{"report_id":"1fc1c5f7-12ec-4d64-aa58-2548c3369652","version":6,"status":"done","tags":["scam","fraud","crypto"],"date":"2026-04-27T03:19:11Z","url":{"schema":"http","addr":"trw-card.com","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":0,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"trw-card.com/","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"title":"Trust","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trw-card.com","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":0,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-01T03:19:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null},{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]},"summary":[{"fqdn":"trw-card.com","ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-04-11","domain_rank":0,"first_seen":"2026-04-27T03:18:56.702765Z","last_seen":"2026-04-27T03:18:56.702765Z","alert_count":20,"request_count":20,"received_data":18160737,"sent_data":14896,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":7620,"sent_data":542,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/w-loader.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b64ec349c7eeb4324f4e7c20eb7fc98","sha1":"c09046d05daa28ef73e4bf3b58bd6518ce98a271","sha256":"801d62fc02f89e7c1b414392e066dcda139ea3154cb3a48da721ff9a9df49f1f","sha512":"e92c61f409b0a56e41654c1f867089473bed649bf3a8d7167fd1a179993295863f20d0a63b20c5e2c20ba6ee55dab82802c06591cd39d188489a479deefc8b23","ssdeep":"768:sCoOXPhfU4Ui8YG7uOFQgauwF4ifTSQoc8S:SOXXwYG7XQTd4irgS","tlshash":"5b13b8f957a0a8f089a787d5aa131e09fa159c77c7624315f2bc274dbfd2e0cc806e91","size":41716,"data":"","first_seen":"2023-10-17T15:07:19Z","last_seen":"2026-04-30T11:09:43.726827Z","times_seen":365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/w-modal.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"eed7d4b80780bb8adee3cbc67d7f98ff","sha1":"20f450d0eaf88312c005763e9036aeed80a225a0","sha256":"5e0ebe3158a15aba5a5e00e9bb2327769203ed6c28b6fd7aca2155d7e05cadc4","sha512":"66c43c8d29392d3e8435d8273fa23c2653e3cf4a36d875f97195100121e59ba73c1b8c7430c41a01a765893f4f0b97b3c153ede123d688ba3f00fcbe7fd74d96","ssdeep":"384:yuWDxb0OzbJ3vF/ll0blqHuCUCaDr/S1ziayMkrN21GecFZPtDQseaTrHyhfdsG2:KV39Nl08O/CaDbS1/k97rShZFc/","tlshash":"acf286f02bec12b4853f434376592d74bb1114fa9ebabf4575fe1a828f96e0c412a4d2","size":37639,"data":"","first_seen":"2024-05-02T20:25:27Z","last_seen":"2026-04-30T11:03:38.160534Z","times_seen":168,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trw-card.com/","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"d662e22e3ebcecbd4da599477a8dfc1c","sha1":"86fd9e8abda3b8cb1e49d92ee3b79122fc27911b","sha256":"537badf792fa3c90db69838e8a5ebe712ab001be566ff0d574a0369800fad12f","sha512":"7c46930c4285fa499ead00d960d32df503e44dabaa974bb0c7542d72cc56df6b22faaa8dc8ae250b569ae02c50effe979159d9c1b343d0a9f5314f6e342d03cf","ssdeep":"","tlshash":"fee0f1cd3c52f46733f9ba39c2238b5f32610740348394248a16cc642076cd74cdac4e","size":421,"data":"","first_seen":"2026-04-27T03:19:02.154108Z","last_seen":"2026-04-27T03:19:17.734626Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/hero-img.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/hero-img.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 1166894\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-11ce2e\"\r\nExpires: Thu, 07 May 2026 03:18:49 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1166894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 1838, 8-bit/color RGBA, non-interlaced","md5":"67a36b064bec49b13e078fa6cbfc0d45","sha1":"19a7a978f223afc421bb7b36d7d98fc72eea1261","sha256":"aa635b48ba317d95c03cb8b477d8bcff6d5a189115c2a314e675c913790d3214","sha512":"b129e7c292ce7fcf5fd451011cfbebcd33b7e71e83b5061954ff9eb4e0e44f7a6b08bc377d9c26f0779915218bdf05298a2022c294775da2cfa5dca1051d9eb5","ssdeep":"24576:NUL3hzdZoKwEhoE5DfckdMsmVvfX5hYfpbs1YeC8vfTDyzLFv0XMCuP/ORFO:NUt/juEBcGMsmV38wfvfvyz10zuH80","tlshash":"e8252223de92bdaf9588b7751a4760a69073097332648f4f0fd1b9a01c9f8e4f2e4b05","first_seen":"2026-03-13T05:02:39.408666Z","last_seen":"2026-04-27T03:19:17.706676Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1154,"timings":{"blocked":893,"dns":0,"connect":0,"send":0,"wait":60,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/bundle.