{"report_id":"7eb5a162-4582-4533-839c-9c9094a45759","version":6,"status":"done","tags":[],"date":"2026-01-19T21:48:59Z","url":{"schema":"https","addr":"trovemarkets.claims/","fqdn":"trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.trovemarkets.claims/","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"title":"ICO Refund Portal","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trovemarkets.claims/","fqdn":"trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-23T21:48:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.trovemarkets.claims","ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-19T21:47:33.07283Z","last_seen":"2026-01-19T21:47:33.07283Z","alert_count":0,"request_count":5,"received_data":2427768,"sent_data":2331,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"corsproxy.io","ip":{"addr":"104.26.7.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-30","domain_rank":175528,"first_seen":"2016-05-19T01:27:08Z","last_seen":"2026-01-18T22:04:39.131713Z","alert_count":0,"request_count":2,"received_data":2995,"sent_data":1019,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2025-10-12","domain_rank":0,"first_seen":"2025-10-22T11:51:07.746032Z","last_seen":"2026-01-19T17:11:33.285215Z","alert_count":6,"request_count":3,"received_data":659265,"sent_data":1516,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"trovemarkets.claims","ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-19T21:47:33.057737Z","last_seen":"2026-01-19T21:47:33.057737Z","alert_count":0,"request_count":1,"received_data":2019252,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.trovemarkets.claims/","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8035779e1fb5650440e6d90cff233ef","sha1":"484fabfe02998c773238eb2891b665460f1dbb06","sha256":"1df1c14af3c7b9682575d96f2a312f7790d2e46cdfe6b275b143a8a0f951cefe","sha512":"7d1f425f481df4eeb4eb083be71cc3eedaaa272e5a83237d41fe580b3a5d57a55aba9025521dd6e7381e32bf01d551c804d085956847fc58e40c0c190ee08190","ssdeep":"","tlshash":"da11034963ea206b05284b62d747e01b153104179286d4d43faf439c5fe6b23a16c9ef","size":1109,"data":"","first_seen":"2026-01-19T21:47:37.956Z","last_seen":"2026-01-19T21:53:03.971889Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com/@v1/cdn/js/csv-writer.min.js?t=29480988\u0026u=iaedHw1rRYYTHKb1GDY5NmIzMWE2MTVmODc1N2IyNTVkZDIyM4eLV2SaDo5O8Q5dlA","fqdn":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","domain":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-21T16:12:40.397384Z","times_seen":2485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/socket.min.min.js","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dbb4325948bae7b8e6cccf7df0ee29b7","sha1":"567b6772ac98dc0fe643d86db3ccf6d8afe82d87","sha256":"a92681dc058160c165d184a59d185304da3a74ffeade87790a567f9e94bac514","sha512":"91037704cc8d06c711505d99a3dcd1be47f444c37c30400b95eadaa2cc8b1f2650822f9b6177e8dd6a5506cd7875ebbf557891c542590b00ffff9b6fa1ade7ce","ssdeep":"3072:NakfsExIkfxNT3Z/45bOGJX/3ENs15TXDXRM0QjvlrwXkDy/F:NakfsExIkfTp/45OsfEN4PVZN","tlshash":"2e845fd6fdba33df5bf4f152cc21948ca8fd8e253b45c6faa345ac82a614911a4e7c10","size":378930,"data":"","first_seen":"2026-01-19T21:47:37.948183Z","last_seen":"2026-01-19T21:53:03.967494Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"c7d46c7da986a5e30762ee0a8779a791","sha1":"6667bb61e50c843ca43e2b2fefaa3b4f4235a9e1","sha256":"3fc87c941d4d3bb1c230d8eca73b119be5ded05c0015713503869b1220585479","sha512":"ea65086ccd21b65aec2bfdb7bb28eb3de3ed6f3db1870a9d52