{"report_id":"23b9516e-d94d-46bd-937d-4b2d036de456","version":6,"status":"done","tags":[],"date":"2026-03-24T01:27:49Z","url":{"schema":"https","addr":"trust-pay.icu/","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"trust-pay.icu/","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"title":"Trust Pay – Secure Virtual Cards for Global Subscriptions","dom":{"size":20699,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1212)","md5":"f98e1506da5ed456fdfcd5f2e3e50fa0","sha1":"1d51a6a0e003aeb589443bf6450ab2960ddb647d","sha256":"870b33887f41565cad4fecbcbfab966c611fb95689c927c94ea3ae144f716d5c","sha512":"975c7c3f9c89d2703be6bf7c61d84ced4d18191a9d518eac7ce026aec616765b8a74348ad1049dede5946153432971c0162726a6060dc44b0292a968bb48f244","ssdeep":"384:7OOhWGWxgm+5t+CMShj/H+kQUWcUwYCPm0pi:7OOhtWSm+L+CMQ/H+pdcUSmd","tlshash":"5892003191f8253a818b83c9db21337b36b6a18bda4f125475ac17949fd3ec6dc231ad","dom_hash":"domhash2847eb51ff62ec64daf1f62c31f78167","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trust-pay.icu/","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-28T01:27:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-24T01:27:27Z","timestamp":1774315647,"ip_dst":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35522,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-03-24T01:27:27.786885+0000\",\"flow_id\":111823374243359,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":35522,\"dest_ip\":\"104.21.45.125\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"trust-pay.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":915,\"bytes_toclient\":2681,\"start\":\"2026-03-24T01:27:27.775711+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ext.same-assets.com","ip":{"addr":"104.21.18.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-13","domain_rank":0,"first_seen":"2025-03-18T08:10:55.085553Z","last_seen":"2026-03-18T14:18:01.798046Z","alert_count":0,"request_count":1,"received_data":638115,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-03-22T22:41:55.494839Z","alert_count":0,"request_count":1,"received_data":31542,"sent_data":504,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-22T22:16:16.728956Z","alert_count":0,"request_count":5,"received_data":246830,"sent_data":2765,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-22T22:20:05.651051Z","alert_count":0,"request_count":1,"received_data":13321,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"trust-pay.icu","ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-14","domain_rank":0,"first_seen":"2026-03-24T01:27:50.724397Z","last_seen":"2026-03-24T01:27:50.724397Z","alert_count":5,"request_count":5,"received_data":39823,"sent_data":2477,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trust-pay.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-23T07:11:11.608437Z","times_seen":310706,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-23T07:16:11.894127Z","times_seen":46889,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-pay.icu/","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8ca4fd49be0bf48ed66c46d2f70c1f1","sha1":"67499314c0eb2955f0f904441c3bf738c1487971","sha256":"29bd6697b6127b9a0fb73a04060b75650e0363dcc0e8275214f4b569c1edee77","sha512":"2a9fd5d5103db39323821e3fb93a8e4140545e6c8158e147bc849af5f811d6046b7e85ba6d8581fa7251d3c5d21eb6dfdaf61c8271537cfa87ea05101e667eb7","ssdeep":"","tlshash":"4ed05e200121547600f785d6c68baf8139070043504590933a1cce1a3f807e3da705d4","size":253,"data":"","first_seen":"2026-03-23T20:32:02.633404Z","last_seen":"2026-03-24T01:27:54.003587Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"trust-pay.icu/","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T01:27:27.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trust-pay.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 17:32:59 GMT","end":"Fri, 12 Jun 2026 17:32:58 GMT"},"fingerprint":{"sha1":"A8:B6:C7:E6:BF:98:55:74:FE:C2:56:66:7C:CF:A3:B2:69:34:D4:FF","sha256":"D5:D4:CB:7D:2F:FE:6A:90:2C:FD:E0:A0:AF:79:84:14:36:F1:E7:ED:D2:E6:B6:2A:52:A0:86:6B:BB:EB:6A:EE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trust-pay.