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/bundle.js?v=1.0.5 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-43f23\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":278307,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64903), with no line terminators","md5":"5ca0ad86bb6456d2f600620bc8d222ab","sha1":"9e74a1021c736c7927573cebc2eb035cf663d111","sha256":"585a8daa26147108b8af3a9240216d853e4b4ffaa8d90a0420116e971966d1af","sha512":"db8a2a53e5629b690e7c920c3e061b89ef033e94033e0806887e8f2d0c70a1fa445e878cd4fa43989c5f87812b13b01ec1cf493202fa6525e0791a16a4fca62f","ssdeep":"6144:M/J3R20QbK+s7AH8yhXhlfddtnQuhNjajHY8NPry01dsp:MdR23VCuh1ajHY8NPry01dsp","tlshash":"2744b5025fe8559c530f4e7e7657f9e0c9873a8a65804ceba2087c25e9e6713faf1234","first_seen":"2026-04-27T03:19:02.135246Z","last_seen":"2026-04-27T03:19:17.710019Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1418,"timings":{"blocked":499,"dns":1,"connect":56,"send":0,"wait":319,"receive":64,"ssl":475},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/script.js?v=1.0.4","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/script.js?v=1.0.4 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-2f6a\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12138,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"e86a6dda14c72802bbfd1ce0a377e6b9","sha1":"615d414a16ba81284faa40161000d35ab970a9a4","sha256":"f29fae59714b5124c3edbe862e5cbf9d9a2dba3596fc0d52992cc875bb2aca52","sha512":"faaa9bb922d5d60ade37184e6d4b5e86e13346ff405a542bae5faf649919e7a517df0950b07942ad516c223f3eb17d7fbf69cbb812fc776e8ab18223891ac650","ssdeep":"192:EPyLnFsW1DqneWcbhsWAcZ0WKqHvZi2h6GRWqDDNbb5Yh0AlCP/cUiJi9XInRIBa:UYFnD6eWIhsWAcZlKqHvZi2h7R1AlqZG","tlshash":"e132a6a672b9163a00674337b057ea5e3f1200236e00f95437ac45e50fee9e564bf6de","first_seen":"2026-04-27T03:19:02.14216Z","last_seen":"2026-04-27T03:19:17.712553Z","times_seen":2,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":444,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/trustpay.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:49.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/trustpay.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 158549\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-26b55\"\r\nExpires: Thu, 07 May 2026 03:18:49 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158549,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1067 x 268, 8-bit/color RGBA, non-interlaced","md5":"393866bcd7bde18dc1f6bc1566aed6ce","sha1":"60e8c7b07fc361805abc9e523a581bb717fffc14","sha256":"e6bc02931d7bfbb7a1c6557992ce5ebcfc401fa3c5f726df537f06143006f04c","sha512":"213507961991a92c9913afae1de8070a4895d1e98bde0af46a84c4d90f0aa50e3a5b606e05ca0a339561a1839c18d3d954f981b28604ae0eb238585f096f4477","ssdeep":"3072:X1EB7bCRDU4kJzb1fMd2GcZ1BBqE/Uot9UeZzWrsTyDQfYRnjuwdrfBF8:FEB7b2vkzRWHEnrJWr7DQfYRjuwZfI","tlshash":"44f31294b35fefa69536004d2a0cb17bb1403ccf337d06666d9ad36b887dba1ce62451","first_seen":"2026-04-12T11:58:39.400112Z","last_seen":"2026-04-27T03:19:17.715345Z","times_seen":4,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/css/6437dabe73e78254.css","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/css/6437dabe73e78254.css HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-1e889\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":125065,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"47d5ec57ddb102d142dfaf86355501f5","sha1":"7905cd27e6cff7f118bf72234657b5c99c0c51d5","sha256":"18c36c66292e413110837a40cc8c256ec236096ec1b28f1a2345ab8e08cb6093","sha512":"4021ab64e45ca3a390fbb009a8c6e485317560d6d160ccbcce2089a0bca1c952b9e7f194b75a9fdf19526a3c3d7f31fd1bb9057506919c3f17404753fd8d23fb","ssdeep":"3072:s5p7keqhLqvbvBjfKhT3MIO6MUJomdHA4rJO6Sq:Kp7keqhLqvbvBjfKhTmmlA4rJJSq","tlshash":"c0c3a4a4b269e83ffc33b0b9939cf85c5119b082dd2506e9fe02a21267c77f15d67618","first_seen":"2026-04-27T03:19:02.151355Z","last_seen":"2026-04-27T03:19:17.717306Z","times_seen":2,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/css/c6040a0981da0600.css","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/css/c6040a0981da0600.css HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-1ce4\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7396,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7396), with no line terminators","md5":"63d02f7fb663d1b4503c662ef472aa72","sha1":"3f6ea3ad2d5d27d75d9ea27e305df53173749287","sha256":"bf0b5d0f03e756a4ab9a9a9f9bb9c7787e198bd5c50ea76480d637b02daf9e12","sha512":"b82590bbd7c0984ddaed279a9aadc1b50ab0e190e4fc25243a68edb261d02d8ca645bd2d65afc1a0612636931e0d3c97a83d61a115bce109fced37131172c9aa","ssdeep":"96:GWRx5qpdH4WWRxBPpuH47WRxxcpPH4YWRxZBpgH44hUWRxohwhZMhJpphxH4fr:GWxMYWWxqY7WxgYYWx6Y4uWxoq8LPYfr","tlshash":"07e16834802e508fc522fd9235cd3f132d7d10155ae54a27dfad19a98eeb83bb3a1b58","first_seen":"2026-04-27T03:19:02.138034Z","last_seen":"2026-04-27T03:19:17.719069Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1015,"timings":{"blocked":471,"dns":1,"connect":47,"send":0,"wait":53,"receive":0,"ssl":440},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/nokyc-1.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/nokyc-1.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 1538612\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-177a34\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1538612,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1536 x 1024, 8-bit/color RGB, non-interlaced","md5":"c3e4c17c6f1bcff74090a8fd7e6a16af","sha1":"7dc7ca5ba6e04ae434f71960f1eaf772cd79db9e","sha256":"e27d8260d0ca485a9c9648e9146ec0b44d3625b4348a2e6c6675fdc61a87bdfa","sha512":"2bb9057d9b31db02561ab57ef8d1fe2bebe9dbb67e19b922dc2b50a76775eee751c6c0b5bad9b87a1978515d10b319595a363713b30eaa8d572b1d839cad66d8","ssdeep":"24576:ymf20xQqInZ9pMCalqRiTNJfTfuHW6SqNq8:ymf26QLxMCzKJfzu26f88","tlshash":"b42533d8edc6210cd3840b7ec2e9df3aada046436777309604335f656b88a7177627ae","first_seen":"2026-03-30T08:11:40.799726Z","last_seen":"2026-04-27T03:19:17.720322Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1123,"timings":{"blocked":514,"dns":0,"connect":0,"send":0,"wait":308,"receive":301,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/images/tron-trx-logo.svg","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/images/tron-trx-logo.svg HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 460\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-1cc\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":460,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"291d91e24370bebfe529c796108646b3","sha1":"135e5efc8109b56b73a3ff31c2cefbff72983985","sha256":"3307d2a64277d68e7df493ff53432f518df287f8b81c99c5a2e7034e78ffc576","sha512":"57bc7a6c63557faf6c0f59c2acd29aeb0571f0baf4778494d062d1cda737f205a5597b78987f1defab39a52edadc5e969e46f48d6bc2901764e5acb7b21d492f","ssdeep":"","tlshash":"03f02762d1ed8a17d618c2989ad40050569c91d39595d320f0d96e792b2c8831c4b6f8","first_seen":"2026-04-27T03:19:02.146088Z","last_seen":"2026-04-27T03:19:17.7214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":513,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/images/eth-logo.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/images/eth-logo.