be4cce7a62dc1fb8ebb4793911f1dabe3048fbd1b0eeaa987a9b862a79651d9517f1005fd96018","ssdeep":"3072:rqkfsExIkfNRdgDgRaVzUCNzEekRBGblNz0zcBQBxHBypUh/wRs:rqkfsExIkfecRgLqekMqcx+wK","tlshash":"37846ed5fdbb33df5be8f256cc21948da8fd8e263705c6f9a345ac41aa14911a4ebc00","size":371840,"data":"","first_seen":"2026-01-19T21:47:37.953678Z","last_seen":"2026-01-19T21:53:03.972585Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/metamask-connect.js","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8734c2af1928218e10bbc0b987962441","sha1":"08602b24e706b71e700e50aea9feb1fcd8a7bfbd","sha256":"da8c1e0c1db6167a6bacd4e95cca1bef946c678ae0d6a2bfb776a7fb1f3824c3","sha512":"3183ec65da7d4168ac3a5e9e0a69f7a7cc926a0a5b6cbcaa7537f9d1e8a91a83b5ce3a3d75ca8285071257c739e862add9b687f8246121d2ca97b24f13b5f7c0","ssdeep":"192:we0CVdWkIRoV+BBFMyNQSPC0vxypwSldcEdrayQeH03KQ7w60Y+us1a:WGw2I1Ei5sc","tlshash":"d332949c60f3343d0533257ae78fb171232141c31a45da05799c83a21fe5a2a9a6b7ff","size":10995,"data":"","first_seen":"2026-01-19T21:47:37.950609Z","last_seen":"2026-01-19T21:53:03.9681Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.trovemarkets.claims/rgBuc-X5.php?s=%2F%40v1%2Fcdn%2Fjs%2Fcsv-writer.min.js%3Ft%3D29480988%26u%3DiaedHw1rRYYTHKb1GDY5NmIzMWE2MTVmODc1N2IyNTVkZDIyM4eLV2SaDo5O8Q5dlA","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:35.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET /rgBuc-X5.php?s=%2F%40v1%2Fcdn%2Fjs%2Fcsv-writer.min.js%3Ft%3D29480988%26u%3DiaedHw1rRYYTHKb1GDY5NmIzMWE2MTVmODc1N2IyNTVkZDIyM4eLV2SaDo5O8Q5dlA HTTP/1.1\r\nHost: www.trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 641\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"rgBuc-X5.php\"\r\ncontent-encoding: br\r\ncontent-type: application/x-httpd-php\r\ndate: Mon, 19 Jan 2026 21:48:35 GMT\r\netag: \"36c3dec05dd26781cd6471722b5f4448\"\r\nlast-modified: Mon, 19 Jan 2026 21:37:54 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ndm5w-1768859315939-53cccd0c295f\r\ncontent-length: 5611\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16334,"size_decoded":0,"mime_type":"application/x-httpd-php","magic":"PHP script, Unicode text, UTF-8 text","md5":"36c3dec05dd26781cd6471722b5f4448","sha1":"e6fb5526e67b1000bb8a8e12ec504ec843d99e3b","sha256":"dcbaad4aff60d93f07de604d820f2942348e9d6dd2a2248a1b011262e6a43459","sha512":"e64c48f0fe68b0737c9dd10c15130c50462ace0f5fe1a7cd7d969be028a43e7b98fb86fcf973a6249440491b804b089e7d8f49e9ff9a5d9d7b6e2abcaf2a6882","ssdeep":"384:Iph9Jm2q9Jm2cLijVGEZp577mVek7W4JR9Jm2b:IpZm2cm2cuFZph7mVekhm2b","tlshash":"89721850bdf35a806176e0ad6b5fe9086a19600f0629c505bf9c129b2fd097ce3fc6bd","first_seen":"2025-10-01T18:50:55.255555Z","last_seen":"2026-04-08T12:38:28.910606Z","times_seen":48,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"corsproxy.io/?https://api.mainnet-beta.solana.com","fqdn":"corsproxy.io","domain":"corsproxy.io","tld":"io"},"ip":{"addr":"104.26.7.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:36.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"corsproxy.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 12:31:51 GMT","end":"Wed, 18 Mar 2026 13:31:47 GMT"},"fingerprint":{"sha1":"F1:18:C6:C5:DE:D3:95:FA:F6:75:63:47:58:50:9A:A8:A0:A4:AA:1B","sha256":"80:C5:28:D3:6E:6F:09:64:63:08:DD:D0:AE:1D:86:93:4A:26:7C:CD:00:81:67:0B:6B:3E:A6:79:6B:A4:D5:2E"}}},"request":{"raw":"OPTIONS /?https://api.mainnet-beta.solana.com HTTP/1.1\r\nHost: corsproxy.