{"report_id":"6990b817-9020-4f80-bba6-2cd6b1eabbdd","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-04T18:17:47Z","url":{"schema":"http","addr":"v.gettrustpayment.live","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":0,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"final":{"url":{"schema":"https","addr":"v.gettrustpayment.live/","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"title":"Trust Wallet","dom":{"size":149436,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (30757)","md5":"9d599ab2285c608aed8329fb929774bf","sha1":"8070fe695d961a1c476c2497323c06e19fa1ead5","sha256":"09f4e6b90d4bb90df10c93bf9016cbe232c3b0b2e01e21826846c81c7f425c56","sha512":"9a4e47146bf8bd427f67d45e9036a81699f6ef4987b098a035f71bd1a8657b8f97a9ed2f5039d893b5202a5938ea1217e28d4ceff05ab6f35b6c56040e49f8f2","ssdeep":"1536:tXgI8bVIMqcN+IWI7YCYWQMqcN+IWI7YCYWPP2M:twI8D+m++B","tlshash":"97e32145ae86c017ba67812e2bd5f30432f9e007ecb79d58b99cd0808fc7d5d39a93a5","dom_hash":"domhash8ba13c274fb6115545c9eac4fab69c65","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"v.gettrustpayment.live","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":0,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-09T18:17:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":2,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-04T18:17:25Z","timestamp":1775326645,"ip_dst":{"addr":"173.244.207.30","port":443,"asn":13213,"as":"UK-2 Limited","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":59408,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com)","source":"{\"timestamp\":\"2026-04-04T18:17:25.798832+0000\",\"flow_id\":210283036756554,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":59408,\"dest_ip\":\"173.244.207.30\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058825,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"rpc.ankr.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":914,\"bytes_toclient\":1584,\"start\":\"2026-04-04T18:17:25.739914+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-04T18:17:25Z","timestamp":1775326645,"ip_dst":{"addr":"173.244.207.30","port":443,"asn":13213,"as":"UK-2 Limited","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":59418,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com)","source":"{\"timestamp\":\"2026-04-04T18:17:25.803695+0000\",\"flow_id\":1107750812994264,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":59418,\"dest_ip\":\"173.244.207.30\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058825,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"rpc.ankr.com\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1584,\"start\":\"2026-04-04T18:17:25.740056+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-04","alert":"Detects file containing Telegram Bot API","trigger":"v.gettrustpayment.live/scripts/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-29T22:35:00.993215Z","alert_count":0,"request_count":4,"received_data":2315196,"sent_data":1780,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-03-29T23:04:54.250741Z","alert_count":0,"request_count":2,"received_data":146906,"sent_data":870,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"v.gettrustpayment.live","ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-04T18:17:51.95612Z","last_seen":"2026-04-04T18:17:51.95612Z","alert_count":2,"request_count":11,"received_data":4025605,"sent_data":5014,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Axios:1.2.2","description":"Promise based HTTP client for the browser and node.js","website":"https://github.com/axios/axios","common_platform_enumeration":"","icon":"Axios.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-29T22:16:18.281815Z","alert_count":0,"request_count":2,"received_data":87940,"sent_data":1114,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-29T22:20:07.848058Z","alert_count":0,"request_count":2,"received_data":25708,"sent_data":955,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"rpc.ankr.com","ip":{"addr":"173.244.207.30","port":443,"asn":13213,"as":"UK-2 Limited","country":"Germany","country_code":"DE"},"domain_registered":"2007-04-23","domain_rank":541361,"first_seen":"2021-10-24T12:41:06Z","last_seen":"2026-04-02T18:50:04.030562Z","alert_count":0,"request_count":2,"received_data":1356,"sent_data":1164,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-03-29T23:54:08.408227Z","alert_count":0,"request_count":1,"received_data":32006,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"v.gettrustpayment.live/","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-07T21:37:32.816151Z","times_seen":603391,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","size":760171,"data":"","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-04-07T16:50:46.485219Z","times_seen":3114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ua-parser-js@1.0.33/src/ua-parser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f5dee1db90006370bfad15f1c6433f1","sha1":"aa3a087e6bee3dea9dc72df19744181649f40014","sha256":"0708d17e2795584e55ffe69838b2163d73ccf2f05cc177653b3884d6a7cff51e","sha512":"2187507129a58026e0443cdc57570b689626525c9cfdc123a5ef05ad2c39882aba2ecdb9c2e4b1d45165b02db0d6ec2f61786df208a46904487c987458ccf79e","ssdeep":"384:veSussfhlSg15+2rRSLkdAhYStQfdjpTJuU3ZGUshwzVXQd6VkedjyABx:G0Lk5/RSgd4YStQRpTJuU3ZGUshwzVSG","tlshash":"4862743fd295ff3c57dce908e77946442f0b6d2aca8860f499d092627cb86da0046777","size":15920,"data":"","first_seen":"2025-06-24T09:26:28.558042Z","last_seen":"2026-04-05T11:05:10.851923Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/ABI.