{"report_id":"25868863-24e3-49f8-910d-b122f1b781fe","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-06-02T08:56:58Z","url":{"schema":"http","addr":"trustwalat.com","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"final":{"url":{"schema":"https","addr":"trustwalat.com/","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"title":"Transfer Trust Wallet","dom":{"size":12017,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (405)","md5":"d5828947928f16b1f333c74585a1575f","sha1":"4aa1fe8ed9a5b0cc452222313cebe07ff0fc503c","sha256":"76ef6c6d783a95e63f7c817373cd64bb32407c506b38e910a7fb3b5e24d40d2d","sha512":"061b615f9b82d61233ad3ab75a3a91a4ac3addff5f9c95cf79934795ea4ad3cad3c0fad5a0daf8a8101dbc0aced4627eed26eebb45bf991e84312867c047d653","ssdeep":"192:3dbiHYDnWq8uuau9WCWaJOL4NemNtJL+6+DvC04P8gKMD/+vsmO+2+XnVFNsj2OJ:3dbiHYDnD5mB4vvF+Oow/Ln8ytKV","tlshash":"a742b9a2eaa31d1a7c1381a96b6332163274d007c109c92c7fec62758f86ddc6db775d","dom_hash":"domhash99c0dad91844a9124cbd5752c85cd551","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustwalat.com","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T08:56:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-02","alert":"Detects file containing Telegram Bot API","trigger":"trustwalat.com/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-31T22:42:17.707694Z","alert_count":0,"request_count":1,"received_data":761328,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":22021,"first_seen":"2014-03-01T07:08:08Z","last_seen":"2026-05-28T18:57:19.611913Z","alert_count":0,"request_count":1,"received_data":16948,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}]},{"fqdn":"trustwalat.com","ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"2026-05-25","domain_rank":0,"first_seen":"2026-06-02T08:52:20.96718Z","last_seen":"2026-06-02T08:52:20.96718Z","alert_count":4,"request_count":6,"received_data":45563,"sent_data":2601,"comment":"","tags":null,"fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"trustwalat.com/main.js","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"md5":"2c586f2e9884aa821cf4eef9f8b1c060","sha1":"1bb818642dc6fb5935087b8142bf9ee7ee7def98","sha256":"213b34903f5e69e4a195dad669e6b2ed0c4a0fb73132aa7c80382f37e07ad229","sha512":"a09c55c9d6c4bc07ce41d488d17d522dd8cde4f4c1a787ed7018c2d221823dfd8c30df057b644ee1e5896c369ddacdfec34933b39d5b5159831d2f2c3f753908","size":13650,"token":"8687611643:AAEcfatCjQfxHIK4fjqhvYETMrOIjKnRqRg","is_revoked":false,"bot":{"token":"8687611643:AAEcfatCjQfxHIK4fjqhvYETMrOIjKnRqRg","user_id":"8687611643","username":"egleusdtrecnetlifybot","first_name":"USDT REC Egle","last_name":"","chat":{"chat_id":"","title":"","type":"","bot_is":"","total_users":0,"active_members":null,"admins":null},"pending_messages":1}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"trustwalat.com/main.js","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c586f2e9884aa821cf4eef9f8b1c060","sha1":"1bb818642dc6fb5935087b8142bf9ee7ee7def98","sha256":"213b34903f5e69e4a195dad669e6b2ed0c4a0fb73132aa7c80382f37e07ad229","sha512":"a09c55c9d6c4bc07ce41d488d17d522dd8cde4f4c1a787ed7018c2d221823dfd8c30df057b644ee1e5896c369ddacdfec34933b39d5b5159831d2f2c3f753908","ssdeep":"192:WkH/+C1CRkCcZVggWmhnfrg4pDkI7LhUMeJHDbZiPkMoT/J3wp/+/Vy2nt:1HI65x57Gyko/aTt","tlshash":"0452b5be1226b060897ba3766f932011f223612b7600d69636fec3111f76c5599e7fec","size":13650,"data":"","first_seen":"2026-06-02T08:52:30.383099Z","last_seen":"2026-06-02T08:57:02.286713Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-02","alert":"Detects file containing Telegram Bot