{"report_id":"ac63bdc4-421e-4561-a1ce-0fe753682695","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-04-07T13:55:02Z","url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":0,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"final":{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"title":"trusttrade.click/","dom":{"size":78865,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2633)","md5":"eb45c9d2db631e6ca87fcb786f19bc5a","sha1":"5058e39addb89a0b5c78a1bb7b8b64229a0ddcac","sha256":"2081c849f9e134748216b78c4146d744e70734d3b750ee0068204e8c2b06c763","sha512":"7d3fc1a2565a7eb2e64400109c7726b39cb8f3065b6fc67c7b41fd57400cffbd9447e1e78c75d8b64ede1799e369a86283cbadb341568a57d767bd765ea2a414","ssdeep":"1536:nD9cQZTE27x2iJ/MjAI7Mo4werT5thEmg6:DxsiSjAI7Moteptw6","tlshash":"3d73f93107e0166e0143e299f359b72afeaadc27ea97c553b29c01663fc7c41ca53798","dom_hash":"domhashd12f584055c26a31ad19b67204d0a794","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":0,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T13:55:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-07","alert":"Detects file containing Telegram Bot API","trigger":"trusttrade.click/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"www.aufkleberdealer.de","ip":{"addr":"87.118.118.155","port":443,"asn":31103,"as":"Keyweb AG","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2013-11-27T15:48:54Z","last_seen":"2024-05-06T10:13:10Z","alert_count":0,"request_count":1,"received_data":3390,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"trusttrade.click","ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"domain_registered":"2026-04-05","domain_rank":0,"first_seen":"2026-04-07T13:55:02.792319Z","last_seen":"2026-04-07T13:55:02.792319Z","alert_count":2,"request_count":7,"received_data":210383,"sent_data":3130,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn-icons-png.flaticon.com","ip":{"addr":"2.23.13.67","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2013-05-10","domain_rank":239972,"first_seen":"2021-09-02T06:55:19Z","last_seen":"2026-04-02T03:35:29.643918Z","alert_count":0,"request_count":1,"received_data":36567,"sent_data":455,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upload.wikimedia.org","ip":{"addr":"185.15.58.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"domain_registered":"2003-03-16","domain_rank":4329,"first_seen":"2012-05-21T09:39:45Z","last_seen":"2026-04-06T10:34:02.851541Z","alert_count":0,"request_count":1,"received_data":1424,"sent_data":507,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"md5":"0092a494d915122a8bbe17faa1feb436","sha1":"87795be7b66f56f38b269172d01b4be53c8df65e","sha256":"d5cfe53f61eeb042c9c9db2bd8682f58bc7222f73407becba694a5992aa32b71","sha512":"8ac43b66519961fdb7717bc9006babf35e1baf11521a1749fa380c733f8005d824b2c840b67960d5acaa461293b53be0652d2f7832139ab94511a1bfd7268e02","size":3898,"token":"8582301440:AAHFQY7Jp4YFjUA1-X1O8DYSyDV4p7hROUo","is_revoked":false,"bot":{"token":"8582301440:AAHFQY7Jp4YFjUA1-X1O8DYSyDV4p7hROUo","user_id":"8582301440","username":"wijef0f9pjiwnlfkowefinlbot","first_name":"оформление карты","last_name":"","chat":{"chat_id":"-1003701309300","title":"ФОРМА","type":"supergroup","bot_is":"administrator","total_users":3,"active_members":null,"admins":[{"user_id":8582301440,"username":"wijef0f9pjiwnlfkowefinlbot","first_name":"оформление