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: x0b00b4aeb6ced321=7f7cdd6a3fbbcc57; expires=Thu, 23 Apr 2026 01:27:28 GMT; Max-Age=2592000; path=/; domain=trust-pay.icu; secure; SameSite=None\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FmZQc%2BwXAilV1XgsN63POHfFxGMRqPxTdi9j9%2BEV2DHArTaGh%2FRtOxsOGQ2NCdu%2F68jGBdsljowvs0mL6na3ByCbg91%2B55rApq2OaGc%3D\"}]}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e11e4bebfef2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20508,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1182)","md5":"9386c9f5f225dbd6259d51fdaa5e5762","sha1":"4ed9cf7a6934290afcfc289879ca404efcb87e6d","sha256":"a4db8e1c22e360e9d84934b93b52509bc7b7124f55504b83c7b56dece23a614c","sha512":"5796b9f5c337f06590eb3a81a3ef0a88ca37dc1d0856f9bcd23e70e202ae5b48be75447d68c6681812fe23668355d93f0cddc4d2c0dd01b6b6720eed5eb553b6","ssdeep":"384:XOOhVCxgv3w6BCQ92j/HX1Q7WcNs7n+KKRz0Q:XOOhQSv37BCQ0/HXCScNNzx","tlshash":"a492103691a8253a818782d9ab2133bf36b6a14bda0f011476ec57589fd7ec7dc3316c","first_seen":"2026-03-24T01:27:53.986878Z","last_seen":"2026-03-24T01:27:53.986878Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1564,"timings":{"blocked":73,"dns":59,"connect":2,"send":0,"wait":1413,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-pay.icu/src/styles.css","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trust-pay.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 17:32:59 GMT","end":"Fri, 12 Jun 2026 17:32:58 GMT"},"fingerprint":{"sha1":"A8:B6:C7:E6:BF:98:55:74:FE:C2:56:66:7C:CF:A3:B2:69:34:D4:FF","sha256":"D5:D4:CB:7D:2F:FE:6A:90:2C:FD:E0:A0:AF:79:84:14:36:F1:E7:ED:D2:E6:B6:2A:52:A0:86:6B:BB:EB:6A:EE"}}},"request":{"raw":"GET /src/styles.css HTTP/1.1\r\nHost: trust-pay.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nCookie: x0b00b4aeb6ced321=7f7cdd6a3fbbcc57\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nlast-modified: Sat, 14 Mar 2026 18:46:24 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3900\r\ncontent-type: text/css\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=do5dYpEBn7WUd8yB6Kdhqg4agjhVfRMuIdsrFv2eT3zKzb6GKKhkvpp8A8LyMzLFDQhAv8NnmQU4RqMK6W4zNkleg4DHlCexw39JrjU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9e11e4c8cd8b5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13946,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"88209bc2c04bc4b6f86b9d8e4c61be25","sha1":"b58c9275f64a1ae680a352cd652941356e5bd767","sha256":"1c79b243648a459aa8b1576011ed60ab9246b1ef8bed35ee98bbc7b73434878f","sha512":"cbf93def8d107613049021d10b260825a0a4e721d16f80710284fd95eb0626806c72f78fadd997e501eb8fbd73e6fa430ca8ffeffaa7f17d9f0cfe633dd82a97","ssdeep":"192:Th8j0eyf9fkR3lM652LGHJeFhC0kBM5tI5tLlEm00boAEHYje2iYOarKlTS6zedq:Th8j7jHDsn7","tlshash":"cc52139656734a64791fa8259befeb45325cd083810ede797e8c624c8fc81eca172f4c","first_seen":"2026-03-23T20:32:02.631498Z","last_seen":"2026-03-24T01:27:53.989869Z","times_seen":2,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":478,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ext.same-assets.com/767329624/2887240684.png","fqdn":"ext.same-assets.com","domain":"same-assets.com","tld":"com"},"ip":{"addr":"104.21.18.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"86f3a1bf.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 04:00:10 GMT","end":"Sun, 31 May 2026 05:00:06 GMT"},"fingerprint":{"sha1":"CD:29:3C:1D:2C:AC:07:0C:04:1A:B1:2C:31:77:75:92:FB:4B:30:95","sha256":"77:0E:AC:22:3B:24:F9:A0:38:12:33:23:2A:AF:DB:B0:55:74:A2:0E:86:E5:22:4A:F7:32:98:A2:A9:63:2A:95"}}},"request":{"raw":"GET /767329624/2887240684.png HTTP/1.1\r\nHost: ext.same-assets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 637471\r\naccept-ranges: bytes\r\netag: \"4af06882004fe03b82b9a9750d7eac55\"\r\nlast-modified: Sat, 14 Mar 2026 18:25:14 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GMwNbyqY49wEJPwaity%2B5fksDqsoRSncIITRZXKakLoqsUmghy3YMu6o%2Bo4sT13ZUcxktqct%2FGQ3SGI%2Bs6Y3%2BoUau7kdRLthcXSyYRI5hgj%2FhEo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9e11e4c9187bb28a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":637471,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"4af06882004fe03b82b9a9750d7eac55","sha1":"eb541206136335be40985c31440b51867bd198b0","sha256":"eb269726e7ac9ee62b581158a247865e904c2908e267b145a263bb0a4b9d8b39","sha512":"f7a374d25eb50d633cf46f54e5baefa6ec844482c04bc59ed10aeef76931bfad6d0465445c3df95a7b5f7360a4087ef8e65ccb4a662d48e2e90d6e60f6264a0e","ssdeep":"12288:dwLpDK9k5u5qplue4hYFAc+O6KAhwtG08p2HwY3NLKpOABfe1:dwQk5upe4F86tgG1cHh4nle1","tlshash":"1ad4235d8203c211efc9b7a493ad054e32a19857c606b2d14532e6d4c8effaa9e8d3f5","first_seen":"2026-03-23T20:32:02.619374Z","last_seen":"2026-03-24T01:27:53.992055Z","times_seen":2,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":42,"dns":18,"connect":5,"send":0,"wait":192,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-pay.