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"e02bfe09ad56c856c4138a07bfc66853","sha1":"4581b906d58789491e062ee1da0dedb9d78531f1","sha256":"2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7","sha512":"bbdcfcabb87a7d0efb26313ac228390dc1ca1ee9bae3803a4ef5de8913c9542c6ba26b279664a4783a7fa90324e89ce1bacf302e43b1b30a81c71bc8d1937a66","ssdeep":"96:nAWQ9AJVRXLPuejeN+WSUTyMPNJAB8AAAXQThRovQTiFRbpqg8hLU17hLBGTl1Xk:AWZdXAh95ov","tlshash":"1e520797321fad6f48882ba941f28788b5a9d1e7d1cdcc82284c8e32c7dd955c46e35f","size":13514,"data":"","first_seen":"2023-03-09T08:50:45Z","last_seen":"2026-04-05T11:05:10.85806Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/seaport.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e22d0c14f5be54af448df7ea306f55c","sha1":"9f93d601d838288124f6f2e48d5f3d7819c347a6","sha256":"b6654d21661d0e082cbe1eddcd03e3be37520016b7cd1efc277d3d9539e200e2","sha512":"22a057e56f955edb8c5dfbd1ac1877290c2a19ba7630d5c523eab67fdba0ddd9c706ea034943d90b047cb1c0b90ef74914d9d4484c5cc6b015d189355b8afbfa","ssdeep":"12288:s7oofGHBQKEJ1NL/w0SPzmigdlpNhny1Bnh/R1vyp7Y9gEziBx4x8tgz065Gxw8B:FDHBfEbNL40BoRpWT20ZNbAOH","tlshash":"6c95b449abf760619617707c4b6fa005b638d4174488dd64be8cd3a0af9583887fafec","size":2054903,"data":"","first_seen":"2026-03-07T01:02:17.390377Z","last_seen":"2026-04-05T11:05:10.867127Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"6db1d946a72e8c64c0eec6496a9c7444","sha1":"2d063db5a413117b217190b903b2b13573195042","sha256":"bee355309770779a5e7b444f0f4e9c6a410b3dd2d38b4e3466cbef0542849f67","sha512":"791bff9bc922065b40bc50b7afbc6527ae9c60af089d14c79ba2e634b9947081de160ce05110df5031bb4a3d0714162a0371c22ab41e9a66c7b56bfdc4dd99fb","ssdeep":"","tlshash":"f711ac0b088378ba03e6607ee73b7d1a321910072850c4033f4c81485fe48392fb6f8c","size":912,"data":"","first_seen":"2026-04-02T03:19:54.811112Z","last_seen":"2026-04-05T11:05:10.86779Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"541e80b5bc224cfe384a99836e5062ec","sha1":"7da81d6d0701e3a6ff598a8e1af6f554976a70ca","sha256":"670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a","sha512":"8f1c1309b2c99973e7576efb0af02301c5808d4473a5ea619347f49ceda5c2cbdca0332a05dcb5ae1d631305964da6d7d7e1ab7668fd185020b4ddb6ceb57429","ssdeep":"1536:fDFXTPlYFbED7yZxg6V4wMSzy7JyeuoJlQ5uCe/ZiE99WjNBsgGC3W/cL3JaQ47x:iDt1oJlQ5cwbGaJaQ47GKN","tlshash":"4a6308dd72c6b07257a770b9007f600bf136199a6c4e4410f129e8e9bc78a4a827bf7d","size":72818,"data":"","first_seen":"2023-03-12T21:51:55Z","last_seen":"2026-04-07T16:24:18.197181Z","times_seen":865,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/web3@1.8.1/dist/web3.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7406458ff35f927bd90f7983b6e344db","sha1":"230a590c1c1aacc369465645b62b70643d68c5ea","sha256":"71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8","sha512":"bed50e0b460868d9bf52eb54ef27e7c2a9c5f4b3989d7b691deda4c22d67bc9365a1e190ba770d06210a3ffdd6c370fad9448085b5c6b27629018a220ec6bec0","ssdeep":"12288:qTl6yDJDY2BYfdDZ3amsRMIWeLkV5niUjamsQHeB:qTl1B4DZ3DIWYkV1jhu","tlshash":"d565fbc47691b091c3a36aa1402f900be33efd682c4c4169b757ecf71cb9a995527f3a","size":1455961,"data":"","first_seen":"2023-04-06T20:37:25Z","last_seen":"2026-04-05T11:05:10.869882Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/axios@1.2.2/dist/axios.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c68d87ae776cca50ba5f38e07b73717d","sha1":"547505afc711bba4c5d4fc2fdf1c3236b9456c07","sha256":"788113ee18acbedd4dd5c4cb8b1d134c50d05fb7e6c7449741f5f902f0dda741","sha512":"4139dbf414241b87c1608b7d246bd89b13e977a4c178aa7a96c52bb62550b2b27db1bdf7067f6cd303103bda950456cf5f7c47440b011ef5e572cae72631318e","ssdeep":"768:KCDYsInWThrul/MzFzBSQcFAm+KuzilN+afgb8Hph:3IGF1SDJ+Te+QHj","tlshash":"4fe209c8bad1b072936771b5406f150bf23ab966a48d8490f120ece67cb850e9767f7c","size":31153,"data":"","first_seen":"2023-03-12T10:34:08Z","last_seen":"2026-04-05T11:05:10.862219Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8f033d3c7a50e4abe3d98ac65234d13","sha1":"caf431ea6dc8567be010d07f4f7d5798163821de","sha256":"7506c8f4d85e4707ab46f9858f0c6e65e3316b9d2f122dcf485b9dbf39d5a7ac","sha512":"ecad9d89ce602e5121c97135933a33122f0d9b32c15b43949d5fbe51fe576da069e9a416772117eb4666d8354b685046c0d7a3e086f669fffa488e2f05ff0ba3","ssdeep":"1536:iw46xylPIZSKcO355lcVU/SZ2DUdzI8bRj:PxYIvTlcVU/62mI8d","tlshash":"e173f8916a00f03776bb45ae65d1e7047ae99405fcb34894f42cc8804fe7d4f26b7aba","size":79991,"data":"","first_seen":"2026-03-20T09:57:21.567576Z","last_seen":"2026-04-07T21:23:48.944588Z","times_seen":648,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/ethereumjs-tx-1.3.3.min.