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://www.trovemarkets.claims\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Mon, 19 Jan 2026 21:48:36 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH\r\naccess-control-max-age: 86400\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YAOcj8b2oszi%2BYNICPDr1xOKCCZCFCa3sRdsYkciigRaoUUiVcFe6qBMX0AemoNumGJwRlmq93b7EHPEDRmQVkcO9HiM22CdsQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver: cloudflare\r\ncf-ray: 9c098988ce00569c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T06:09:25.408238Z","times_seen":14048167,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":23,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"corsproxy.io/?https://api.mainnet-beta.solana.com","fqdn":"corsproxy.io","domain":"corsproxy.io","tld":"io"},"ip":{"addr":"104.26.7.163","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:36.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"corsproxy.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 12:31:51 GMT","end":"Wed, 18 Mar 2026 13:31:47 GMT"},"fingerprint":{"sha1":"F1:18:C6:C5:DE:D3:95:FA:F6:75:63:47:58:50:9A:A8:A0:A4:AA:1B","sha256":"80:C5:28:D3:6E:6F:09:64:63:08:DD:D0:AE:1D:86:93:4A:26:7C:CD:00:81:67:0B:6B:3E:A6:79:6B:A4:D5:2E"}}},"request":{"raw":"POST /?https://api.mainnet-beta.solana.com HTTP/1.1\r\nHost: corsproxy.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 130\r\nOrigin: https://www.trovemarkets.claims\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":130,"data":"{\"jsonrpc\":\"2.0\",\"id\":1,\"method\":\"getAccountInfo\",\"params\":[\"8ycauMwVE61B4uWz87B2k2G8mMK7iFjRoBHooaVAcP4k\",{\"encoding\":\"base64\"}]}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 19 Jan 2026 21:48:36 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\nallow: OPTIONS, POST, GET\r\ncache-control: public, max-age=3600, s-maxage=3600\r\nlast-modified: Mon, 19 Jan 2026 21:14:28 GMT\r\nserver: cloudflare\r\naccess-control-allow-credentials: false\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH\r\naccess-control-max-age: 86400\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-cache-body-hash: cd0fcd93326a493dbfbef017045ba271\r\nx-cache-read: hit\r\nx-cache-saved: 2026-01-19T21:14:28.577Z\r\nx-cache-status: HIT\r\nx-content-type-options: nosniff\r\nx-proxy-service: CORS Proxy\r\nx-proxy-time: 9ms\r\nx-proxy-version: 2.4.2\r\nx-ratelimit-conn-limit: 40\r\nx-ratelimit-conn-remaining: 39\r\nx-ratelimit-connrate-limit: 40\r\nx-ratelimit-connrate-remaining: 39\r\nx-ratelimit-endpoint-limit: unlimited\r\nx-ratelimit-endpoint-remaining: -1373\r\nx-ratelimit-method-limit: 30\r\nx-ratelimit-method-remaining: 29\r\nx-ratelimit-pubsub-limit: 5\r\nx-ratelimit-pubsub-remaining: 5\r\nx-ratelimit-rps-limit: 100\r\nx-ratelimit-rps-remaining: 99\r\nx-ratelimit-tier: free\r\nx-request-id: fdce6ac5-7e37-45c1-9dba-428c97deb518\r\nx-rpc-node: fra119\r\nstrict-transport-security: max-age=2592000; includeSubDomains; preload\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DRTSyUDKnXgwuGRmIgiTsy9FpbI6IDYg6UVnltCeOqzsgZkA4cWGY13TiVSE1fbmJkBhCiUD86y%2FczsXfoNEdJNleXRZ7gb44g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncf-ray: 9c098988de18569c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":327,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7f9d1a0701fff50dee494b70ec06623f","sha1":"8c3f1bd051b1536c27db2fb2df00bbb2077a82c0","sha256":"a9a32df394d7b7577eaab6bec7466fb240b844ffd5e9604122e06ef495e5c902","sha512":"ba43574d1c7bfcfec3692f92b621e4831f31f17d0f11b8d4ce21dfa09f77ab2b7d33554092423c3289bf14ff953d9b44c33bd3ed202ba21eaa44cd5c17b7cc35","ssdeep":"","tlshash":"22e07d813d090bbe9ed48e17ca1521a9e3c109ac5b014a9713df0d1571c955da10b9bb","first_seen":"2026-01-19T21:47:37.942907Z","last_seen":"2026-01-19T21:53:03.970116Z","times_seen":3,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com/jmpd/","fqdn":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","domain":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:37.