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trust-pay.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 17:32:59 GMT","end":"Fri, 12 Jun 2026 17:32:58 GMT"},"fingerprint":{"sha1":"A8:B6:C7:E6:BF:98:55:74:FE:C2:56:66:7C:CF:A3:B2:69:34:D4:FF","sha256":"D5:D4:CB:7D:2F:FE:6A:90:2C:FD:E0:A0:AF:79:84:14:36:F1:E7:ED:D2:E6:B6:2A:52:A0:86:6B:BB:EB:6A:EE"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: trust-pay.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nCookie: x0b00b4aeb6ced321=7f7cdd6a3fbbcc57\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 24 Mar 2026 02:15:29 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F7VLdBqjrpZHg6WsNmhVw9mlA0nQGan5Efudrqgzhrk%2Bku4FmHJoURw8cuwJzX13A05zPP56GNv9SRIvpvIl%2BroaZyB17dYr7Tc%2BHbM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\ncf-ray: 9e11e4c8cd935ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-23T07:11:11.608437Z","times_seen":310706,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 17 Feb 2026 14:29:28 GMT","end":"Mon, 18 May 2026 15:29:15 GMT"},"fingerprint":{"sha1":"8B:A9:51:50:78:B2:5E:75:31:54:23:BC:80:D6:CA:53:34:E5:CD:8F","sha256":"AF:D9:FB:4F:B0:E1:BD:80:DF:22:93:A7:4A:99:5B:50:0A:BE:47:59:37:98:C6:BF:C5:DF:8D:8F:F0:8D:FD:23"}}},"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9e11e4c909a31ae6-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-23T07:16:11.894127Z","times_seen":46889,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":26,"dns":1,"connect":4,"send":0,"wait":14,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 23 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26982\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T07:08:33.442356Z","times_seen":152815,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":65,"dns":1,"connect":21,"send":0,"wait":17,"receive":5,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 23 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26983\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T07:08:33.442356Z","times_seen":152815,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":150,"dns":2,"connect":8,"send":0,"wait":8,"receive":2,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 23 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26982\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T07:08:33.442356Z","times_seen":152815,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":70,"dns":0,"connect":25,"send":0,"wait":11,"receive":5,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 24 Mar 2026 01:27:29 GMT\r\ndate: Tue, 24 Mar 2026 01:27:29 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4b1d52c19ccef2398d1de007b3c9a55c","sha1":"c57fa2bcac927a7d60c526cb7ec2b6249019dfe7","sha256":"05f842619ec9f615de0b749034eadaea60e3554d798683fb01ee1eb27abd1e68","sha512":"9dfc4ab3832325eb1438bd85674e15ceb62771b94f06ea8e48a2e286453d571218df3f6727b8df4c1bdfa47218eb5fed0298601da289391a736a76a230d68c3b","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kCxHx:vXuM0p2+g7r","tlshash":"1e427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T22:54:08.549336Z","last_seen":"2026-04-23T06:47:31.570236Z","times_seen":4135,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":73,"dns":0,"connect":10,"send":0,"wait":20,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 23 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26982\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T07:08:33.442356Z","times_seen":152815,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":65,"dns":1,"connect":8,"send":0,"wait":10,"receive":11,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:29.