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 94968\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-172f8\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94968,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced","md5":"85f0522df20e8db8fe103fdd5ad971a8","sha1":"cf0328abd7e4bb02e072bea6d4b9f617f4de320c","sha256":"dfde1839dc674d9717a5c32a3a809390a8cda2055a30c1e0faf7dab6eba46cfc","sha512":"acffc390a55eeceb1858e12ddb9ecbc5ae2be52bd32a63d1ef9475b9585f7357fb9e8d9e34002c7d68c57302702aedc4c2fccda20a720f20f98fe17c9d564e6c","ssdeep":"1536:HWoZ7Qcv/3OWuto+CdUd/3Ccs+lq6I1cTswoBGhRxocJgkSJrylOBk4PY:HlZrv/XuAc/ts+46wqRxocFSJrylaDY","tlshash":"f8931292a0da9ce5c3b130be159f6d14ee38079831ce2585e87c3dc2754ba14a1fcba9","first_seen":"2026-04-27T03:19:02.146959Z","last_seen":"2026-04-27T03:19:17.722597Z","times_seen":2,"resource_available":false,"data":null}},"time_used":872,"timings":{"blocked":511,"dns":0,"connect":0,"send":0,"wait":250,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/modules.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/modules.js?v=1.0.5 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-5d1a20\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6101536,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"3b213a32f63e7967e9c2a5535806df09","sha1":"2198e24da34b883543f6b2bb3b3e315cfc5452b0","sha256":"1c56392da634c53a1450bcebb75428d63339a9bdc0e7e4602c0b674dbf27696f","sha512":"1a44f17a2865c14c3570dffb931bdcf07e5d8b7670fcb5154d1088d6fd10d4406acab0e00d666528882f9d91abc635f96b139f64a467c540b695c2c69a70f8a3","ssdeep":"12288:BMGk0Eqoh8EYL7qjs30amseucfju2ZAyppl:BZk0EJGEYL7v0F7Payppl","tlshash":"c9254a8473a1f076439725a4543f100af239b86c384d446cf768eceb7da9989963bf39","first_seen":"2025-07-27T10:34:55.50581Z","last_seen":"2026-04-30T11:03:38.167619Z","times_seen":131,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":60,"receive":364,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Wix+Madefor+Display:wght@400..800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:9D:A0:A4:A4:3B:62:A3:D0:B3:63:4B:5B:C3:1D:9B:09:43:3C:91","sha256":"DB:10:40:08:19:EF:D7:9C:5F:11:BC:78:DC:9F:81:F3:9E:A7:30:2F:1F:06:C8:C4:A4:DD:BC:C3:27:6F:2A:AA"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Wix+Madefor+Display:wght@400..800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 27 Apr 2026 03:18:48 GMT\r\ndate: Mon, 27 Apr 2026 03:18:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6934,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"7c6e6bbfdc7fa0647815f6bd972fab44","sha1":"229a0ef47b3472a5976ab26838e49443595f5be7","sha256":"b734925b8aff57f4021f92c5f9e8777a25a63284cc878a3297a5dc0647eea857","sha512":"e07f0284a8a349baa3c9110d83b46776eec693d7023a01b172822cb7b1affa6bb878d43cb9428a526dedc8251cf8b30a5bae8221bb7245e7088c2ff3c994dcfe","ssdeep":"192:vywfydyGy63gy/yFVyR73xpmj3U8fHPqxPgcMzR:vtfcHjg8ciISVq","tlshash":"45e1eb91042f9104ea431dc627cf7f32ad8e52456082d6bdaffd2cc9acdad225268b4c","first_seen":"2026-02-04T18:27:51.259828Z","last_seen":"2026-04-27T03:19:17.725471Z","times_seen":8,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":167,"dns":1,"connect":15,"send":0,"wait":36,"receive":0,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/check-modal.css?v=1.0.0","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/check-modal.css?v=1.0.0 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: text/css\r\nContent-Length: 2745\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-ab9\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2745,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"54f4a60adb32a50732e44b2c4da98982","sha1":"c73325037961b46bc8ac8a78f87597efb8812945","sha256":"10e1e003a5f60b734647e552804de321c6bc71c8028aa7e43e84bb13d56db7c9","sha512":"4dd48a3d2af64075e1a7ccbc41fd4a897e3c8da11b13fc853563afa80334830c7cd1ea3947e47e550bb99a9dccef4d5c54552623ce9eb054ec32292d26f3ac75","ssdeep":"","tlshash":"99510122a2442228783791536dd14d9fbe56d157ef13df8cead3736c47d218949bb20c","first_seen":"2026-04-27T03:19:02.138868Z","last_seen":"2026-04-27T03:19:17.727048Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1011,"timings":{"blocked":469,"dns":0,"connect":47,"send":0,"wait":52,"receive":0,"ssl":437},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/trustcardlogo.