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 15:05:58 GMT","end":"Wed, 08 Apr 2026 15:05:57 GMT"},"fingerprint":{"sha1":"4D:1D:3C:6D:9E:2D:29:38:F6:A3:C5:A2:A9:6E:00:65:21:FD:F7:14","sha256":"B2:0A:D0:D4:D9:66:A7:A6:38:55:71:26:B9:06:E7:A1:A5:4B:C4:7B:C4:E5:D6:9A:6B:FF:D1:0E:21:E9:BB:C1"}}},"request":{"raw":"OPTIONS /jmpd/ HTTP/1.1\r\nHost: aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nOrigin: https://www.trovemarkets.claims\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Mon, 19 Jan 2026 21:48:37 GMT\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\naccess-control-max-age: 86400\r\ncache-control: no-cache\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 01/19/2026 21:48:37\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 30e58dc1d473a8fef66246eec72d5b3e\r\ncdn-status: 204\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T06:09:25.408238Z","times_seen":14048167,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trovemarkets.claims/","fqdn":"trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-19T21:48:34.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 Permanent Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Mon, 19 Jan 2026 21:48:34 GMT\r\nlocation: https://www.trovemarkets.claims/\r\nrefresh: 0;url=https://www.trovemarkets.claims/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::flrvh-1768859314591-280e46c9f7b5\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"Permanent Redirect","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2018879,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (48193)","md5":"574b54caa55c6d7792fdaae5a0a2dcc7","sha1":"63b4ebdddac8c0e9f6550ea088bc2f6c0669329a","sha256":"ef4302e71c7beaf7ff62baff0be3ff65154654f1487d486e648fdcfa9af75d72","sha512":"d1a8ef5626be8f8f74645ffaa00e43ba8b3ebc7981c44a4cafe8bb3b4e42e07d1f1ed8a6ff95b960aa4773f186cc7dd829bb8c6849e6b3fbf3025218d9cec4c5","ssdeep":"12288:JhLKk+jxVt195/AfyU7Jz+53Ry0e3fvrfeijmjPrWfHf+981fsltcnDM3/iGbufV:JhLcj7t5/A77Ja5q3nrOrSWsGRyx7TT","tlshash":"84250215c6c86fb9ce685e2cc0fd1a1db7a05acb94667589fb733c47afeb684010b049","first_seen":"2026-01-19T21:47:37.935004Z","last_seen":"2026-01-19T21:53:03.970629Z","times_seen":3,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":66,"dns":0,"connect":1,"send":0,"wait":10,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/socket.min.min.js","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:34.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET /socket.min.min.js HTTP/1.1\r\nHost: www.trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.trovemarkets.claims/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 641\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"socket.min.min.