{"report_id":"6db20c3a-c8db-4ca1-8293-a4c1ba980acb","version":6,"status":"done","tags":[],"date":"2026-03-15T04:49:30Z","url":{"schema":"https","addr":"invoice-crypotmus.com/","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"172.67.167.194","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"invoice-crypotmus.com/","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"title":"Cryptomus Payment","dom":{"size":12124,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10882)","md5":"d1a64ef7c2ff506cfaccb5c093a1676c","sha1":"9daaa7ac8c492945d08ff9068073cd56fef19725","sha256":"5ae22d576b327b9bc088bd265371bc29a6f43f8d1d0417dc48bff1098d23d01e","sha512":"cf02607377cae31907ab0a0145f555a8f8fbac3c9090a1e07b29c3ac198a5c4d88500e117c8eae28f9e0fee69c9e6c8507000e1f0f031709149d9ed23fce6229","ssdeep":"192:L5pLb9N/NU3fMisU96pBrTUy4SaKwTshDP6uNZb9N/NU3fMisU96pBr3G:Vp39N/NUUibq0Sa/shDP6uNV9N/NUUil","tlshash":"664233bcb000555ff5b3ccc385623659e472a6affa3d0544faba7136dfd2c28a8a4524","dom_hash":"domhash8a6c2f9cc59f6faf3839f325ecd0da04","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"invoice-crypotmus.com/","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"172.67.167.194","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-19T04:49:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-08T22:19:32.591288Z","alert_count":0,"request_count":2,"received_data":12163,"sent_data":995,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"invoice-crypotmus.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":6,"received_data":2065926,"sent_data":2763,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-08T22:15:01.701196Z","alert_count":0,"request_count":1,"received_data":73798,"sent_data":544,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"invoice-crypotmus.com/assets/index-DRLGIqnw.js","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6b68e9833928efdcfb649ee3b921c57","sha1":"dd286695d12ba5dfa3b7044703474ce2ad75020a","sha256":"43eb77dc72c6dad59f6e73cdbd062bcc9c1dbe1ace645a75f7d6a1639dde3844","sha512":"d60e36cba8ae1e1b49a76709c4cc859d71e0504b2c93613a0e09174eda3cae10e3d6111f97415b5afe2258f1e15cfc3eafe176c63606d95ca5219de2a63e5fbc","ssdeep":"49152:jueHzINAgW2U2awTFMPu5Sf9tywPlBW/28zv46Dcsc2fK5E5CKUjcCQ2s1Em2zFn:zzaFMPu5cywPlU/28rsAbbn7Y","tlshash":"0e953b8472d6f576439610e4143b140af23d6a5ca01c90a8f39cd8e7bef998a867ff74","size":1913993,"data":"","first_seen":"2026-03-15T04:49:38.230071Z","last_seen":"2026-03-15T04:53:32.943539Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Golos+Text:wght@400;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Golos+Text:wght@400;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 15 Mar 2026 04:49:07 GMT\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5904,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"228432a495d8c423b9e11fa98d882f7c","sha1":"95d8dd9aa663579111bb40f98c88cb050880bcc3","sha256":"6b3fab7d0a0529ab23bfeed0784cd6d2e1c26136c98c4c9d2c7b58b3cf085b9d","sha512":"4bf203230ae8b45dc43b1d6be6f6d88e5830dc716b5792a463b6c01dc856c155d51b2f18d2b07251dae88f57ca51af744d136a505c3bc9a849e3a5c22cbb5c07","ssdeep":"96:vOEaJfOEagFZGOEa4Jc+usOEa1N8OxMaJfOxMagFZGOxMa4Jc+usOxMa1N8OpaJ/:4JoM8a1JSW8QWJB183XJUw82E","tlshash":"b0c1e291852b9e00eba31cc1a3ce7e73ae0e51093400c5758efd08a8ac9ec360395b5d","first_seen":"2026-02-12T21:01:59.184439Z","last_seen":"2026-06-04T23:20:57.214937Z","times_seen":16,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":176,"dns":3,"connect":21,"send":0,"wait":32,"receive":0,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.143.