карты","last_name":"","is_bot":true},{"user_id":7508651570,"username":"pppppppwefnwefn","first_name":"Alien","last_name":"","is_bot":false}]},"pending_messages":5}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ae65e18d360797c3aaf3acd122306487","sha1":"2a6d944358f1b5c4bf27241201e5e699b070248d","sha256":"d8395bd811b4aef66315b7c60b0d06c4378bb0d797f4f330a7424fc7f31c26e0","sha512":"6bcbdcd4f0146e4907c80b4d274712eb1218cf09b8f8535b5ad3e2911baa7750be0e527ea26473920fdebe1c838b82ff7498cfa0c5f553ebef2826e4db49300c","ssdeep":"","tlshash":"f6f00ca63cca4038c3a302653b73a2583039263f380abc52b98c28923f80e6514a791c","size":621,"data":"","first_seen":"2026-04-07T13:55:08.103764Z","last_seen":"2026-04-07T13:55:56.655396Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"introduction_type":"scriptElement","is_inline":true,"md5":"0092a494d915122a8bbe17faa1feb436","sha1":"87795be7b66f56f38b269172d01b4be53c8df65e","sha256":"d5cfe53f61eeb042c9c9db2bd8682f58bc7222f73407becba694a5992aa32b71","sha512":"8ac43b66519961fdb7717bc9006babf35e1baf11521a1749fa380c733f8005d824b2c840b67960d5acaa461293b53be0652d2f7832139ab94511a1bfd7268e02","ssdeep":"","tlshash":"0c81fe443df708590553b0bb3bef2409647151bb284cef94b5ac065abf82e60a7f67b8","size":3898,"data":"","first_seen":"2026-04-07T13:55:08.104656Z","last_seen":"2026-04-07T13:55:56.656492Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-07","alert":"Detects file containing Telegram Bot API","trigger":"trusttrade.click/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"introduction_type":"scriptElement","is_inline":true,"md5":"02de9350d56f17323addb83183a93005","sha1":"df5756c76f625129dabb4f25c55b8266b335a261","sha256":"19860f3475e7e47be5967b00e936a16c99784c84b2c8d95c5ed09aa78f799d30","sha512":"991f1001137c1d990ece4cfb9b0e143bfe2f0700af3d0edd5e328dbb1f0575ccad0b3bfc335c1e030ac5de019e041f650f5e0a06ea059e75366bc54caafac621","ssdeep":"","tlshash":"ad21ee05ecea3879092732079799a24fb0f950efb400d46735de5b692fc201808b7afb","size":1235,"data":"","first_seen":"2026-04-07T13:55:08.105533Z","last_seen":"2026-04-07T13:55:56.657483Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"trusttrade.click/style.css","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 05 Apr 2026 18:16:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d2a6ee-1154f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70991,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d5e449ba615d769876868cd407bd35b7","sha1":"42962fdf80b603e87b744124ff7e993b2cbe01c8","sha256":"1562891de36ec18f623abcdbb31adb2e9d57b9a415af3b49df69e4d71027d6c6","sha512":"3551488e4f525d42442c79383907f555ad52427b5c7dad5d35489b472c8a3c6afe7b8bcd72a49fbf64cfe44db7a0b5d73103f0affff2fb6a5b5af503fc670440","ssdeep":"1536:ZLFsSOfphgPXZ73G1S0g5Yw9R0teiseFeDteLeUe4MCmV22e2ewBbbU:9Yw9GJ","tlshash":"55633018b6b2c9b67c33627c57eda2497329a04bc91dddea7ecc2121cf843b89dd1614","first_seen":"2026-04-07T13:55:08.09011Z","last_seen":"2026-04-07T13:55:56.651236Z","times_seen":2,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/img/logo-ico.svg","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /img/logo-ico.svg HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 05 Apr 2026 17:16:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d298ef-404\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1028,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03390f6b52a93e7a707e83d33352bad8","sha1":"179cfdf8268450b82f367550121bdc70d7c59e13","sha256":"6ed2418180f94d44ae2c8757b125715e8ef13afeb5c35949601f0ad87bfaa301","sha512":"5f489d7b12d7441b99f055d13c5dda96c709916461fd4be6443ce5aa0420a73c49f78e935f46b073b51b14ae5a17c60e05ba514a9b02aebed6f7dbc340ba2c26","ssdeep":"","tlshash":"28115773c1c8ea3f9639865cd418c491d966a09fa681c195b25cab1f0f302824d4fb24","first_seen":"2026-04-07T13:55:08.092647Z","last_seen":"2026-04-07T13:55:56.651992Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-icons-png.flaticon.com/512/744/744480.png","fqdn":"cdn-icons-png.flaticon.com","domain":"flaticon.com","tld":"com"},"ip":{"addr":"2.23.13.67","port":443,"asn":20940,"as":"Akamai International B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.flaticon.