Report Overview
Visitedpublic
2026-04-04 18:16:50
Tags
Submit Tags
URL
r.gettrustpayment.live
Finishing URL
r.gettrustpayment.live/
IP / ASN
185.246.190.216
Title
Trust Wallet
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
2
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2026-03-29 | 1.1 kB | 88 kB |  172.217.19.227 | |
r.gettrustpayment.live 2 alert(s) on this Host | unknown | unknown | No data | No data | 5.0 kB | 4.0 MB | 185.246.190.216 |          |
cdn.jsdelivr.net | 1678 | 2012-05-16 | 2012-09-30 | 2026-03-29 | 1.8 kB | 2.3 MB | 151.101.1.229 | |
code.jquery.com | 4915 | 2005-12-10 | 2012-05-21 | 2026-03-29 | 870 B | 147 kB | 151.101.66.137 |  |
rpc.ankr.com | 541361 | 2007-04-23 | 2021-10-24 | 2026-04-02 | 1.2 kB | 1.4 kB |  173.244.207.30 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2026-03-29 | 955 B | 26 kB | 142.251.38.106 | |
unpkg.com | 1093 | 2016-01-06 | 2016-01-07 | 2026-03-29 | 434 B | 32 kB |  104.18.0.22 |   |
jQuery:3.6.3 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.Ubuntu (Operating systems)
Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.Nginx:1.24.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Express (Web frameworks, Web servers)
Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.SweetAlert2:11 (JavaScript libraries)
SweetAlert2 is a JavaScript library that provides customisable, visually appealing, and responsive alert and modal dialog boxes for web applications.Node.js (Programming languages)
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.Axios:1.2.2 (JavaScript libraries)
Promise based HTTP client for the browser and node.jsUnpkg (CDN)
Unpkg is a content delivery network for everything on npm.jQuery CDN (CDN)
jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.Varnish (Caching)
Varnish is a reverse caching proxy.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Fly.io (PaaS)
Fly is a platform for running full stack apps and databases.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 173.244.207.30 | ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com) | |
| low | Client IP | 173.244.207.30 | ET INFO Observed Smart Chain Domain in TLS SNI (rpc .ankr .com) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | r.gettrustpayment.live/scripts/main.js | malware | Detects file containing Telegram Bot API |
JavaScript (14)
No JavaScripts
HTTP Transactions (24)
| URL | IP | Response | Size |
|---|