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 15 Mar 2026 04:49:07 GMT\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4887,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fd96ba77783845730c343cf00ac7a93","sha1":"bc4f7f4f71aeae387232155c55c4f031c5f3f769","sha256":"27b95b2fcbc857ba25f7e5a707c5c4c06c5cf93415519b7669c19f4045edca37","sha512":"20b137cf9c61842c7bad62dd6c36125833022552379ad97324dbee2c2e9cb0303b17a9aee813ea2bcdbb68541c8c6edbfecfcfb2858cf27c2cff480d756d80cd","ssdeep":"96:aYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGJc+uTYg4aR6NDO4a3qO4L:vywfydyGy63gy/yFVyR73xpmj3U8fHN","tlshash":"37a1ed91006f9104ea431dd627cf7e32ad8e51956082e27d6ffd2dca6cdbd23122874c","first_seen":"2025-09-10T21:50:06.177565Z","last_seen":"2026-06-08T20:11:04.783311Z","times_seen":16496,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":58,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/assets/brand-bg-DmCGC9LX.png","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET /assets/brand-bg-DmCGC9LX.png HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 27361\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\netag: \"69ac11b0-6ae1\"\r\nexpires: Tue, 14 Apr 2026 04:49:07 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OlctTq9mhrVoRvcKk47v8EAeT2KS6pIWr0dr42lt8nl46MyZYc9tk8wYxVF9fpQcI38dwRnO%2Bn5MHFZ3x0WgqbJoDW5nBWXddqXO393RzFXcvi%2FBZw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dc8e3c6ed573181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 455 x 212, 8-bit/color RGBA, non-interlaced","md5":"a59bd143fe31b649be7948218efa6e4a","sha1":"c97bab41c6b8e17b9946e7b0277d9c043a824958","sha256":"10f48f964657d5c72ca79fb78e8b9ef68ed2950b2068236b8d1043bdf39d7164","sha512":"10812981df73d4f7276351664f08edd9f6a0a40d418594842d7dc68c1cb72ceb977e719a85065c7e0c3a04ca7002381a30ba2fbce14e889b15a5ededaf0cade2","ssdeep":"768:dsoo1zPXFqkkybNXMZIeNqwP6Y+8OMm4hzW22fdZ:1olPXNXuJHP6Y+8Ox22f/","tlshash":"55c2e1aa373800a134ccd2bbd7ed766c9fa532942e95eb7d3c10a254122b61c5867333","first_seen":"2026-02-12T21:01:59.191594Z","last_seen":"2026-03-15T04:53:32.941289Z","times_seen":10,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/assets/index-DRLGIqnw.js","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET /assets/index-DRLGIqnw.js HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6qOc%2BPslOn9S26zRR635w78jdCqVWNRnwM5d3gOUCjRFndbNo2Msv8VVKCnaGxQya4S%2BZwDPWqY281Tr5Tlb6EdBfd%2BFGfSyRpec8zXnuGJpv%2FNPg%3D%3D\"}]}\r\netag: W/\"69ac11b0-1d3489\"\r\ncontent-encoding: br\r\ncf-ray: 