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 08:12:21 GMT","end":"Mon, 22 Jun 2026 08:12:20 GMT"},"fingerprint":{"sha1":"7D:5C:E8:83:7B:4B:E7:2D:D8:5A:4B:01:F0:D9:FB:4B:C8:E1:E4:A0","sha256":"1A:42:BD:FA:DD:C2:87:9C:97:CA:36:F8:07:8E:61:64:6F:C7:DE:57:45:E6:28:14:06:C6:33:9E:C7:89:7C:B3"}}},"request":{"raw":"GET /512/744/744480.png HTTP/1.1\r\nHost: cdn-icons-png.flaticon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 36031\r\netag: \"c1b354ab71835e6b9fc1e8f788401219\"\r\nlast-modified: Wed, 16 Apr 2025 12:56:07 GMT\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 13:54:41 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1775570081683_35065151_192315592_70_1591_0_16_11\";dur=1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=31536000\r\nx-default-rule: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36031,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"c1b354ab71835e6b9fc1e8f788401219","sha1":"72eab13c77863981f06516d33677bc69c9cfe278","sha256":"f346a77cc456ad1a4a4af3e42b591989b42fae514d5ec7e48a9bd228776b221e","sha512":"3d42ae4bff8d560e1ef1e3b865bfe39dd0ff8f0d718ea519e177b2fc413da1af27d139e3df7c852ca2230bdd02fcf6835287af868f71a85e805ace96b6b6bf0f","ssdeep":"768:ls2So1JMYpx4b/uoXYOErh1vheKUaPLpUv4JtAnh0so1Mn:q2xuYz4LupOEcPaPLpUvWSnhc1Mn","tlshash":"cef202e155ee8caaff87d442bda1f161375c28d114ae1a112a408cd78c60d6dfb0bf2a","first_seen":"2026-04-07T13:55:08.09433Z","last_seen":"2026-04-07T13:55:56.653396Z","times_seen":2,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":61,"dns":53,"connect":1,"send":0,"wait":6,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/img/logo-globe.png","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /img/logo-globe.png HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 42863\r\nlast-modified: Sun, 05 Apr 2026 18:17:48 GMT\r\netag: \"69d2a74c-a76f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42863,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 648 x 385, 8-bit colormap, non-interlaced","md5":"5e5687f1d3c576d37bfbe774bd0ee87b","sha1":"3089981f1bacf23a919bd3dff1b118dee3a928c6","sha256":"e39090c63401ca72d2c425dbec8ba4dbdec8613d8af34da468c8689964e13ad4","sha512":"3840436e77416ad0a0df3432fed152ec004ef19593453772bb3daf674ea58b3618461b215a07279a3cc42ab97062588701f6ebb3d454576a9a18f0f3ee5684b1","ssdeep":"768:hYi+dnzgBRWV1zVsLwQ3JprchnUaLY0S9YAO4GhyPZa00tX4UQuQ:yi+R4+GLBJBK7kMhyBa0gQ","tlshash":"f21302c976b4a4d93d424559b1903dce63e6ce42109293d24a83307756f6faabf8e0e3","first_seen":"2026-02-03T01:05:00.394023Z","last_seen":"2026-04-07T13:55:56.648392Z","times_seen":4,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/img/logo-big.svg","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /img/logo-big.svg HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 05 Apr 2026 17:17:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d2992d-b68\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2920,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"651b0889cf02c72b8a669ea6dd97f04d","sha1":"1fa615a2071c7d9c4c404aa03a7435bb1463ad3b","sha256":"95ac4202bd3ba996a2cfc6eb4285db2ad93d45d3c939a09a34f5aef3f55cd162","sha512":"61d4af8384926ac7bf2475c864ffa5607cd0cf6fc3328df57ed153ed3eb4dcacdd373cb547706e7f19e2dfd5865e3480d30f594815dd2a195abe37bf81635ac9","ssdeep":"","tlshash":"3d51649a37d49593ee54c77eaa07d4be2113a2ff6645c350d790bf0e281852a2c1dfc4","first_seen":"2026-02-03T01:05:00.367044Z","last_seen":"2026-04-07T20:18:27.039957Z","times_seen":10,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upload.wikimedia.org/wikipedia/commons/thumb/f/f3/Flag_of_Russia.svg/250px-Flag_of_Russia.svg.png","fqdn":"upload.wikimedia.org","domain":"wikimedia.org","tld":"org"},"ip":{"addr":"185.15.58.240","port":443,"asn":14907,"as":"WIKIMEDIA","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.wikimedia.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Feb 2026 06:44:51 GMT","end":"Wed, 13 May 2026 06:44:50 GMT"},"fingerprint":{"sha1":"88:E4:43:3F:CC:87:1D:73:6E:F1:49:80:44:76:A9:8C:17:D8:DC:40","sha256":"59:E3:D6:A8:2D:49:87:A7:F3:1E:35:0E:3A:0F:77:A1:0B:7D:32:09:4C:1F:9F:2D:5D:0F:42:89:16:CB:BF:08"}}},"request":{"raw":"GET /wikipedia/commons/thumb/f/f3/Flag_of_Russia.svg/250px-Flag_of_Russia.svg.png HTTP/1.1\r\nHost: upload.wikimedia.