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 19 Jan 2026 21:48:35 GMT\r\netag: \"ece187ea11b4a51e073e6df224a37661\"\r\nlast-modified: Mon, 19 Jan 2026 21:37:54 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::855v2-1768859315005-c2dd834ec2d6\r\ncontent-length: 82169\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":378930,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65159)","md5":"dbb4325948bae7b8e6cccf7df0ee29b7","sha1":"567b6772ac98dc0fe643d86db3ccf6d8afe82d87","sha256":"a92681dc058160c165d184a59d185304da3a74ffeade87790a567f9e94bac514","sha512":"91037704cc8d06c711505d99a3dcd1be47f444c37c30400b95eadaa2cc8b1f2650822f9b6177e8dd6a5506cd7875ebbf557891c542590b00ffff9b6fa1ade7ce","ssdeep":"3072:NakfsExIkfxNT3Z/45bOGJX/3ENs15TXDXRM0QjvlrwXkDy/F:NakfsExIkfTp/45OsfEN4PVZN","tlshash":"2e845fd6fdba33df5bf4f152cc21948ca8fd8e253b45c6faa345ac82a614911a4e7c10","first_seen":"2026-01-19T21:47:37.948183Z","last_seen":"2026-01-19T21:53:03.967494Z","times_seen":3,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/secureproxy?e=ping_proxy","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:35.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: www.trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.trovemarkets.claims/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Mon, 19 Jan 2026 21:48:35 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-error: NOT_FOUND\r\nx-vercel-id: arn1::pwmq6-1768859315581-d03bedb90930\r\ncontent-length: 79\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"a9369ccaa8d94f90650bd3828d76a404","sha1":"2a5be5b0f8fc6ca881179039a22ffe6d669b3d26","sha256":"d07f399fc61ef5204eb2bf2639ff1de6a62e6db47dced46b4922aa85b1326eca","sha512":"db3981cbf3db3a04ea75cebd8041c21cf5355ba9e55f55d918f54b5f7998766d04c531371be09b2aba5afaab4b4e37b3bf709417945e7df548124063a4a60bf2","ssdeep":"","tlshash":"04a0118f0a820eec33c802a03002223a00228822aa22a22000ca2220222288fa300082","first_seen":"2026-01-19T21:49:01.699023Z","last_seen":"2026-01-19T21:49:01.699023Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com/@v1/cdn/js/csv-writer.min.js?t=29480988\u0026u=iaedHw1rRYYTHKb1GDY5NmIzMWE2MTVmODc1N2IyNTVkZDIyM4eLV2SaDo5O8Q5dlA","fqdn":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","domain":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:36.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 15:05:58 GMT","end":"Wed, 08 Apr 2026 15:05:57 GMT"},"fingerprint":{"sha1":"4D:1D:3C:6D:9E:2D:29:38:F6:A3:C5:A2:A9:6E:00:65:21:FD:F7:14","sha256":"B2:0A:D0:D4:D9:66:A7:A6:38:55:71:26:B9:06:E7:A1:A5:4B:C4:7B:C4:E5:D6:9A:6B:FF:D1:0E:21:E9:BB:C1"}}},"request":{"raw":"GET /@v1/cdn/js/csv-writer.min.js?t=29480988\u0026u=iaedHw1rRYYTHKb1GDY5NmIzMWE2MTVmODc1N2IyNTVkZDIyM4eLV2SaDo5O8Q5dlA HTTP/1.1\r\nHost: aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 19 Jan 2026 21:48:36 GMT\r\ncontent-type: text/javascript\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NO\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\ncache-control: no-store, must-revalidate, no-cache\r\ncontent-encoding: br\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=csv-writer.min.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/19/2026 21:48:36\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 43b7633e45481851496f5529caf4f5e8\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-21T16:12:40.397384Z","times_seen":2485,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":28,"dns":21,"connect":1,"send":0,"wait":249,"receive":0,"ssl":5},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com/jmpd/","fqdn":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","domain":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:37.