beee7f01ceb21159386195860b4cc54ef4ff1fe5c8dbb26","first_seen":"2026-03-19T19:49:31.899364Z","last_seen":"2026-04-15T13:47:12.562609Z","times_seen":6,"resource_available":true,"data":null}},"time_used":2128,"timings":{"blocked":925,"dns":83,"connect":277,"send":0,"wait":278,"receive":0,"ssl":562},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-0dcb7d8e.css","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:40.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-0dcb7d8e.css HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:33 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-4ad83\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306563,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"1e50d51906147e73d50b29f196d08525","sha1":"71b2f521108b5a085a41ba6a6bb1840c2d3e440f","sha256":"0dcb7d8e1941798e88ee8c32ad2863734eb1295e59dfefff0c826a6d65f4b5a0","sha512":"feb41d03cba9616d1c3b264b91b3c3e5778ea19e14961a0c7cd5e80f2a6f6f24bbed4cf42810ab9d0b7e0b4914965a84a26a28e3fbd258d7477be7cd280c4c83","ssdeep":"6144:nevxsalDWVEkZ8w71ZACkFDS3vyf58rBeV05TP:ev10VdZ8w71ZACkFDS3vyf58rBeV05TP","tlshash":"3964d6a9a590117c6f27aa759bce5ad8f23ce6719c118de8f20160094fc3ff92363617","first_seen":"2026-03-19T19:49:31.926329Z","last_seen":"2026-06-07T17:52:01.965584Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2537,"timings":{"blocked":846,"dns":1,"connect":277,"send":0,"wait":280,"receive":556,"ssl":574},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/index-b8ea8ef7.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/index-b8ea8ef7.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 776\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a266-308\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"13cfcfd8c4d7c8614f6084823488ce68","sha1":"ab1a1dead6b3bcdbf4de023dff672ede49c2cbc8","sha256":"afca09db5f0530734f7864c739d403a2f3d6799364f3b5069fe06343a4369d68","sha512":"455bc9fb0c7e0e722a657875018c6f719cb4707252f4b75c821d945eba8c90d5a9eca867f235f77fd3735b796cb58d6dfb5c0f6577504db18cf104832e3a4238","ssdeep":"","tlshash":"c301f8f8fc0d8ebb0ea20a4101d03601140a2fddfa1419e198867e6a1be4980dbce32d","first_seen":"2026-03-19T19:49:31.910073Z","last_seen":"2026-06-07T17:52:02.045256Z","times_seen":7,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/assets/currencyItem-0408d09a.js","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:43.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /assets/currencyItem-0408d09a.js HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:35 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 09 Oct 2025 11:54:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68e7a266-4b6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"b83d0a03adfaea16ef3f485ccda95ca7","sha1":"8f36321dcd357a8ba1d2cfb0f3f98a10e12bf139","sha256":"0f97d847241aae34daf0a3b40066126478ee8d648a739d0a375e109b5f381721","sha512":"2fc03a2d6fa3c90bf6b2c484c11653c71e6b24dfb37c444351c987f5a856f090676f04d668dc76c0df96411ea51b84e0c48dab4d41b902af321940972e43c4df","ssdeep":"","tlshash":"b321df9aa902c7b1cbbe906281bd4414130d7fda700181c1ebed158a378b6fcd728a31","first_seen":"2026-03-19T19:49:31.89781Z","last_seen":"2026-06-07T17:52:02.040693Z","times_seen":7,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-forestc.com/resource/svg/light/user.svg?2.0.1760009539818","fqdn":"trust-forestc.com","domain":"trust-forestc.com","tld":"com"},"ip":{"addr":"154.91.82.184","port":443,"asn":399077,"as":"TERAEXCH","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-forestc.com/","date":"2026-04-15T13:45:44.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bitmartforestd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 22:07:50 GMT","end":"Tue, 23 Jun 2026 22:07:49 GMT"},"fingerprint":{"sha1":"5F:68:E7:7F:63:77:06:79:6B:2F:0F:3A:23:83:D6:3D:A6:E6:D7:FF","sha256":"D2:BE:F1:46:9C:DB:17:DB:88:2D:4A:5B:60:F4:D2:F6:2B:5D:EA:11:1C:29:92:89:48:14:F7:C8:1B:9D:6F:8C"}}},"request":{"raw":"GET /resource/svg/light/user.svg?2.0.1760009539818 HTTP/1.1\r\nHost: trust-forestc.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 15 Apr 2026 13:44:36 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 551\r\nLast-Modified: Thu, 09 Oct 2025 11:54:19 GMT\r\nConnection: keep-alive\r\nETag: \"68e7a26b-227\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":551,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cbadb23520ecde3a8d7488fc19e95980","sha1":"b10897e06fe244e246e8542b0d1b6d695317576c","sha256":"7217fe0095fa190b95295278d273242aafd0ce4944095f55a3a2a6554d428e46","sha512":"9223a7055472f242d2a4494d80c4c546578663054b494dfd7d3c668157c598c91d6a5e9cfcb1835746b16b02abda7dd674a57b7313011f2a961a87e0cf68a3a9","ssdeep":"","tlshash":"70f04cf7501c949950014550c9de3a85973df133a3468d5eb3a208e68a1454b217c555","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-06T04:02:55.265615Z","times_seen":344,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"trust-forestc.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}