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca1104de538caea2d54265fbe90916b4","sha1":"d6c416e5d153f500f7ac66d25a2b73db45867ad4","sha256":"10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0","sha512":"51fe1c1b91913f9108019b1d18ca38593175cbc827ee159e2942d62b2a9825317642833f17c2526ce292d9623e394cce1a750d9c6246c7eb201a57b15c8d8bc4","ssdeep":"3072:3dpgpHu8o3GVhW8Jg5bGpLsev6ns9oq1CfdfDWp1WrB33NjbLytdJ7bt3r:3fGVL2CNvms/CfdS1Dr","tlshash":"a6640989fba07052435671a5062f644fb67af92d5949006cf254e8fb3cf89c8a63bf34","size":323051,"data":"","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-05T11:05:10.857489Z","times_seen":2021,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"541e80b5bc224cfe384a99836e5062ec","sha1":"7da81d6d0701e3a6ff598a8e1af6f554976a70ca","sha256":"670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a","sha512":"8f1c1309b2c99973e7576efb0af02301c5808d4473a5ea619347f49ceda5c2cbdca0332a05dcb5ae1d631305964da6d7d7e1ab7668fd185020b4ddb6ceb57429","ssdeep":"1536:fDFXTPlYFbED7yZxg6V4wMSzy7JyeuoJlQ5uCe/ZiE99WjNBsgGC3W/cL3JaQ47x:iDt1oJlQ5cwbGaJaQ47GKN","tlshash":"4a6308dd72c6b07257a770b9007f600bf136199a6c4e4410f129e8e9bc78a4a827bf7d","size":72818,"data":"","first_seen":"2023-03-12T21:51:55Z","last_seen":"2026-04-07T16:24:18.197181Z","times_seen":865,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":true,"md5":"638f2fa82197eca995c38b60a16d077d","sha1":"d5ee251933328b564877a9a6d4cf25133c065747","sha256":"f7853264ce7327d4178382717736a417b83aedea347291de17a308a08610a9f5","sha512":"fd8afe8249825c61196e64e807cdaa73d3a50a018c8b9613bec422c2a94ddcd32d9b304c067af83ef855c0103e926b86eff0a978f8825021d31d53baf7d25052","ssdeep":"","tlshash":"6e119e7d0193583947abac172a8f57403eb0a0472101e4433c6c96efcf959989639fdd","size":992,"data":"","first_seen":"2026-04-02T03:19:54.812441Z","last_seen":"2026-04-05T11:05:10.868416Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/main.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"introduction_type":"scriptElement","is_inline":false,"md5":"be74d30d53f8d4b554b04d368560d5c5","sha1":"635bd00872b531516f858786948a84020c969ba9","sha256":"366796a91dea65f808b6b920109d5974a253f9d2f74e72f735bfcfbaf06c5c5d","sha512":"3abdcb2c176cfaa21a2e68110e690bc795220e74d13567bac9ea62245fdc1149b0274206aa76991a229da39f20569ad8ea780acf6ae831403bfc2b12dbc392a6","ssdeep":"768:NV4Bs/PZKrzyqG4M6KbU3og5fDoR11JmsEmzu9:NVYsk/yJU3doR118sEmS9","tlshash":"414309f014f72025411b385ace5f74093425716baa8cd9a87aec97e1afcb429c5e3bcd","size":58994,"data":"","first_seen":"2026-04-04T18:14:10.982439Z","last_seen":"2026-04-04T18:18:47.579048Z","times_seen":11,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-04","alert":"Detects file containing Telegram Bot API","trigger":"v.gettrustpayment.live/scripts/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/web3@1.8.1/dist/web3.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/web3@1.8.1/dist/web3.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 1.8.1\r\nx-jsd-version-type: version\r\netag: W/\"163759-IwpZDBwarMNpRlZFtitwZD1oxeo\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\nage: 242817\r\nx-served-by: cache-fra-eddf8230031-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 306652\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1455961,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64083)","md5":"aa213ea6a5c23384afc506993a4a769d","sha1":"0a53e8300ee7f9785158be2378e96a63a750e6af","sha256":"c6ac604a8e4068f4712de65915f11c269191d40d5edc17263dd6d2eb0d5d7913","sha512":"2b33ebe2664052f668a7cdc6b78bf2dfc7592ae542351cf3d582739345aaa346b00eb494c5604de5d1c9766f926cd94ad238af54b1efb3b93c1476650d0c245c","ssdeep":"6144:fky3E6vdg3nvC2xj7z03o6yDJD8hv5UrHnP5XJE1iOBDhHkXAZ3CNvmskkE3I5kB:qTl6yDJDY2BYfdDZ3amsRMIWeLkj","tlshash":"3f251ac47691b0a183a361e5406f500fe33abd692c4c4168f754fcf62cb9a99562bf3e","first_seen":"2025-08-02T03:11:59.489425Z","last_seen":"2026-04-05T11:05:10.85652Z","times_seen":77,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":45,"dns":1,"connect":13,"send":0,"wait":15,"receive":54,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.3.slim.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-11c72\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:25 GMT\r\nage: 1154338\r\nx-served-by: cache-lga21925-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1219, 913\r\nx-timer: S1775326646.616730,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 24764\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72818,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65241)","md5":"541e80b5bc224cfe384a99836e5062ec","sha1":"7da81d6d0701e3a6ff598a8e1af6f554976a70ca","sha256":"670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a","sha512":"8f1c1309b2c99973e7576efb0af02301c5808d4473a5ea619347f49ceda5c2cbdca0332a05dcb5ae1d631305964da6d7d7e1ab7668fd185020b4ddb6ceb57429","ssdeep":"1536:fDFXTPlYFbED7yZxg6V4wMSzy7JyeuoJlQ5uCe/ZiE99WjNBsgGC3W/cL3JaQ47x:iDt1oJlQ5cwbGaJaQ47GKN","tlshash":"4a6308dd72c6b07257a770b9007f600bf136199a6c4e4410f129e8e9bc78a4a827bf7d","first_seen":"2023-03-12T21:51:55Z","last_seen":"2026-04-07T16:24:18.197181Z","times_seen":865,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/assets/_next/static/media/f_c9a03fb2.svg","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /assets/_next/static/media/f_c9a03fb2.svg HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:25 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 854\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:33:45 GMT\r\nETag: W/\"356-19d598ed148\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":854,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1a2ea22e9e3715f46aa10c5d5d515802","sha1":"8a1c176baabdea1858dbbfa49ebdd2bd08e84fa7","sha256":"c3729a732e44aec8b096f4b888d211efe395566452e3eccc7c6743467158b148","sha512":"150f8e44dbc8627b7a6b06b4098facabd4465b6bbd4279a7fe8a15cce065607bc65e3787d6497a530b9defe1c8c79d105dfc87549b47d7ed230d91c07f997038","ssdeep":"","tlshash":"4a0108268798e62bed5ed20ed058e420312650e76bc8c245f2be9f4f5f145864c477d9","first_seen":"2024-01-20T14:08:29Z","last_seen":"2026-04-07T13:57:40.525266Z","times_seen":153,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://v.gettrustpayment.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 75242\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-07T21:37:11.996152Z","times_seen":68178,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":70,"dns":1,"connect":9,"send":0,"wait":8,"receive":4,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/sweetalert2@11","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/sweetalert2@11 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 11.26.24\r\nx-jsd-version-type: version\r\netag: W/\"13877-yvQx6m3IVnvgENB/T31XmBY4Id4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\nage: 22885\r\nx-served-by: cache-fra-eddf8230135-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 21418\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79991,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (49001)","md5":"e8f033d3c7a50e4abe3d98ac65234d13","sha1":"caf431ea6dc8567be010d07f4f7d5798163821de","sha256":"7506c8f4d85e4707ab46f9858f0c6e65e3316b9d2f122dcf485b9dbf39d5a7ac","sha512":"ecad9d89ce602e5121c97135933a33122f0d9b32c15b43949d5fbe51fe576da069e9a416772117eb4666d8354b685046c0d7a3e086f669fffa488e2f05ff0ba3","ssdeep":"1536:iw46xylPIZSKcO355lcVU/SZ2DUdzI8bRj:PxYIvTlcVU/62mI8d","tlshash":"e173f8916a00f03776bb45ae65d1e7047ae99405fcb34894f42cc8804fe7d4f26b7aba","first_seen":"2026-03-20T09:57:21.567576Z","last_seen":"2026-04-07T21:23:48.944588Z","times_seen":648,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":58,"dns":1,"connect":26,"send":0,"wait":33,"receive":13,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.3.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.6.3.slim.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-11c72\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\nage: 1154337\r\nx-served-by: cache-lga21925-LGA, cache-hel1410034-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1219, 912\r\nx-timer: S1775326645.969444,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 24764\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72818,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65241)","md5":"541e80b5bc224cfe384a99836e5062ec","sha1":"7da81d6d0701e3a6ff598a8e1af6f554976a70ca","sha256":"670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a","sha512":"8f1c1309b2c99973e7576efb0af02301c5808d4473a5ea619347f49ceda5c2cbdca0332a05dcb5ae1d631305964da6d7d7e1ab7668fd185020b4ddb6ceb57429","ssdeep":"1536:fDFXTPlYFbED7yZxg6V4wMSzy7JyeuoJlQ5uCe/ZiE99WjNBsgGC3W/cL3JaQ47x:iDt1oJlQ5cwbGaJaQ47GKN","tlshash":"4a6308dd72c6b07257a770b9007f600bf136199a6c4e4410f129e8e9bc78a4a827bf7d","first_seen":"2023-03-12T21:51:55Z","last_seen":"2026-04-07T16:24:18.197181Z","times_seen":865,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":126,"dns":20,"connect":28,"send":0,"wait":27,"receive":7,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/ethereumjs-tx-1.3.3.min.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /scripts/ethereumjs-tx-1.3.3.min.js HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 323051\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:33:26 GMT\r\nETag: W/\"4edeb-19d598e88f0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":323051,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (43040)","md5":"ca1104de538caea2d54265fbe90916b4","sha1":"d6c416e5d153f500f7ac66d25a2b73db45867ad4","sha256":"10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0","sha512":"51fe1c1b91913f9108019b1d18ca38593175cbc827ee159e2942d62b2a9825317642833f17c2526ce292d9623e394cce1a750d9c6246c7eb201a57b15c8d8bc4","ssdeep":"3072:3dpgpHu8o3GVhW8Jg5bGpLsev6ns9oq1CfdfDWp1WrB33NjbLytdJ7bt3r:3fGVL2CNvms/CfdS1Dr","tlshash":"a6640989fba07052435671a5062f644fb67af92d5949006cf254e8fb3cf89c8a63bf34","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-05T11:05:10.857489Z","times_seen":2021,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":33,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/assets/f_b822a4ef.png","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /assets/f_b822a4ef.png HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 732569\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:32:00 GMT\r\nETag: W/\"b2d99-19d598d3824\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":732569,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 863 x 936, 8-bit/color RGBA, non-interlaced","md5":"d32ac363c2998c3864c7d15de918fb17","sha1":"b359c147adaa834c82f35b7c287a769cd1d04a3d","sha256":"3a1184331b78f03f38a81b9394448b3930753b1128a0a91b1a2c0d6a5ecd06d6","sha512":"e2c69370c79fec6da9bcc21f2fff811183922b3b8365d6bfc52c67b2997c76efa69387a1d6d70cff99cc1e831ab75a59bd3ef3e56e4b4762cc3bf73a2bb32218","ssdeep":"12288:KBiaQlWq4N1NCTGZ36X/vUiYDfUBwybnCAXafDKlclxckrP6g8rFOILplJjy4FHk:65q4N1N5Z36X3AsBhCA26fkH85DJhFHk","tlshash":"d2f42384b44341472208e262ce2766d8dedba37fdd79879d87906a6e0c78fe715287cc","first_seen":"2026-03-07T01:02:17.386867Z","last_seen":"2026-04-05T11:05:10.855189Z","times_seen":36,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":34,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/assets/f_5ab5d2f1.png","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /assets/f_5ab5d2f1.png HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 544902\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:32:00 GMT\r\nETag: W/\"85086-19d598d36c1\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":544902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 815 x 763, 8-bit/color RGBA, non-interlaced","md5":"e9538487a7fcf7030c27dad22c558103","sha1":"031541c9f7e022e397e098ede71384a961e80402","sha256":"271e9d12653ced631a06f14e4112f44976d7b25b0331e6d767c4f0b6e3d52446","sha512":"4298084eb89d6daca44f991a20983d1fa7cf5a2be6f866b6115ca9aa526a9a97a224f278ee3ea399cf9fd5953f9db9e516015f4786a96ece0225539bdf1c883e","ssdeep":"12288:W9jwg8AN76gwOcLg/BH2D0eIhavUT9+7xVq/sPJnlRGiwRa2kUayj:W90gdQpg/h2pIrqU/eR4RU3m","tlshash":"e5c4235efb6dd75cc0a3d14848b8ef35afc1aa4c60b521d099381aba5627d434e338bc","first_seen":"2026-03-07T01:02:17.364795Z","last_seen":"2026-04-05T11:05:10.866192Z","times_seen":36,"resource_available":false,"data":null}},"time_used":620,"timings":{"blocked":398,"dns":0,"connect":0,"send":0,"wait":75,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-04T18:17:24.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 120605\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:31:53 GMT\r\nETag: W/\"1d71d-19d598d1bd3\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery:3.6.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Axios:1.2.2","description":"Promise based HTTP client for the browser and node.js","website":"https://github.com/axios/axios","common_platform_enumeration":"","icon":"Axios.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"SweetAlert2:11","description":"SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.","website":"https://sweetalert2.github.io/","common_platform_enumeration":"","icon":"SweetAlert2.svg","categories":["JavaScript libraries"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":120605,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2e355dcccce17938cbaac85c5c334b19","sha1":"b418c70591432eb8e608ea429e0c5a5cccd174c5","sha256":"a7bf78bb421baa3bf1b723a96f7712b1ca455dd6176a79da81d251f4ecb2295f","sha512":"580a7157687869d8b3d841476e3aafd58dea0ca7565c7a6839eed636336d7313574a07f5a7200de520297fce91514c85f22d428e302876653ae153fd7c20626d","ssdeep":"1536:J7+MqcN+IWI7YCYWQMqcN+IWI7YCYWP52M:JL+m+al","tlshash":"3fc3fd456e978053ba67812e2be6f30432f5e003dcb6ed58bd9cd1808fc7d5c29a93a4","first_seen":"2026-04-02T03:19:54.803161Z","last_seen":"2026-04-05T11:05:10.860354Z","times_seen":35,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":113,"dns":40,"connect":31,"send":0,"wait":62,"receive":65,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/main.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /scripts/main.js HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 58994\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:33:28 GMT\r\nETag: W/\"e672-19d598e8f16\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58994,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6612)","md5":"be74d30d53f8d4b554b04d368560d5c5","sha1":"635bd00872b531516f858786948a84020c969ba9","sha256":"366796a91dea65f808b6b920109d5974a253f9d2f74e72f735bfcfbaf06c5c5d","sha512":"3abdcb2c176cfaa21a2e68110e690bc795220e74d13567bac9ea62245fdc1149b0274206aa76991a229da39f20569ad8ea780acf6ae831403bfc2b12dbc392a6","ssdeep":"768:NV4Bs/PZKrzyqG4M6KbU3og5fDoR11JmsEmzu9:NVYsk/yJU3doR118sEmS9","tlshash":"414309f014f72025411b385ace5f74093425716baa8cd9a87aec97e1afcb429c5e3bcd","first_seen":"2026-04-04T18:14:10.982439Z","last_seen":"2026-04-04T18:18:47.579048Z","times_seen":11,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":1,"connect":37,"send":0,"wait":47,"receive":50,"ssl":72},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-04","alert":"Detects file containing Telegram Bot