API","trigger":"trustwalat.com/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/config.js","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"17fe813fc72d7059c052f498e961ddbe","sha1":"7f3c32b3edd85fda58d01d66689791ea5c60e7b5","sha256":"9bda84d495debd49f4b3a0a4c628465a548712572b9f8bb1dc48a9fe9a2e52c0","sha512":"74e263a0d2b95db15c3f7ed9f54561f21b24a2bafe3cc7c65bc3347f0fbccd93ac7fa5b3fee712c0f11ce1ed421400a4c63bbbf556cb6e3e207a607fda6e8208","ssdeep":"","tlshash":"8911329a1b39b24324370053ab5ff029eb93c2bb76054012351edb852bb4ea148bf4cf","size":1063,"data":"","first_seen":"2026-06-02T08:52:30.380196Z","last_seen":"2026-06-02T08:57:02.288591Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4436be55e435cdb4ce98fb721a4df4b1","sha1":"80be671b3a4a1cf8a12217a5ff787935373605df","sha256":"b420646d06a9bb2ebfd720cd33e1f35f7b7fd470a7d59b08f5271183ccded372","sha512":"c31b409f5eb10c447d267733eeecaa909e0c4ed2b17a46f7d81d1105edfbed7a0e574c32627768d5c01f93bb0f5d98a9c2829aef5c949ed3530558bb845cad1f","ssdeep":"","tlshash":"06c012597020696604ce787d4ccf088ebe269412a20849c99ddcd8547fb2e6c42e484c","size":192,"data":"","first_seen":"2025-09-07T13:20:24.46413Z","last_seen":"2026-06-07T04:15:54.83152Z","times_seen":94,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e8c0dce711e213213b93d656c5c97cf3","sha1":"6950f08b9899e28de1004a31cf19901df19489d9","sha256":"0fcf9c82472ba489d9e356bc563a05efb9e8b1f5d4a76c8bc404acf66303936b","sha512":"165003136aa761208314a8bae62ca158a91d540cb87841d556e06df0fcbb16af4055b38f2740628e3d8da6b125be9ef8b08fbd914a7d1560b17af7a4d003123d","ssdeep":"","tlshash":"b7c08ca800253550baaaa047254d330af0e4163a294f5c183091402a180290e18d88df","size":150,"data":"","first_seen":"2026-05-30T03:57:33.454813Z","last_seen":"2026-06-07T04:15:21.155688Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","size":760171,"data":"","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-06-07T17:24:54.969191Z","times_seen":3576,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"07b0fde5f6b5652ba729f92699a87bd1","sha1":"ec3e4ac2e95096143f220e4a46d0a485984ef88b","sha256":"f1e1a03fa15372f043a55627c1f8cf52f1a9273ef4b7bec3d9c26eec9fdb9548","sha512":"18672ac94ebe21fa4925d66410fe722c623ebd0fd48e9718fe0d24fd850fd885d6ffeb4838aa03e6119c70ad08b91447b8802bee4b40db567afa6ff267f75938","ssdeep":"","tlshash":"c6d023a41558f894be7ea01b173d754df050533b3c4b6c983475913e6d0650d04ed4eb","size":232,"data":"","first_seen":"2026-06-02T08:52:30.411817Z","last_seen":"2026-06-02T08:57:02.295304Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwalat.com/","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T08:56:36.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 25 May 2026 17:29:31 GMT\r\netag: \"3068-652a7b8b1ed5d-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3322\r\ncontent-type: text/html\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12392,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (405), with CRLF line terminators","md5":"7690a1a80be5f1434570f9510ddb8469","sha1":"50d78bff2d93584011f29798b680d09f37b87ae1","sha256":"0543f933dfe77d1bd6175664d925e1fdc64a3b63ee0aa154a3d3af8a5b301c7f","sha512":"19a53a00f68ee454e105291925645fdab6e9533a6305a642b0c069f1279962d2f18f5c00a05a73cdd461cb21c4bb77b93dd8c9fbab48de2e8aeceae86ced548f","ssdeep":"192:hqUILy+buuqwtSnQzwSAkoR/LUMPJZN+VTwjupUeDEy:BeH7oR/LjKqe4y","tlshash":"35429621e6846d0a7833c3a9aba37255f665d003c305052cbfec62634fb5d58ae73e99","first_seen":"2026-06-02T08:52:30.385322Z","last_seen":"2026-06-02T08:57:02.283137Z","times_seen":2,"resource_available":true,"data":null}},"time_used":715,"timings":{"blocked":287,"dns":0,"connect":140,"send":0,"wait":142,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.524Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/ethers@5.7.2/dist/ethers.umd.