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/trustcardlogo.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 190267\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-2e73b\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":190267,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1097 x 331, 8-bit/color RGBA, non-interlaced","md5":"c8201e05e40a9e2a44c596b782fa7596","sha1":"4dec417eeadadd0b846766736362c360b803a997","sha256":"6ecfb6ff56c63fdc9701c64663e04097c64fe5696bd60b92fd60ec05e3a6a4cd","sha512":"da8f6ea99fcdb0281def72a2457782bf19ac3fbc1c63b40ae580e11d08b1a55acdd135d8c2c61cfcd7e5214e6c2a53659fe99a582bc856944c8c121dba7314a2","ssdeep":"3072:MgL0RnhmW5BUckLACEiRgBEKor5vapkJiC2lrHvjh35gWHkmkxxZIiEdXbD3ATv/:M02nV5BFaACE/BEKor5vapkJJQHvPEmu","tlshash":"e90412a5b0ce61577f43e22f2ce939cf9e0cc382516c27840652c6e7c525eb25ba7a53","first_seen":"2026-03-22T14:36:25.546384Z","last_seen":"2026-04-27T03:19:17.728218Z","times_seen":7,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":772,"dns":0,"connect":0,"send":0,"wait":107,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/card-3.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/card-3.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 1144443\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-11767b\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1144443,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1536 x 1024, 8-bit/color RGB, non-interlaced","md5":"8d310f5bf4bdc983268bfc05df2a0ad3","sha1":"d1d0f19cf3c3abcffd116b0dae1b2b7765bedf40","sha256":"25e8c4a83ca1c4418b8e82cd11388f648d043fa43f5031aa0b9f2ddfeecc9f78","sha512":"61b37ac0217c17ca0be832ad29e88ab0682da2aa321463120c57c43ad979077e41a6015365755d8557bbfa71cd3e777f06c0f88b64d83db09c6339ee3b9346b7","ssdeep":"24576:5g4cb2dFAnHLvnr/RRPx0z2EGgAmlIb0wC5he:qyDAHLvnlRPSz2g5O+u","tlshash":"a8252366b383cfeccb67523962ba8e63326155e950f1d0fdc0b60448f1c9a68589772f","first_seen":"2026-03-30T08:11:40.809162Z","last_seen":"2026-04-27T03:19:17.728849Z","times_seen":4,"resource_available":false,"data":null}},"time_used":954,"timings":{"blocked":833,"dns":0,"connect":0,"send":0,"wait":48,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/instant-card.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/instant-card.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:49 GMT\r\nContent-Type: image/png\r\nContent-Length: 1650742\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-193036\"\r\nExpires: Thu, 07 May 2026 03:18:49 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1650742,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 806 x 1338, 8-bit/color RGBA, non-interlaced","md5":"fca893405a48d6f57c8aff7a8c33816e","sha1":"db936669ae46cca7ab3545332551a1a9efaf4c84","sha256":"2b09d8392e748a323ce92c0923f68fb42ad743bfdc623373ffc4b33928d60d5a","sha512":"4d3b80ca0c0dcb806e915485ef312176553f28184c7ba5f17bace2938c7abe486bf9a69f43b4781a864844019051972975117390fa5113d6d0ec6a78de1301e7","ssdeep":"24576:NNz3ydeVzvgtxtBgMfk4meaFjZ8f+1nu9rTEClRoX7mzdZINF:NNzideV+t6Mf3X21u5/RoLmz3E","tlshash":"7a253340158ea9d3dcd8fcd8f41404e688d0629ef1f6edeaa107d5ec5cdda46b85e22c","first_seen":"2026-03-30T08:11:40.810446Z","last_seen":"2026-04-27T03:19:17.729433Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1191,"timings":{"blocked":879,"dns":0,"connect":0,"send":0,"wait":74,"receive":238,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/images/walletconnect.svg","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/images/walletconnect.svg HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1416\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-588\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1416,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"edbde7e2121a5407ed0845d728eeb8c0","sha1":"c5cf4e392145e0705989aae06e6c7f333316faf4","sha256":"4dadad6e76efee1e1f5cde8643ecebced0ad41983977389f80fcb3270b4207f7","sha512":"bfe57866e8a9b3596695ccebddef9f2365530ef53dbb358fe1e3d7dd902e18323ef1ce2a56c3d86deae161f753f2313255e790e387fb4c044321eed8e28d2e14","ssdeep":"","tlshash":"a3216eb0abe5a3f73482f3d9c2b980b83c9e50f971e0a930c3468d9ad84e011fd924c4","first_seen":"2025-04-09T12:00:28.879582Z","last_seen":"2026-04-27T03:19:17.730172Z","times_seen":54,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":759,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/check.bundle.js?v=1.0.4","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/check.bundle.js?v=1.0.4 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-3fe956\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4188502,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2438)","md5":"5727926b69c7cbf91258bcc5ddb99a94","sha1":"287b30ecde9699c7c80e88bce7e7cf0b5365208a","sha256":"b443d000c3dc541a8853e3cb3eff56dde92ad364dcb84a7de6ba00910873adc3","sha512":"f048577d3cd7e417ae2eb8010b8053b68d80288a7140a1cca9e594e4da394807c5cea35a3e7967e9117afffaa4b2833c5fcd4e20b3296146c0c0fd6bcde63661","ssdeep":"6144:OUlqlSSSxtXjruwc0XV2vCRx7tblUb06QzEvV3NwKNbriDmB/5+Q/HSBgmBlvUAg:OURXvE2mQkBNiD0ymGdE0gP5","tlshash":"ab25174876c7b162479370f0163f640eb23d6a59d01c9684f29ce4e26ff99a9833bb74","first_seen":"2026-04-27T03:19:02.136255Z","last_seen":"2026-04-27T03:19:17.73072Z","times_seen":2,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":492,"dns":0,"connect":0,"send":0,"wait":64,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-27T03:18:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:47 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Encoding: gzip\r\nExpires: Mon, 27 Apr 2026 03:18:47 GMT\r\nSet-Cookie: _subid=1sjos4f8hhq; expires=Thu, 28 May 2026 03:18:47 GMT; path=/\n3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; expires=Tue, 28 Apr 2026 03:18:47 GMT; path=/\n_token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678; expires=Thu, 28 May 2026 03:18:47 GMT; path=/\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/7.4.33\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":54732,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (37679)","md5":"e4be895d4dd244d131e7d0c3240dc912","sha1":"762cd2a0febbb9abe70f7b740438c788478e65ec","sha256":"4b15ddb90f1ab723c04b30bc6b92ce9623c3c5484a3b18edcc8962128c976ec7","sha512":"1df277790c1b6a908af654fd8853bcbfb5283c4d8c38d40f9354b874bbabf5668b7a150dc22d2efea74e3eb1598b95c56fd9bf769ef7c33e297d7f3b6dfaf9a5","ssdeep":"768:8DbBjsiyvq4BDE0+bZr5p4fOD9Ypc69vCHZabp6w/B5HdacAuHQqevpQ5FpBZA05:AjbE+J5pEp7Tp30pQ5Fpc7HDQe7eKTQ","tlshash":"c433d9242151263b929347f8f2a6a776a1fa860bc727c44cf7ac41662fc7c9849237dd","first_seen":"2026-04-27T03:19:17.731394Z","last_seen":"2026-04-27T03:19:17.731394Z","times_seen":1,"resource_available":true,"data":null}},"time_used":399,"timings":{"blocked":150,"dns":0,"connect":47,"send":0,"wait":98,"receive":1,"ssl":100},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/images/directpayment.png","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/images/directpayment.png HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: image/png\r\nContent-Length: 1357214\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nConnection: keep-alive\r\nETag: \"69dd1da3-14b59e\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1357214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1536 x 1024, 8-bit/color RGB, non-interlaced","md5":"e110eb8c52d28fe6902921ac292bdbf3","sha1":"e8c65b506589b7c4cff7af99a21ce949dd906864","sha256":"4bf55493aabca2b1cce06d55265a4495bc3cdba828122700aee397dda10dfc21","sha512":"17b1e7e4bd22da55abf194c8da2b6c133719f17d05077184bb54fc2be90b57e4e1c536822d4cbff172a9d89f8f60a058ee85c282a92656071b84c6d2450162ad","ssdeep":"24576:otiD+rEG+b5T7Woota3IyciUE4gI2h+zOlQ/sbs6L1+Bh5EH:3+r94boE4sH9+7sFL6LM","tlshash":"792523ae78a94b76cfceadb2c8fe2dc64e9310443857268b31f105612ee7b34911b157","first_seen":"2026-03-30T08:11:40.811618Z","last_seen":"2026-04-27T03:19:17.732454Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":515,"dns":0,"connect":0,"send":0,"wait":251,"receive":327,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/w-modal.