API","trigger":"v.gettrustpayment.live/scripts/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Roboto:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 04 Apr 2026 18:17:24 GMT\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"4c8ef72eb043b6205edde8d9e910787e","sha1":"fa8b1cd29ea6e9bd2113a33d10ab096306430f37","sha256":"0031e12119f0b0e9820611dc4e888b0decf9c9924e4b2bea291397e70105305a","sha512":"80bf1edac61df533f32176b490302e90a6213b72b5ea335092fa25128a4229cc7967e5c4cdc6cec06c923335260d0ecb779fad1b36a26ff616b4eb4465e34e7f","ssdeep":"384:89fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/qY4Q9G9m949fd9k9D939yQ9/O:8yjooYhREHPM5svvYaR7AIWP2ZZYQRVs","tlshash":"8c721fa1041744009b838ce223cebf35fe1f52117142d0b5abfd9b6baddbca6526936d","first_seen":"2026-02-19T23:44:13.889102Z","last_seen":"2026-04-07T21:12:37.148398Z","times_seen":1499,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":127,"dns":8,"connect":8,"send":0,"wait":22,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/assets/f_bf6ce74a.png","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /assets/f_bf6ce74a.png HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 28146\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:32:00 GMT\r\nETag: W/\"6df2-19d598d3a45\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28146,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 753 x 673, 8-bit/color RGBA, non-interlaced","md5":"3515fad471d01d38e7484bca9494cbcc","sha1":"d0d99b3c06f0fff18c566bfb9289db0034565faf","sha256":"885f7417b13e3d57c613434fa950d1f6283024a87f5de7d77b437a2a069c5667","sha512":"f6b8cebc20034b00bcdc2b4add9ca5015c4e6b3540b9af42260799df66215716a8a65fdd5af6513f72d39d254a58bc9d558d652ca4b6fe35a1051dbabc67e41d","ssdeep":"768:e9P2FpwRPBIIsjp3eAn22FyzVVRMhoT79:ewFpQ6593eAVcVF1","tlshash":"bbc2e141655668a19d4ec9133e1b29d97778923be30c3fb02d095e2a33d61f2242f63a","first_seen":"2026-02-15T08:27:17.955241Z","last_seen":"2026-04-05T11:05:10.851119Z","times_seen":41,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ua-parser-js@1.0.33/src/ua-parser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/ua-parser-js@1.0.33/src/ua-parser.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 1.0.33\r\nx-jsd-version-type: version\r\netag: W/\"3e30-qjoIfmvuPeqdxy3xl0QYFkn0ABQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\nage: 1951981\r\nx-served-by: cache-fra-eddf8230120-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7390\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15920,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15585)","md5":"0f5dee1db90006370bfad15f1c6433f1","sha1":"aa3a087e6bee3dea9dc72df19744181649f40014","sha256":"0708d17e2795584e55ffe69838b2163d73ccf2f05cc177653b3884d6a7cff51e","sha512":"2187507129a58026e0443cdc57570b689626525c9cfdc123a5ef05ad2c39882aba2ecdb9c2e4b1d45165b02db0d6ec2f61786df208a46904487c987458ccf79e","ssdeep":"384:veSussfhlSg15+2rRSLkdAhYStQfdjpTJuU3ZGUshwzVXQd6VkedjyABx:G0Lk5/RSgd4YStQRpTJuU3ZGUshwzVSG","tlshash":"4862743fd295ff3c57dce908e77946442f0b6d2aca8860f499d092627cb86da0046777","first_seen":"2025-06-24T09:26:28.558042Z","last_seen":"2026-04-05T11:05:10.851923Z","times_seen":37,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":75,"dns":3,"connect":28,"send":0,"wait":38,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 04 Apr 2026 18:17:25 GMT\r\ndate: Sat, 04 Apr 2026 18:17:25 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7581,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"75d871927f5e58b96f7bf7b5de083ae0","sha1":"ba1c473216e2bfb9613075ac3729a7b976118e04","sha256":"0014d56cd9cf8b2d3da043344ee9c6e4c4ad96ad62cb3d167b838ea5dfbd2ffb","sha512":"748385a376279efccc77e2d9e1126f22d4f9c4329772c63c0f9cf383ec71a00caa6d0caf93536b8a0c836f390cb5e2ebb0b53f9aae74fbf92fbec704298d6445","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8ONEhYO3RrxGx:vXuM1+4","tlshash":"cbf17792002ba400ab971dc223cf7e3aaece10896085d1b95ffd0dc59ceed66436876d","first_seen":"2025-09-10T19:11:46.108203Z","last_seen":"2026-04-07T20:57:48.746169Z","times_seen":2207,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":168,"dns":7,"connect":27,"send":0,"wait":19,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/style.css","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nContent-Length: 33413\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:31:54 GMT\r\nETag: W/\"8285-19d598d2209\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":33413,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"241a48ec1cf17342d7aee5455ac581f5","sha1":"da481e824810864ebcc35e7a38e70343a7dabd52","sha256":"60e50e27031ce58b530f5679d93dbc8f7f1a65caf686cea83fb9d5366fd22465","sha512":"82fd2cb646a4f66b1d7e36da9560059c1482d220c059ab4ca74137517a5091f8902a394c4415f0a668a1d792363dcf33ecce362688c1cf70f3f8e0ec556786dd","ssdeep":"384:JJWQnA9uTIC18qr0HcvtlJxciT/rXa7+tn:JJWQOun8bI9/O7En","tlshash":"2fe23e24d9022046b3339bb96fb30609eb5990638b42d1a9bfdc32588ff517c5662fdd","first_seen":"2026-03-07T01:02:17.386018Z","last_seen":"2026-04-05T11:05:10.85589Z","times_seen":36,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/ethers@5.7.2/dist/ethers.umd.