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 13:30:50 GMT\r\netag: a223550b119986b732d2c8d134080df4\r\nserver: ATS/9.2.11\r\ncontent-type: image/webp\r\ncontent-disposition: inline;filename*=UTF-8''Flag_of_Russia.svg.webp\r\nlast-modified: Sat, 20 Sep 2025 16:14:45 GMT\r\ncontent-length: 106\r\nage: 1431\r\naccept-ranges: bytes\r\nx-cache: cp6003 hit, cp6007 hit/46\r\nx-cache-status: hit-front\r\nserver-timing: cache;desc=\"hit-front\", host;desc=\"cp6007\"\r\nstrict-transport-security: max-age=106384710; includeSubDomains; preload\r\nreport-to: { \"group\": \"wm_nel\", \"max_age\": 604800, \"endpoints\": [{ \"url\": \"https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error\u0026schema_uri=/w3c/reportingapi/network_error/1.0.0\" }] }\r\nnel: { \"report_to\": \"wm_nel\", \"max_age\": 604800, \"failure_fraction\": 0.05, \"success_fraction\": 0.0}\r\nx-client-ip: 91.90.42.154\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache\r\ntiming-allow-origin: *\r\nset-cookie: WMF-Uniq=nuLk3SJ-LzYx-LDX55tr5QM7AAAAAFvdG8Vb0sF061JTnLjPTdCCNnxH947zh7RM;Domain=upload.wikimedia.org;Path=/;HttpOnly;secure;SameSite=None;Expires=Wed, 07 Apr 2027 00:00:00 GMT\r\nx-request-id: 01ac01ac-265e-4514-b813-abc3a3bce1ee\r\nx-analytics: \r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache Traffic Server:9.2.11","description":"Apache Traffic Server is an open-source caching and proxying server that serves as an HTTP/1.1 and HTTP/2 reverse proxy with caching capabilities, load balancing, request routing, SSL termination, and support for advanced HTTP features.","website":"https://trafficserver.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*","icon":"Apache Traffic Server.svg","categories":["Web servers"]}],"data":{"size":106,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a223550b119986b732d2c8d134080df4","sha1":"68bf178ded653d1b2671972688ae49318e69ed3f","sha256":"bf7fbf191bea62cbf4ad4fb31631bf3fa75ea05af5fab02fed2c3aa0080a60a6","sha512":"03d75414f96bcf513873dee570de9c0df4c49133d050e36870af85e3a8948b509e4ebb3c46a49110b585dba2c503916888b6562fbeee83bdc6ecdc15f54c6e0c","ssdeep":"","tlshash":"12b01215c802a22a554c655307c75f24012400629178d9f164b32e707454a821270a0c","first_seen":"2025-09-23T14:41:15.721881Z","last_seen":"2026-04-07T13:55:56.65267Z","times_seen":36,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":73,"dns":2,"connect":35,"send":0,"wait":38,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.aufkleberdealer.de/media/image/news/3/md/neue-zahlungsarten----apple-pay-und-google-pay-bei-aufkleberdealer-de.png","fqdn":"www.aufkleberdealer.de","domain":"aufkleberdealer.de","tld":"de"},"ip":{"addr":"87.118.118.155","port":443,"asn":31103,"as":"Keyweb AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aufkleberdealer.de","organization":"SEMPE GmbH"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 29 Sep 2025 09:24:05 GMT","end":"Sat, 31 Oct 2026 09:24:04 GMT"},"fingerprint":{"sha1":"93:2A:AF:7B:96:23:66:BF:B8:59:18:D0:41:CE:77:75:9F:A2:85:31","sha256":"83:82:F0:8D:F2:CF:69:84:93:42:1B:F0:3F:ED:52:4B:A3:29:B7:69:78:8D:0A:A1:D6:5E:FA:72:5F:1A:A8:10"}}},"request":{"raw":"GET /media/image/news/3/md/neue-zahlungsarten----apple-pay-und-google-pay-bei-aufkleberdealer-de.png HTTP/1.1\r\nHost: www.aufkleberdealer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 12 Sep 2025 08:10:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3050\r\ncache-control: max-age=15552000\r\nexpires: Sun, 04 Oct 2026 13:54:41 GMT\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\ndate: Tue, 07 Apr 2026 13:54:41 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3050,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 484, 2-bit