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/w-modal.js?v=1.0.5 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-9307\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37639,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (2304), with CRLF line terminators","md5":"eed7d4b80780bb8adee3cbc67d7f98ff","sha1":"20f450d0eaf88312c005763e9036aeed80a225a0","sha256":"5e0ebe3158a15aba5a5e00e9bb2327769203ed6c28b6fd7aca2155d7e05cadc4","sha512":"66c43c8d29392d3e8435d8273fa23c2653e3cf4a36d875f97195100121e59ba73c1b8c7430c41a01a765893f4f0b97b3c153ede123d688ba3f00fcbe7fd74d96","ssdeep":"384:yuWDxb0OzbJ3vF/ll0blqHuCUCaDr/S1ziayMkrN21GecFZPtDQseaTrHyhfdsG2:KV39Nl08O/CaDbS1/k97rShZFc/","tlshash":"acf286f02bec12b4853f434376592d74bb1114fa9ebabf4575fe1a828f96e0c412a4d2","first_seen":"2024-05-02T20:25:27Z","last_seen":"2026-04-30T11:03:38.160534Z","times_seen":168,"resource_available":true,"data":null}},"time_used":997,"timings":{"blocked":454,"dns":1,"connect":51,"send":0,"wait":53,"receive":0,"ssl":433},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}},{"url":{"schema":"https","addr":"trw-card.com/l/trust-en/assets/w-loader.js?v=1.0.5","fqdn":"trw-card.com","domain":"trw-card.com","tld":"com"},"ip":{"addr":"91.215.155.55","port":443,"asn":59729,"as":"Green Floid LLC","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trw-card.com/","date":"2026-04-27T03:18:48.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trw-card.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 13:20:53 GMT","end":"Fri, 10 Jul 2026 13:20:52 GMT"},"fingerprint":{"sha1":"30:72:8C:A5:12:26:41:C7:FE:0B:77:45:F6:4B:C3:AD:6B:F7:E3:25","sha256":"A1:1D:87:78:74:8F:17:A9:5C:67:70:44:E6:23:9D:5A:9D:BF:AB:5D:85:DA:3E:4E:2C:08:36:B7:69:EB:A2:1A"}}},"request":{"raw":"GET /l/trust-en/assets/w-loader.js?v=1.0.5 HTTP/1.1\r\nHost: trw-card.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trw-card.com/\r\nCookie: _subid=1sjos4f8hhq; 3d883=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkxN1wiOjE3NzcyNTk5Mjd9LFwiY2FtcGFpZ25zXCI6e1wiMjg3XCI6MTc3NzI1OTkyN30sXCJ0aW1lXCI6MTc3NzI1OTkyN30ifQ.v1Muo5qpBJvZ2mCl2AfXj1EqKhSZiXq1CE_QG8h9hBE; _token=uuid_1sjos4f8hhq_1sjos4f8hhq69eed597d2aa49.59165678\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 27 Apr 2026 03:18:48 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 13 Apr 2026 16:45:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69dd1da3-a2f4\"\r\nExpires: Thu, 07 May 2026 03:18:48 GMT\r\nCache-Control: max-age=864000\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41716,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2342), with CRLF line terminators","md5":"4b64ec349c7eeb4324f4e7c20eb7fc98","sha1":"c09046d05daa28ef73e4bf3b58bd6518ce98a271","sha256":"801d62fc02f89e7c1b414392e066dcda139ea3154cb3a48da721ff9a9df49f1f","sha512":"e92c61f409b0a56e41654c1f867089473bed649bf3a8d7167fd1a179993295863f20d0a63b20c5e2c20ba6ee55dab82802c06591cd39d188489a479deefc8b23","ssdeep":"768:sCoOXPhfU4Ui8YG7uOFQgauwF4ifTSQoc8S:SOXXwYG7XQTd4irgS","tlshash":"5b13b8f957a0a8f089a787d5aa131e09fa159c77c7624315f2bc274dbfd2e0cc806e91","first_seen":"2023-10-17T15:07:19Z","last_seen":"2026-04-30T11:09:43.726827Z","times_seen":365,"resource_available":true,"data":null}},"time_used":993,"timings":{"blocked":454,"dns":1,"connect":51,"send":0,"wait":50,"receive":0,"ssl":430},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fraudulent Crypto Site","verdict":"scam","severity":"medium","comment":"","tags":["scam","fraud","crypto"],"meta":null}]}}]}