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.7.2\r\nx-jsd-version-type: version\r\netag: W/\"b996b-tlFUVYf2JXNF3D3p3apESxDe3z4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\nage: 816020\r\nx-served-by: cache-fra-etou8220026-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 168432\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":760171,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-04-07T16:50:46.485219Z","times_seen":3114,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":74,"dns":1,"connect":29,"send":0,"wait":44,"receive":10,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/ABI.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /scripts/ABI.js HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 13514\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:33:25 GMT\r\nETag: W/\"34ca-19d598e8665\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13514,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (4230), with CRLF line terminators","md5":"e02bfe09ad56c856c4138a07bfc66853","sha1":"4581b906d58789491e062ee1da0dedb9d78531f1","sha256":"2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7","sha512":"bbdcfcabb87a7d0efb26313ac228390dc1ca1ee9bae3803a4ef5de8913c9542c6ba26b279664a4783a7fa90324e89ce1bacf302e43b1b30a81c71bc8d1937a66","ssdeep":"96:nAWQ9AJVRXLPuejeN+WSUTyMPNJAB8AAAXQThRovQTiFRbpqg8hLU17hLBGTl1Xk:AWZdXAh95ov","tlshash":"1e520797321fad6f48882ba941f28788b5a9d1e7d1cdcc82284c8e32c7dd955c46e35f","first_seen":"2023-03-09T08:50:45Z","last_seen":"2026-04-05T11:05:10.85806Z","times_seen":44,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":1,"connect":34,"send":0,"wait":46,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rpc.ankr.com/eth/2f26e1d5d1d33832856cb3db7386378211364276b00985f802045f6857bc80a9","fqdn":"rpc.ankr.com","domain":"ankr.com","tld":"com"},"ip":{"addr":"173.244.207.30","port":443,"asn":13213,"as":"UK-2 Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shark.multi-rpc.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 11:28:53 GMT","end":"Sun, 21 Jun 2026 11:28:52 GMT"},"fingerprint":{"sha1":"AE:1D:6B:AA:47:F3:E6:57:DE:8E:AE:96:E2:57:FD:59:C7:98:35:45","sha256":"E7:E9:5B:8C:16:7D:7C:6C:3F:CA:EE:53:6B:E2:1C:37:99:35:61:A9:23:2A:B7:B5:21:15:EE:7D:F2:99:FF:57"}}},"request":{"raw":"OPTIONS /eth/2f26e1d5d1d33832856cb3db7386378211364276b00985f802045f6857bc80a9 HTTP/1.1\r\nHost: rpc.ankr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://v.gettrustpayment.live/\r\nOrigin: https://v.gettrustpayment.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 04 Apr 2026 18:17:25 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,solana-client,client-sdk-version,client-sdk-type,client-target-api-version,x-ton-client-version,x-client-name,x-client-version\r\naccess-control-max-age: 1728000\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T21:38:16.288773Z","times_seen":13476362,"resource_available":true,"data":null}},"time_used":358,"timings":{"blocked":166,"dns":2,"connect":27,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rpc.ankr.com/eth/2f26e1d5d1d33832856cb3db7386378211364276b00985f802045f6857bc80a9","fqdn":"rpc.ankr.com","domain":"ankr.com","tld":"com"},"ip":{"addr":"173.244.207.30","port":443,"asn":13213,"as":"UK-2 Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shark.multi-rpc.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 11:28:53 GMT","end":"Sun, 21 Jun 2026 11:28:52 GMT"},"fingerprint":{"sha1":"AE:1D:6B:AA:47:F3:E6:57:DE:8E:AE:96:E2:57:FD:59:C7:98:35:45","sha256":"E7:E9:5B:8C:16:7D:7C:6C:3F:CA:EE:53:6B:E2:1C:37:99:35:61:A9:23:2A:B7:B5:21:15:EE:7D:F2:99:FF:57"}}},"request":{"raw":"POST /eth/2f26e1d5d1d33832856cb3db7386378211364276b00985f802045f6857bc80a9 HTTP/1.1\r\nHost: rpc.ankr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://v.gettrustpayment.live/\r\ncontent-type: application/json\r\nContent-Length: 60\r\nOrigin: https://v.gettrustpayment.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":60,"data":"{\"method\":\"eth_chainId\",\"params\":[],\"id\":42,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 18:17:25 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-shark-trace-id: 6a30f666e934909b3a3b124589529880\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccess-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,solana-client,client-sdk-version,client-sdk-type,client-target-api-version,x-ton-client-version,x-client-name,x-client-version\r\naccess-control-max-age: 1728000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3b13b016aca98e0d56efc6323686ce77","sha1":"d409afcbe00106e895feb9ffdc85d2b03da701eb","sha256":"03ccbdc6fc2746d106b6b3f8bb353474f144f135d4600cbe844ca44e1c78768d","sha512":"f16bb64f72473097f071b36023337043c7b3a497dc57422bdbde5eb554896d73e3c8e4da4664e3f9cf54c5e5daf80e35ea96e5947ae4ea1693dc813555b4bb14","ssdeep":"","tlshash":"b49004c01d050731450c0c41d40d015171c1375405040d044c0d414150441477304315","first_seen":"2024-08-29T17:47:19.362481Z","last_seen":"2026-04-05T11:05:10.849491Z","times_seen":60,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:25.