colormap, non-interlaced","md5":"3428ad95be15d189106024ebf5f25f0b","sha1":"fb398235044dd6ee21e45c3e18840b160bd1ae74","sha256":"354d4dbfbca2846cbd260694ed0700e1809d3384a7fc6e700d96315e8048d9c5","sha512":"d178445e8796020e19a2a8499506e75bb311638ffada6ffed7d09404fabd5d7d7258a207c576b4bb0cd5561c0bdca08158465cdb1c9999abc03c8074c7854ef2","ssdeep":"","tlshash":"71515ddb0fa57b583cc80269243f8112d6e702169ef344bb6b06d11e6868f83d8c6c7b","first_seen":"2026-04-07T13:55:08.099408Z","last_seen":"2026-04-07T13:55:56.653944Z","times_seen":2,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":208,"dns":107,"connect":42,"send":0,"wait":44,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/img/tether.png","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /img/tether.png HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 4885\r\nlast-modified: Sun, 05 Apr 2026 18:04:36 GMT\r\netag: \"69d2a434-1315\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 148 x 140, 8-bit colormap, non-interlaced","md5":"b2a09e3d5e6c1e0178d2d1a125a93258","sha1":"d58c53ed717fac90bdd99900ed27b1d408cb5aa4","sha256":"c757a76933eecb12b5f27eaa4e7db2b64e1fa7f1310a3ba36a58d4471ace6e44","sha512":"fcc5f83e508723fb9f281b2c9383645540080b0806a0ce58c54a7c7a24c1ec61b8a1e9b5e840ea1c1aa144446cfcc1a615df02decf10e9d7391a070958d8752f","ssdeep":"96:/0suu81Ha/LC5cmdGuR9tewe6pIgrk4dC1J6NrPtSXf9xSs2lWPOSwm:Nh8Ba60kFRIak448CXj+2lwm","tlshash":"46a19f93674a09b41ad867c37f404b5347ac8b5df1b463b73e40c8a8de834796e054e3","first_seen":"2026-02-03T01:05:00.399251Z","last_seen":"2026-04-07T13:55:56.649787Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/favicon.ico","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trusttrade.click/","date":"2026-04-07T13:54:41.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trusttrade.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":355,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-04-12T22:32:17.57469Z","times_seen":27722,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusttrade.click/","fqdn":"trusttrade.click","domain":"trusttrade.click","tld":"click"},"ip":{"addr":"193.124.46.150","port":443,"asn":26383,"as":"ASNET","country":"Türkiye","country_code":"TR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T13:54:40.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trusttrade.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 17:59:43 GMT","end":"Sat, 04 Jul 2026 17:59:42 GMT"},"fingerprint":{"sha1":"5D:A6:B2:A3:73:CA:FA:84:90:63:8E:A2:32:EE:1C:C0:08:18:32:B3","sha256":"6D:CE:80:BF:65:99:9B:4D:B2:E3:9A:3E:78:DF:85:80:53:CA:72:80:1C:8C:C7:F5:31:E3:6B:67:53:43:94:B8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trusttrade.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 13:53:37 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 05 Apr 2026 19:34:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d2b94a-14f03\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85763,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1113)","md5":"20333054b4afe025efbf638a7b47150c","sha1":"67d30478a0130a7b4de99840ac26b92e2c2db74a","sha256":"317336364a3dbad9798e575ababf5f2241ebebb2e87d3dfc08b07e580430dca2","sha512":"7384862085a1a0c96c09c9e0b95bce5ff453e71e5f6f5feecaaae0b424cac7f41180f808913a1490917d2f6f8d4e2c974450cbeae2db4dc8a358943002d07659","ssdeep":"1536:mD9S+jNGUxkFiJ/SXaXhXv8uSp35tFw25N:E7KikXaXhXvBSDtXN","tlshash":"5183fa310be016ee014ba2a9f755b719be6adc27eaa7c54772dc01253fc7c40ca93798","first_seen":"2026-04-07T13:55:08.10275Z","last_seen":"2026-04-07T13:55:56.650496Z","times_seen":2,"resource_available":true,"data":null}},"time_used":783,"timings":{"blocked":324,"dns":183,"connect":65,"send":0,"wait":131,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-07","alert":"Detects file containing Telegram Bot API","trigger":"trusttrade.click/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}}]}