{"report_id":"d6405bcf-b3c5-440d-97fb-8eeab7400711","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-02-11T16:26:50Z","url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":0,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"title":"Vite + React","dom":{"size":2376,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1055), with CRLF, LF line terminators","md5":"be40f46dacaf744296441590dae1cd72","sha1":"e0653d7d08bd7c8a92c2ece24936618d827f14a5","sha256":"4c2497fdac8e0209537922c00c2a0f032803402eb6507524c9289251938798b8","sha512":"ad5ab376f39f901620129525b3287c01770894c1ba08fb2bf4dda7a817b45de1a76753b9ec3e77b7626d32cd297f9de028d644591a9dfc4f85ed28a21b2210cd","ssdeep":"","tlshash":"314121b4519a063b624f89c4ba61de9df8c1a308c22ae40976fd13972bc6dc14de616c","dom_hash":"domhash9ff8cb2bcf202c6580e048af4079fc85","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":0,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-18T16:26:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-11","alert":"Detects file containing Telegram Bot API","trigger":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"trustwallet.case.user.id512c6s4.vorba.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2009-07-15","domain_rank":0,"first_seen":"2026-02-11T15:15:26.769339Z","last_seen":"2026-02-11T15:15:26.769339Z","alert_count":2,"request_count":15,"received_data":286656,"sent_data":7327,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"md5":"a8c8a1fbf70d06cd049b1dd05aaeb37f","sha1":"584f2ff1ee2a7a5da08829a7727d119a61396ae6","sha256":"ec11844268ee823c0d9b2f52222ba74276c80ddb5ddd172689c35222c8a748d5","sha512":"8620dd815f4e3fffc2082d4352be25c037d5574cc1ccd111da0b43b6b1665953f2cd5dc5faef175e3937c437f9f6ee0e6c49f3fa26278d2d630aec330b7fecb2","size":195619,"token":"5969015736:AAFYgTvH6sogfEA4vdNl_Z2tpYKfrJbkCDQ","is_revoked":false,"bot":{"token":"5969015736:AAFYgTvH6sogfEA4vdNl_Z2tpYKfrJbkCDQ","user_id":"5969015736","username":"forlifeali_bot","first_name":"FORLIFE","last_name":"","chat":{"chat_id":"991558559","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":3}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8c8a1fbf70d06cd049b1dd05aaeb37f","sha1":"584f2ff1ee2a7a5da08829a7727d119a61396ae6","sha256":"ec11844268ee823c0d9b2f52222ba74276c80ddb5ddd172689c35222c8a748d5","sha512":"8620dd815f4e3fffc2082d4352be25c037d5574cc1ccd111da0b43b6b1665953f2cd5dc5faef175e3937c437f9f6ee0e6c49f3fa26278d2d630aec330b7fecb2","ssdeep":"3072:BMkfvxYs8lpq/v/g2N6dVstjqnqFz2kRpJydKp:BrGpA/gqjVB2kt","tlshash":"16144bec31aeb976abf702f510af0507723c1817680c4461e125fdaa76b9545a0bbfec","size":195619,"data":"","first_seen":"2026-02-11T15:15:29.845717Z","last_seen":"2026-02-11T16:26:51.833685Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-11","alert":"Detects file containing Telegram Bot API","trigger":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/mainlogo.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /mainlogo.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/KYC.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /KYC.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42598\r\ncontent-type: image/png\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":42598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 392 x 346, 8-bit/color RGBA, non-interlaced","md5":"e9e7104a3e47ceade30ef35508c471b3","sha1":"1c7df019a12b72f299f7d0aefffe28a4807c0938","sha256":"d6276144b414e9019ff29fb407a64f00012f7e0b739bbba9faa27d1efe075a1c","sha512":"29d03689bd48a6b58a62c84b9acc48b484e631b56aecc63a47daf6a0bd916afb3c289fc49896e10f5a84a38ec0f8ce38937a29f983ad55750c10e99175f1adc5","ssdeep":"768:2hDVQRQOz5zjv25mzLn7lfSDY3/9lpDBfIODo5Ul9VJxdPIk:2hD1y5zjv2w1t1/FZJvd","tlshash":"9413f2f66cb1a42a846e41477e870bd36ad9e38c7884742c8de6c9980fd1dcf53bd690","first_seen":"2026-02-11T15:15:29.853937Z","last_seen":"2026-02-11T16:26:51.823117Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/extension.svg","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /extension.svg HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\ncontent-length: 12624\r\ncontent-type: image/svg+xml\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18510,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad9a2a692fc315dafc0a019b4e7e20c8","sha1":"db353b0f16366fabb1eae581b89415d6e6593a05","sha256":"5b8b179f8aba547e2630a077505802ce1227e891bc8de8ef738c2fe20ef12c52","sha512":"8542e3ec6236960c06d149ee26da967a0665d70d4acd6d78a312a887068bf37754a98deb03c794884b3c190e1aa4c68eadea9e974a2414dad45eeb66cc7bd956","ssdeep":"384:Mxrkp7KPYsKVB/WdMGT6QU2PiO5x/W5kYb1DMA:TKPr+YMG+R2qy/W5Lbj","tlshash":"fb82aeb99048f45f9d06036162e8a850be1be17de39dd95bce4c23c0a1a57d2f8377b8","first_seen":"2026-02-11T15:15:29.849973Z","last_seen":"2026-02-11T16:26:51.825Z","times_seen":2,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/minilogo.svg","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /minilogo.svg HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\ncontent-length: 391\r\ncontent-type: image/svg+xml\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":719,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"090322b8ac3beda7b6d37bda60a4a43b","sha1":"2aa346708f60d065474426d3797bc3993a6f344e","sha256":"3e359f4cc67faa849088166283a1edf5e132e3a84fd7cb5e954457447463e19c","sha512":"6f597daf7a203713b249fc0657233e4cab55dac8188798494738ed2df828c28ff4c897c6c7440d3d4e25ff7342d4e6ab12b5cb42f796c5a1ef8ba93d81f69961","ssdeep":"","tlshash":"f701700ba1a6de3f951ec78c9958a47410be21dfbfc8c251e5f04f6f65146c22815798","first_seen":"2026-02-11T15:15:29.842804Z","last_seen":"2026-02-11T16:26:51.826886Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/pin.svg","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /pin.svg HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\ncontent-length: 902\r\ncontent-type: image/svg+xml\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1823,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e3999ad0e1de7c4fdcc9af24da874d16","sha1":"22aa4dc1c5872e3aacdadf75cd3b3b015f446d68","sha256":"19f444d10ede958a001ebe18bf3fa2b3ef77e4b4e36918a5975a9c04fc68f5ba","sha512":"037e0aed1c37e0d90a13250a87708c336dfdfcc0798f6a06f8430706f94f28d9d0b2084b0be2463be1a5442b00a37783ddddfa92484b9ca861243b1d892b3553","ssdeep":"","tlshash":"1d31dc81936da7bcf011817540df70367e6a5cda3a71c825a1811e23dce648d797b87f","first_seen":"2026-02-11T15:15:29.84087Z","last_seen":"2026-02-11T16:26:51.828676Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/dots.svg","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /dots.svg HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\ncontent-length: 195\r\ncontent-type: image/svg+xml\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":232,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7d3e01be15d21ab2efa51f95e8030117","sha1":"b1be1766b0a38a3e41d7ac3fa237654a3a37f4f5","sha256":"edd02a9da80b224f32d9a7c9b8ccb79d008250559f99183183b876d0adf00b9d","sha512":"e7007ee20c0ddf700a85d64cedffde22694f046b9e5db5a45900a3cd3711259ff6be73534de986f2bae4e40a7f68beea64d06da4035b79c7df86d30397ee4e17","ssdeep":"","tlshash":"34d097a05c0c9a080a18023dc63cb1e13029207c828c008db34010906018aaa1819258","first_seen":"2026-02-11T15:15:29.84872Z","last_seen":"2026-02-11T16:26:51.830294Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T16:26:29.