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 168432\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.7.2\r\nx-jsd-version-type: version\r\netag: W/\"b996b-tlFUVYf2JXNF3D3p3apESxDe3z4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220026-FRA, cache-bma-essb1270058-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 1465249\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IwNVFP1oU5v8s%2B6qqfTun1nMC%2BP9yj%2FUz011h5IK9EA%2BcrEsYMAqHiPOXY6i%2FIW3uCsGTxWLVs4jjVpgBuOGHHWI7BtEjQx2c7sS8BLtmbxZ6jpbd8%2FfLj3CpyCVt37SUtg%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a0553ef29ad32efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":760171,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-06-07T17:24:54.969191Z","times_seen":3576,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":7,"dns":0,"connect":1,"send":0,"wait":7,"receive":7,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/main.js","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 25 May 2026 17:29:31 GMT\r\netag: \"3556-652a7b8b1f145-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3910\r\ncontent-type: text/javascript\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":13654,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators","md5":"2c586f2e9884aa821cf4eef9f8b1c060","sha1":"1bb818642dc6fb5935087b8142bf9ee7ee7def98","sha256":"213b34903f5e69e4a195dad669e6b2ed0c4a0fb73132aa7c80382f37e07ad229","sha512":"a09c55c9d6c4bc07ce41d488d17d522dd8cde4f4c1a787ed7018c2d221823dfd8c30df057b644ee1e5896c369ddacdfec34933b39d5b5159831d2f2c3f753908","ssdeep":"192:WkH/+C1CRkCcZVggWmhnfrg4pDkI7LhUMeJHDbZiPkMoT/J3wp/+/Vy2nt:1HI65x57Gyko/aTt","tlshash":"0452b5be1226b060897ba3766f932011f223612b7600d69636fec3111f76c5599e7fec","first_seen":"2026-06-02T08:52:30.383099Z","last_seen":"2026-06-02T08:57:02.286713Z","times_seen":2,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-02","alert":"Detects file containing Telegram Bot API","trigger":"trustwalat.com/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"trustwalat.com/config.js","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET /config.js HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 25 May 2026 17:29:31 GMT\r\netag: \"427-652a7b8b1ed5d-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 700\r\ncontent-type: text/javascript\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1063,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"17fe813fc72d7059c052f498e961ddbe","sha1":"7f3c32b3edd85fda58d01d66689791ea5c60e7b5","sha256":"9bda84d495debd49f4b3a0a4c628465a548712572b9f8bb1dc48a9fe9a2e52c0","sha512":"74e263a0d2b95db15c3f7ed9f54561f21b24a2bafe3cc7c65bc3347f0fbccd93ac7fa5b3fee712c0f11ce1ed421400a4c63bbbf556cb6e3e207a607fda6e8208","ssdeep":"","tlshash":"8911329a1b39b24324370053ab5ff029eb93c2bb76054012351edb852bb4ea148bf4cf","first_seen":"2026-06-02T08:52:30.380196Z","last_seen":"2026-06-02T08:57:02.288591Z","times_seen":2,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"trustwalat.com/style.css","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 25 May 2026 17:29:31 GMT\r\netag: \"4049-652a7b8b1f52d-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3649\r\ncontent-type: text/css\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"e2d78f35bef2e381a20eca3d4b3835d1","sha1":"15a1a7929d7eb3616a1abd6e0f2314d0efb65c88","sha256":"916e013e4a2dd9af3ea860f7ed871060bc1c92cd5dabfa940e7135b0fbbd9fa0","sha512":"53bdef4c790f0e232d080099dce5e70210226e0da926a9aec90ac26501a8636e527ed7360381203abaa87383a85556c934c4b7785f2aa6417ab2f8cf62588868","ssdeep":"192:kAfP5BgAgAfP5BgAjBAuiDb1LKquuMU7sN1OwSHsfjkEHO208PMeDQWAw6qx7I7:/BgADBgAZFOZK5e","tlshash":"98722f18960294026f338ffab3d5a60afb2b50abcf22a1bdb7c451058ff557459c1e8d","first_seen":"2026-05-30T03:57:33.445911Z","last_seen":"2026-06-07T04:15:21.149944Z","times_seen":5,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/trustwallet/assets/master/blockchains/smartchain/info/logo.png","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Apr 2026 23:32:36 GMT","end":"Sun, 05 Jul 2026 23:32:35 