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 23 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26982\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T07:08:33.442356Z","times_seen":152815,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":69,"dns":1,"connect":24,"send":0,"wait":15,"receive":3,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trust-pay.icu/favicon.ico","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:30.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trust-pay.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 17:32:59 GMT","end":"Fri, 12 Jun 2026 17:32:58 GMT"},"fingerprint":{"sha1":"A8:B6:C7:E6:BF:98:55:74:FE:C2:56:66:7C:CF:A3:B2:69:34:D4:FF","sha256":"D5:D4:CB:7D:2F:FE:6A:90:2C:FD:E0:A0:AF:79:84:14:36:F1:E7:ED:D2:E6:B6:2A:52:A0:86:6B:BB:EB:6A:EE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trust-pay.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nCookie: x0b00b4aeb6ced321=7f7cdd6a3fbbcc57\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nlast-modified: Tue, 15 Mar 2022 21:16:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\ncontent-type: text/html\r\ndate: Tue, 24 Mar 2026 01:27:30 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6P8YBl%2BvFjYlHl7HfL%2FJXZQlKlhYe04RBoXcw5aCMWn3jOlTesEZCKwsaMTHzOMQ1NoYRyxnpmhRRYrYwXMEKZBoG7VBLzeL%2B52V2UM%3D\"}]}\r\ncf-ray: 9e11e4ccfe5b5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":584,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"b7edbe8636cbbbea38156ef4ab6bfb54","sha1":"5c6ddaf1afe7f7cbc4b75f24d2a813165a8f5ac5","sha256":"3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5","sha512":"61fbd91ff5c5a783586ce31d4a64753e086b788d4725f7c055e9d55a7e2a417d2b7cb281b14de29ff14fa4fe517c8a4a3e138b821dc27a60363e95c60a1fc86a","ssdeep":"","tlshash":"30f0e1731c61c4437521c28a33e1de6c54583213d109e969b6de511ccb89bdc88d3925","first_seen":"2023-05-18T22:47:47Z","last_seen":"2026-04-23T03:41:23.658413Z","times_seen":262,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trust-pay.icu/cdn-cgi/rum?","fqdn":"trust-pay.icu","domain":"trust-pay.icu","tld":"icu"},"ip":{"addr":"104.21.45.125","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://trust-pay.icu/","date":"2026-03-24T01:27:30.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trust-pay.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 17:32:59 GMT","end":"Fri, 12 Jun 2026 17:32:58 GMT"},"fingerprint":{"sha1":"A8:B6:C7:E6:BF:98:55:74:FE:C2:56:66:7C:CF:A3:B2:69:34:D4:FF","sha256":"D5:D4:CB:7D:2F:FE:6A:90:2C:FD:E0:A0:AF:79:84:14:36:F1:E7:ED:D2:E6:B6:2A:52:A0:86:6B:BB:EB:6A:EE"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: trust-pay.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 641\r\nOrigin: https://trust-pay.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trust-pay.icu/\r\nCookie: x0b00b4aeb6ced321=7f7cdd6a3fbbcc57\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":641,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":2238,\"startTime\":1774315647705,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2026.2.0\",\"timings\":2},\"pageloadId\":\"f8f2e1fd-2c39-4c06-b884-f074429a4825\",\"location\":\"https://trust-pay.icu/\",\"nt\":\"navigate\",\"timingsV2\":{\"nextHopProtocol\":\"h2\",\"domainLookupStart\":11,\"domainLookupEnd\":69,\"connectStart\":70,\"connectEnd\":88,\"requestStart\":88,\"responseStart\":1502,\"responseEnd\":1502,\"domInteractive\":2235,\"domComplete\":2389,\"loadEventStart\":2389,\"loadEventEnd\":2389,\"transferSize\":5520,\"decodedBodySize\":20508},\"siteToken\":\"bc8435f4c6044aadb72eaa819c0cad9a\",\"st\":2}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Tue, 24 Mar 2026 01:27:30 GMT\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oInkukZUmAv9zCvFGTN6h%2FRDgFwpw6Zv37H2bxB%2BuniqocbiJyVlQ4t0KBYMPE3i361wEp8Xvbq64DsqZ5lM6IIZR29VwqmGMXY%2FmJA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9e11e4cd2e605ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-04-23T07:47:08.311118Z","times_seen":14201,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"trust-pay.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}