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 310\r\ncontent-type: text/html\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":459,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"c8e329b30e192f4c8762d484f9f4cbb7","sha1":"c8b59c4607d936ef23772458c22104740c74adf8","sha256":"600aa572a288d1166c792127267e502c8a77c0db0f55ee0f78f012502de95a4a","sha512":"be5b2d0d1eafb692ef18bf3052f75c1de181606ebd181646bb8d8fe848428cefc4e7806e30044669e558d31d1e25ca634738f268c2f317e157ba8b0a0a7161b6","ssdeep":"","tlshash":"e2f05c42d8e0890543300ba56ec1f504af82e78b8389ad0426af60bd1fc47c2cedf4bc","first_seen":"2026-02-11T15:15:29.851137Z","last_seen":"2026-02-11T16:26:51.832022Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":448,"dns":65,"connect":126,"send":0,"wait":133,"receive":0,"ssl":256},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /assets/index-CfGMC-6F.js HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":195619,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37527)","md5":"a8c8a1fbf70d06cd049b1dd05aaeb37f","sha1":"584f2ff1ee2a7a5da08829a7727d119a61396ae6","sha256":"ec11844268ee823c0d9b2f52222ba74276c80ddb5ddd172689c35222c8a748d5","sha512":"8620dd815f4e3fffc2082d4352be25c037d5574cc1ccd111da0b43b6b1665953f2cd5dc5faef175e3937c437f9f6ee0e6c49f3fa26278d2d630aec330b7fecb2","ssdeep":"3072:BMkfvxYs8lpq/v/g2N6dVstjqnqFz2kRpJydKp:BrGpA/gqjVB2kt","tlshash":"16144bec31aeb976abf702f510af0507723c1817680c4461e125fdaa76b9545a0bbfec","first_seen":"2026-02-11T15:15:29.845717Z","last_seen":"2026-02-11T16:26:51.833685Z","times_seen":2,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-11","alert":"Detects file containing Telegram Bot API","trigger":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-CfGMC-6F.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/web.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /web.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/assets/index-C5wXCWd3.css","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /assets/index-C5wXCWd3.css HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 3817\r\ncontent-type: text/css\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11804,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11803)","md5":"0b1dbffedcd52e5954ef7ccb00797b49","sha1":"3baedb5c0204870b0f3d7b9237ee4f227bd56c12","sha256":"0d2ed5fae388b24fc0a6a295075e87905a7bf23747619b6ed8f2d3358a1b28b9","sha512":"d9c421618709448e2ff734a91fd0df6ab8dee53124a64f6feb2b7e5e19e19985a8b31fd400aa69afcb5980409ae12b150b458f7831fba065db179f708ea2736a","ssdeep":"192:vxwiW9JyQ9Jy7y+uC0VdWcaYl+1TGEJBzavu:5wFzATGr2","tlshash":"0d32777e2e10143a6c6684f6d5e4ba99710671d1ef3ad7fafd831901abc63e21cd2608","first_seen":"2026-02-11T15:15:29.852183Z","last_seen":"2026-02-11T16:26:51.835433Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/KYC.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /KYC.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/mainlogo.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /mainlogo.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9735\r\ncontent-type: image/png\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":9735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 418 x 142, 8-bit/color RGBA, non-interlaced","md5":"4adc39f19fc7893b91ece2333ef0e8d1","sha1":"4a8427d5325716485b6d1c8f7f8deb3a8793dc7f","sha256":"9cd660b1be342321ebe63d24c9c67b9e94c0457a49f6fcfba9cdefd29dda1360","sha512":"4a5ee841001388cc9d0df8b682ac754122d04566e033f61b3b18b32ef9e02d6c38a0b4a7dd66a8abbbfada7a3d59a61f7b4f731f15124e3eae301db3a9997835","ssdeep":"192:YR8MRpYBuXrdRI0MN+DCA/0unoM56/uW0szrBTIRH+TdoSD1izRcozGD:YR8MRiU7diN+//ZohP0s2ATd11nozGD","tlshash":"fa127ef2490f8f8c0a27449cf5e1d1643aeb7d90b4a394ddbe1f5228b267518f68a325","first_seen":"2026-02-11T15:15:29.846907Z","last_seen":"2026-02-11T16:26:51.837653Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/web.