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 08 Jan 2026 15:05:58 GMT","end":"Wed, 08 Apr 2026 15:05:57 GMT"},"fingerprint":{"sha1":"4D:1D:3C:6D:9E:2D:29:38:F6:A3:C5:A2:A9:6E:00:65:21:FD:F7:14","sha256":"B2:0A:D0:D4:D9:66:A7:A6:38:55:71:26:B9:06:E7:A1:A5:4B:C4:7B:C4:E5:D6:9A:6B:FF:D1:0E:21:E9:BB:C1"}}},"request":{"raw":"POST /jmpd/ HTTP/1.1\r\nHost: aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 2207\r\nOrigin: https://www.trovemarkets.claims\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2207,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"81vniBmN5ij1SYwjWVnBET1tD2YHMTWmCg9e3E6S9SLaUQQkdySGwpUBzBNJUBocHj4arJpBZ8Tshiy4eVPiLVFf9uMeQX1D76ptU4M9aHzhAQR7VK8PFQksMCS42V8cnjhDfNGHaMQwLLcNWoPSQduf2fA2YYzXPZ6ULKKGDx6dCrUDCe4U6t1enneqcPuScGm81VfhoVkcFYAeeZ4rJU97yupSND2Rmik3beHuSRXnrLwzFvcGXAtbC3HrVZRerjM8B5ohuYwaVdY7mjc3MsCP1uDYBygtLdgpPgTvjjc4jrmo9G3ZLBUVjFnoRSH3aqqEHJi3EEtwwBWd3EmLKAsJRs6riWDzXKvDwoW5VgDsUSZ8gRKyLDxr67zEa2ZjC1VaEzPwXwLSwsFEK7uKChQ4Z9MK4Dx7KJuNaXzGetU3V65dsDx8wN2rjWeB6ZaUxuuL6kcw9XBsoqeK4xWPp4oG6zfZyWUBNM2Rw5LStprW5RzxU3ydsZAjSR27SYq4E931jgQU9m91auJ2HBtt4pDAwBp58PJC1c8a42d12qh4d9VRBxxoEotLhj1DMvdtrKjnP6yFcWF9whDwUbYUHussxhTYcXiJVukEHfkcteozti4KSdUJrkS8TPFCXFtELNkUZzXY8ahxzdmQxC4siG4ZREcEVyukkRzKHCjqeWfQYmHwQdCRz1hWVVqXX8dDix9svcQeaevjmxjtdLVUz4KYPaUNk4yrQhnQFHquJASfccRseSyhmxgkEpuLjPXz7m6MnxuJiLoaJmWtFhm9aZpZFZARV2n9zpyFHgxs4UAMBH3KhW8LzVA65Ce427VmfkyM8pF8sCt8QCBuWW9Kih2wD36FC4ep9SKdLwWwGnEp5gc6mwKkv5ayPLbNnnF8mdK4AURx4AyGyy4gSvRKXeUvnG2M2vCZFKLeLZDzfUZbdxDHytkUdqpbDFAR5UDGLtHjUZ5JrfVgVRxcTRmK5fmdFot1DQ3sYU8zmLwLe8CjG83ZTW1NaJis3LSWLxqdeM18jB45TU6yC8qrJmBGz5SBFc2LYgAsCmkWrbPDqT6YUC7VnMLShvLhUk1vrbrTSZ1o3LEZTgN1jwM8HU9vY141qL6PvV3BpnHmoh7Sm6D9coSauQHpz8BS81eiJa6XDQuMj9pENhQNkbQeCbqaJ7LEhTrkt7wFXUjufMUBLo94rAwCkYXKsDEZE66PoKjS9iPGAifCN6JRDbp6Rp3h9EEVNT1ZQ7qgLCVkTVLhLAasBKr5SGaE1VoLKYjmhczGLuT4G93ovL1A7r1PURfoueJ3BcN2a4wDvfgLCtizDkGTdAJSZ7FhBLpRVD9hdnZdD1YVwo5n6x8yHqZ8tteULYWbP2HzcpQsuJEkYfZKresTBezeM8tx7Dhyv5w34WG3t13eKtBp7YSvFUf2HN1U6McDfKgpmKUTUnQwbXyU92rsQp2chuNphYKipvsW2okhr1Y5GnAWtrcGit3b6YKXCfuYrxQddrSDFLbBNsNpmhJEZ795LVQy2NAr436PDhHksyAyb2fMqgiDzWwyYNJxzHPx85zByukrCFKoZjg3akuzHLwYusJjWGkbbcLFgFniibV7r5bP4wzKU9wL51avsRzxQ8N2SKPgNNt9c43yV6UfxJxUFhvWJQVYhdNjAvmoAs9men8jdMhUxKsxHAZQLCY2YQ7TbyujUKccuzqqbwPvRNHJjE8hm8MNQkjUBvQYYV9f8fP4CsdeAxcUrBraEc4AGxL5evD5hTWELtc1kz5M9Q8fK7jCeWkTyWN4nrjWF5YzAVFxHSsyJeuCVRUhvfbGhgvuoSdNC8rKxqqp6MX2MzNCBa5fAj1K1T9pY3xMUXJmk5kxQDhV3gKA1bveniMWwFpcEwpPMCfXnHKNtoQwgp7jCGWwQqkoxnG6Ju26RPEErhEGLpPx5RXEwiavpwDeEsk6cpbkWaBC1yf1xL6SY94aXxSpjFCynXsxoT4GDWSj62zxSi8KUefSiuVjTEAg6dKKqfaB1s3XzY6CHjcLhFSwH3Bcx9QG5AnjuzFtFFCdzAECfeJL8t45AsHyEUbsWNBiJhdt9WCdkH2CB6j49ifVAj2nHLPYMbfvk3JofgUvheLKBhddN8fV7RXE9KKwVN7WCd63DktbUm\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 19 Jan 2026 21:48:37 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NO\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ncache-control: no-cache\r\ncontent-encoding: br\r\netag: W/\"db-0xjcPkUcovh4W+vGNqD0V/ZacNI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1768859377439\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/19/2026 21:48:37\r\ncdn-edgestorageid: 830\r\ncdn-requestid: 4c6a97f90fe16216ff7460af3b9d8148\r\ncdn-requesttime: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":219,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bdd4fa65e3c726c9905703dcea64bd26","sha1":"d318dc3e451ca2f8785bebc636a0f457f65a70d2","sha256":"88f59282559ffee0d21f9eb4d1dd120443a21e92c89b596482cbd2e99cb21b29","sha512":"1744781febd9678dc808bc392c4d7fdfa4704d7c19825b447be6aa32b678cdb5b763d38425ab2f870ffe62e87faf210f4ba9af1d204129161d3aba8fa91c0c98","ssdeep":"","tlshash":"7ad02334d1f518de85001547f5b5d550c4503515dd71f117467fd4a587664073145c55","first_seen":"2026-01-19T21:49:01.70059Z","last_seen":"2026-01-19T21:49:01.70059Z","times_seen":1,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-19","alert":"Sinkholed","trigger":"aodefevrgdkhqltdnwgzbyjoywrlbntbhfwq.