GMT"},"fingerprint":{"sha1":"18:DE:96:E8:3D:99:B2:8A:0C:D1:0C:48:78:BD:6A:14:6A:05:25:60","sha256":"EA:69:BC:71:1C:B9:D4:56:98:D2:FD:AA:48:54:D7:DC:08:6A:CD:3A:9C:35:01:64:90:9B:68:8A:C7:C0:63:1F"}}},"request":{"raw":"GET /trustwallet/assets/master/blockchains/smartchain/info/logo.png HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: image/png\r\netag: W/\"52f6fec2dbf03cd1bc0fc03d7f7487a066ed9c79f3a398b20778525c12538c43\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: C33C:1CE929:13F2758:1658A8A:6A0E5957\r\naccept-ranges: bytes\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1780390598.816414,VS0,VE116\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: e5742a88e84f019a7df6252eb945162fb8cfd7c8\r\nexpires: Tue, 02 Jun 2026 09:01:37 GMT\r\nsource-age: 0\r\ncontent-length: 16072\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":16072,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"b685ee1d30b1839ccad4ff935dfabb80","sha1":"5e99d70714f82050628a77ffa70e33b3e3e5a525","sha256":"1ceadd0447350643dd0828120b3768ffad23c857d3e127a730217a3a1a03dbcc","sha512":"9336a8d98d908ecc428ddf6df7f1f0ed390c363d86516dbf0cf1e495dd5a3a0ba1c1b62aff24b9c16b4ec5242d13506f96e4f7b41cc7418c47a90eb868afde8b","ssdeep":"384:Pud+rnfFHHhR0k7iJ7rE4ibIwlAnX2fuFEk9JEiL7S:G8rhHhRTSrEtbIQAX2GPLe","tlshash":"ef72d150d9f1bef0dc281763e27440b2c87b92a1a678d06a2d1b4f7c5fdb95e40ac4a5","first_seen":"2023-05-25T12:06:14Z","last_seen":"2026-06-07T04:15:21.147852Z","times_seen":193,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":36,"dns":1,"connect":13,"send":0,"wait":129,"receive":2,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/favicon.ico","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 261\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":261,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"23305dd95d268460599c4e7ebce68749","sha1":"8fae7f8046d2f2ef0380e5d36949d2acfdd607c6","sha256":"db69d47857462ff7e77333453354ff9a9e7c7fcf8716e88b206aa8f1663d0a03","sha512":"29739eec642c92ac1ee35b226c4f915bd5f55603b016eb5bbffaa4e1b70108e4e1059e7fdbb184f98cc4a31373b74b3e239825fab9c98a4ef8e5d19e3418a6d3","ssdeep":"","tlshash":"8bd02e9e9083239b0922259039c611c2228812eab83a86e82d86e887525863dcc9a28d","first_seen":"2026-06-02T08:52:30.404627Z","last_seen":"2026-06-02T08:57:02.29188Z","times_seen":2,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwalat.com/favicon.ico","fqdn":"trustwalat.com","domain":"trustwalat.com","tld":"com"},"ip":{"addr":"147.93.108.53","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwalat.com/","date":"2026-06-02T08:56:37.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustwalat.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 16:34:30 GMT","end":"Sun, 23 Aug 2026 16:34:29 GMT"},"fingerprint":{"sha1":"CC:25:04:84:B5:98:19:5B:99:7C:5F:63:E3:5F:E9:E5:1B:B4:7E:30","sha256":"E2:70:FE:D9:3A:7F:09:74:31:82:76:DC:81:4B:6A:BE:94:70:77:70:07:64:06:C6:47:1A:76:22:D7:AB:5A:B8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustwalat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwalat.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 261\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Tue, 02 Jun 2026 08:56:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":261,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"23305dd95d268460599c4e7ebce68749","sha1":"8fae7f8046d2f2ef0380e5d36949d2acfdd607c6","sha256":"db69d47857462ff7e77333453354ff9a9e7c7fcf8716e88b206aa8f1663d0a03","sha512":"29739eec642c92ac1ee35b226c4f915bd5f55603b016eb5bbffaa4e1b70108e4e1059e7fdbb184f98cc4a31373b74b3e239825fab9c98a4ef8e5d19e3418a6d3","ssdeep":"","tlshash":"8bd02e9e9083239b0922259039c611c2228812eab83a86e82d86e887525863dcc9a28d","first_seen":"2026-06-02T08:52:30.404627Z","last_seen":"2026-06-02T08:57:02.29188Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}