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /web.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 399\r\ncontent-type: image/png\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 31, 8-bit/color RGBA, non-interlaced","md5":"1c0983e5c75394d31fd42c2a4340e126","sha1":"1eb8aa0c33f1618346b6ec65997fccc71f108ff4","sha256":"31e607d13ecacd849c1003c0795006dff9b3c794fdd9e635b2e80e68dad1eccb","sha512":"3fb9232636130fa9b745ac308ec04ae1f013fb638572dcf640909b391516eb9f328afa1d4824fb530e02c770ffae717cfdc4faaf9a0c8175692080aa889946b4","ssdeep":"","tlshash":"41e0abe9d7e869fc5a9403a1e9280255ba35430da40909b60a91286dbcea8e96a0429f","first_seen":"2026-02-11T15:15:29.856345Z","last_seen":"2026-02-11T16:26:51.838998Z","times_seen":2,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/mobile.png","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:30.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /mobile.png HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 345\r\ncontent-type: image/png\r\ndate: Wed, 11 Feb 2026 16:26:30 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":345,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 38, 8-bit/color RGBA, non-interlaced","md5":"9aa5a19f4ad60995e06565b7aed02964","sha1":"9346969f6a668857af3e31e7f90e057d01e4e105","sha256":"cfdd7b9a2d6cb71010d712397ef9bd58c6b0952becb0725d6b34ed915d2aec5e","sha512":"71683de7aea602a080c60c26095a35ff06ab8856170582f39202e5b056a37d5640164948c5a97e86cfd261e0f76510561986ed018fbf0e759b311db50e09e0eb","ssdeep":"","tlshash":"73e0c0a763142cffcb6686656ba840bcc4a641b1806db71b700ca93cc141ac81648154","first_seen":"2026-02-11T15:15:29.857654Z","last_seen":"2026-02-11T16:26:51.840379Z","times_seen":2,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustwallet.case.user.id512c6s4.vorba.org/vite.svg","fqdn":"trustwallet.case.user.id512c6s4.vorba.org","domain":"vorba.org","tld":"org"},"ip":{"addr":"200.69.17.201","port":443,"asn":40092,"as":"ONIAAS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trustwallet.case.user.id512c6s4.vorba.org/","date":"2026-02-11T16:26:31.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.trustwallet.case.user.id512c6s4.vorba.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 23 Jan 2026 19:57:08 GMT","end":"Thu, 23 Apr 2026 19:57:07 GMT"},"fingerprint":{"sha1":"58:42:F9:8E:7B:89:F4:25:39:7F:A1:30:1D:59:77:A4:DD:57:30:8E","sha256":"08:A3:96:FE:EC:CE:13:38:48:F6:EA:41:15:60:21:7D:EE:B3:4B:D7:BD:DF:90:13:EC:50:FC:AF:8E:F8:0E:9E"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: trustwallet.case.user.id512c6s4.vorba.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trustwallet.case.user.id512c6s4.vorba.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Sep 2025 20:52:42 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: br\r\ncontent-length: 836\r\ncontent-type: image/svg+xml\r\ndate: Wed, 11 Feb 2026 16:26:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1501,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8b57261f10144bcc0324bd4d83a4cd52","sha1":"3c2ee1e442a320a09a162c9032a6b6d2cb2b3048","sha256":"888027e4a9e3f46474677351ec35daed244ad56200dc1203b7d263832152e64d","sha512":"4e1a63f711834488017315dedab1c34837e0ceeac1e770ffd3ebd3a548a299a448ea47abe6e61e2a74b52572cd93ebad9ac9493e2ee8a19e042837fb18f580ad","ssdeep":"","tlshash":"6b31451fda7fd8fec0a6cb48ea12b047562c30d95e41c5b4d9846f0e64a15f17c0aa64","first_seen":"2024-09-19T20:56:36.522416Z","last_seen":"2026-05-15T06:53:02.21197Z","times_seen":6,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}