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-19T21:48:34.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 2983\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Mon, 19 Jan 2026 21:48:34 GMT\r\netag: \"2da5dc6fc3286df9ff78497fa9245fd0\"\r\nlast-modified: Mon, 19 Jan 2026 20:58:51 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qqqpg-1768859314735-204855fe4db7\r\ncontent-length: 1411707\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2018879,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (48193)","md5":"574b54caa55c6d7792fdaae5a0a2dcc7","sha1":"63b4ebdddac8c0e9f6550ea088bc2f6c0669329a","sha256":"ef4302e71c7beaf7ff62baff0be3ff65154654f1487d486e648fdcfa9af75d72","sha512":"d1a8ef5626be8f8f74645ffaa00e43ba8b3ebc7981c44a4cafe8bb3b4e42e07d1f1ed8a6ff95b960aa4773f186cc7dd829bb8c6849e6b3fbf3025218d9cec4c5","ssdeep":"12288:JhLKk+jxVt195/AfyU7Jz+53Ry0e3fvrfeijmjPrWfHf+981fsltcnDM3/iGbufV:JhLcj7t5/A77Ja5q3nrOrSWsGRyx7TT","tlshash":"84250215c6c86fb9ce685e2cc0fd1a1db7a05acb94667589fb733c47afeb684010b049","first_seen":"2026-01-19T21:47:37.935004Z","last_seen":"2026-01-19T21:53:03.970629Z","times_seen":3,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":120,"dns":1,"connect":1,"send":0,"wait":10,"receive":213,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.trovemarkets.claims/metamask-connect.js","fqdn":"www.trovemarkets.claims","domain":"trovemarkets.claims","tld":"claims"},"ip":{"addr":"216.150.16.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.trovemarkets.claims/","date":"2026-01-19T21:48:34.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trovemarkets.claims","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 18:12:58 GMT","end":"Sat, 18 Apr 2026 18:12:57 GMT"},"fingerprint":{"sha1":"C9:8A:0B:2A:E8:54:C4:97:7B:9B:8C:5F:D2:3A:27:44:3D:8B:4B:BA","sha256":"0D:1E:35:EE:71:F7:3F:51:DF:93:64:AF:8A:15:34:AC:64:55:6B:F2:6E:7F:86:6E:CC:48:21:EA:76:C8:21:A4"}}},"request":{"raw":"GET /metamask-connect.js HTTP/1.1\r\nHost: www.trovemarkets.claims\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.trovemarkets.claims/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 641\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"metamask-connect.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Mon, 19 Jan 2026 21:48:35 GMT\r\netag: \"bbd7635755fff433480f33cb6b2fe1c3\"\r\nlast-modified: Mon, 19 Jan 2026 21:37:53 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::4cnxw-1768859315007-1aeaa5c03126\r\ncontent-length: 3061\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10995,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"8734c2af1928218e10bbc0b987962441","sha1":"08602b24e706b71e700e50aea9feb1fcd8a7bfbd","sha256":"da8c1e0c1db6167a6bacd4e95cca1bef946c678ae0d6a2bfb776a7fb1f3824c3","sha512":"3183ec65da7d4168ac3a5e9e0a69f7a7cc926a0a5b6cbcaa7537f9d1e8a91a83b5ce3a3d75ca8285071257c739e862add9b687f8246121d2ca97b24f13b5f7c0","ssdeep":"192:we0CVdWkIRoV+BBFMyNQSPC0vxypwSldcEdrayQeH03KQ7w60Y+us1a:WGw2I1Ei5sc","tlshash":"d332949c60f3343d0533257ae78fb171232141c31a45da05799c83a21fe5a2a9a6b7ff","first_seen":"2026-01-19T21:47:37.950609Z","last_seen":"2026-01-19T21:53:03.9681Z","times_seen":3,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}