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://v.gettrustpayment.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 75242\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-07T21:37:11.996152Z","times_seen":68178,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":60,"dns":2,"connect":7,"send":0,"wait":11,"receive":10,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/axios@1.2.2/dist/axios.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /axios@1.2.2/dist/axios.min.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 18:17:24 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncf-ray: 9e724f4a2c0256b1-OSL\r\ncf-cache-status: HIT\r\nfly-request-id: 01KN03DXDW4NDY0SB87RDT8TDP-fra\r\naccess-control-allow-origin: *\r\nage: 229\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 04 Apr 2027 18:17:24 GMT\r\nlast-modified: Mon, 30 Mar 2026 19:27:17 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-digest: sha256=:eIET7hisvt1N1cTLix0TTFDQX7fmx0SXQfX5AvDdp0E=:\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31153,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31114)","md5":"c68d87ae776cca50ba5f38e07b73717d","sha1":"547505afc711bba4c5d4fc2fdf1c3236b9456c07","sha256":"788113ee18acbedd4dd5c4cb8b1d134c50d05fb7e6c7449741f5f902f0dda741","sha512":"4139dbf414241b87c1608b7d246bd89b13e977a4c178aa7a96c52bb62550b2b27db1bdf7067f6cd303103bda950456cf5f7c47440b011ef5e572cae72631318e","ssdeep":"768:KCDYsInWThrul/MzFzBSQcFAm+KuzilN+afgb8Hph:3IGF1SDJ+Te+QHj","tlshash":"4fe209c8bad1b072936771b5406f150bf23ab966a48d8490f120ece67cb850e9767f7c","first_seen":"2023-03-12T10:34:08Z","last_seen":"2026-04-05T11:05:10.862219Z","times_seen":110,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":3,"dns":1,"connect":1,"send":0,"wait":22,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/scripts/seaport.js","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /scripts/seaport.js HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:24 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 2054903\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:33:31 GMT\r\nETag: W/\"1f5af7-19d598e9c7e\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2054903,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (864)","md5":"3a1fc9ac373d724f6b4a1883ab14226a","sha1":"f48a79c05df973a46a0f576eabc2d57b0ed0c8e0","sha256":"497ea7b61f0f22813d61d10d4a3fcd6b945604e1afdb1555cc8b58020bdbd85e","sha512":"fd1d2fe64511a5020258c22ad40413b0e88ab72c9cf21a471be763349b913dce75b099d7bb19decbbf49808962b8fe0c5a64783dec02fc5f083b0b2788f14f67","ssdeep":"6144:sx8sq74VN29yVZMKi/opYsLdKt3DCeKbPUD1kxksoOkQT:s7oofB","tlshash":"1925a44abaf760614617317c4b6f9005b634d4575588dc64be8cc3a0af9983c8bfabec","first_seen":"2026-03-07T01:02:17.379104Z","last_seen":"2026-04-05T11:05:10.850299Z","times_seen":36,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":-1,"dns":1,"connect":34,"send":0,"wait":57,"receive":251,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"v.gettrustpayment.live/assets/f_41ffce8e.png","fqdn":"v.gettrustpayment.live","domain":"gettrustpayment.live","tld":"live"},"ip":{"addr":"185.246.190.216","port":443,"asn":0,"as":"","country":"Iceland","country_code":"IS"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://v.gettrustpayment.live/","date":"2026-04-04T18:17:24.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gettrustpayment.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 17:10:15 GMT","end":"Fri, 03 Jul 2026 17:10:14 GMT"},"fingerprint":{"sha1":"F1:81:6D:67:DA:FF:82:EB:FB:76:1D:63:10:4D:05:EA:86:9C:91:B5","sha256":"4A:8E:11:C1:FA:27:2F:28:57:F3:CC:9C:A2:A0:66:B4:2B:C3:8C:93:23:EB:89:88:EF:2D:AD:36:1C:4B:0B:DD"}}},"request":{"raw":"GET /assets/f_41ffce8e.png HTTP/1.1\r\nHost: v.gettrustpayment.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://v.gettrustpayment.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sat, 04 Apr 2026 18:17:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 111066\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Sat, 04 Apr 2026 17:31:59 GMT\r\nETag: W/\"1b1da-19d598d32e2\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":111066,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 486 x 429, 8-bit/color RGBA, non-interlaced","md5":"bf7815553b052f106719dd4864758187","sha1":"9c4a6191087e5a45dea41f44a25ef9301423f718","sha256":"84445f55d0d97cb3aadb37f72238604d0d9571769de4fc909ed9d7177c614b6d","sha512":"433fdd6322735e4628307649ee0e3ac305fd443592cc31b98ed71dbaa9da0de48c78c4c200b8b73d3e1df4984042e659dcf12f267dc64e305aa59e387d42a1d3","ssdeep":"3072:nTZ2BcW2ebC9V5ZZmtV9IS9g5vm5wS/E6IFPHXYROO76R:OcW2ebS2bmT5vmaC6FPy7e","tlshash":"6bb31250a55441ed5e5864c37c741831abfbdabe313461e9cbb1e9fa20763f20eace48","first_seen":"2026-02-28T00:33:53.806002Z","last_seen":"2026-04-05T11:05:10.858571Z","times_seen":40,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":402,"dns":0,"connect":0,"send":0,"wait":74,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}