9dc8e3c2dd613181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1913993,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (64143)","md5":"881b1575f05074612e03057650d70361","sha1":"07a74bd639f54993f5e5b70ff0e0f908b4dcbe18","sha256":"17efa4f79bf2e297cbae8edbeaeaace8e673109bad80a9daa7036178bc4c3b0e","sha512":"cc557866ef0e44cd60479a822c70585ddb4678284cc78ae88a30b5346a8f1e1be9839f2dc04257b989cc39cd556ac447961cf19159f78e4272f0df33f0d60b67","ssdeep":"24576:jueHzINAgW2U2awT8QV6Pu5Sf9tywPlBW/28zeW46Dcsc2fK5E5CKUM:jueHzINAgW2U2awTFMPu5Sf9tywPlBWZ","tlshash":"af255d807291b03503a755e964771102f2385854700ec4acfbec9cebbfaa98a957ff79","first_seen":"2026-03-15T04:49:38.219179Z","last_seen":"2026-03-15T04:53:32.93634Z","times_seen":2,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/assets/index-IZcJDMIq.css","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET /assets/index-IZcJDMIq.css HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DV%2FTNiN4bZB%2BpqrOpN35ecdy%2FWaqgMeAorLLO%2BbrNPRkKGoKnfWnLeUMn2QgrMLJGArdw9O3rtcgL6Dw3YBBC430ssKUjbxJPtKU4cmdmadltjiJwg%3D%3D\"}]}\r\netag: W/\"69ac11b0-2db1\"\r\ncontent-encoding: br\r\ncf-ray: 9dc8e3c2dd623181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11697,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11696)","md5":"203b57302388fd4386b8628689957502","sha1":"8a5d17a11518926a182423dc2c304709c12f0f99","sha256":"53fbbbeb2bf3e2e2a35c3c2fc557d13f8a42a86506eb5703d3226b7ea24f1de3","sha512":"f0ede94c6b7f09bcae3f21ca29fc732fdcfb082e37feeffa64bb5e694ec1fff09ef677124ad2009de65aea697cc5808d38de6c656ef9310a565f3ec4dad27a7d","ssdeep":"192:p1PU5BX4Sd1q3FbNqpwxk91M8D7tpSLe6lN3YX3KoUd3e23iH16FIHU8PH4N289I:LMBX4Sd1q1bopwxY17D7tpSLe6XUaoUg","tlshash":"8d322f21b11c242cb07bd8e1f88216aef215fb53e16b47a9fd51a136ccd35a72b32749","first_seen":"2026-03-04T16:21:47.870314Z","last_seen":"2026-03-15T04:53:32.939317Z","times_seen":4,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://invoice-crypotmus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 01:02:34 GMT\r\nexpires: Mon, 15 Mar 2027 01:02:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 13593\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-06-08T19:33:12.053385Z","times_seen":25914,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":85,"dns":1,"connect":21,"send":0,"wait":22,"receive":38,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/assets/desktop-CmEk4Y7z.png","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET /assets/desktop-CmEk4Y7z.png HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 106951\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\netag: \"69ac11b0-1a1c7\"\r\nexpires: Tue, 14 Apr 2026 04:49:07 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SpeqxL8NOQ%2Bf2AJYiyqYuZEj3Ek4rK%2B40SH2R4G8qjIsRHXR7d9GzhV%2B6IHgcbx0KTd0%2BKutOMPJKHCMkHgyTj%2BInEovZlYNMsOH4iEFnBXeclKmxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dc8e3c6dd4b3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1077 x 570, 8-bit colormap, non-interlaced","md5":"0cbf5f607f535d4d5d7454cab99b93b1","sha1":"d6f2ea86b12ab5212aa6209a4360f031a7528c39","sha256":"4cdafe990c9d5fde0d071a728ed7bb6a0a702f7962e44c58499ee7e0e8ee10a0","sha512":"cda0b51e974cd29d04d6ac994694967eedd2687f4ca875118b6b34632e377e090d7a034a9482f70b13f86ec44fdd932af4eb68cf962a0c989ca3222141dfd462","ssdeep":"3072:JI7NinDcGF7crdmCw1r2lgxoz5josKnAiQU3kEcFFq3wZ+5/8:MGnwmJ1axJvnKecAZ+a","tlshash":"f2a312a8e1c9cf02879e003752e31a3a27c55c456e3171f8326af26424fb665cdbd1eb","first_seen":"2026-02-12T21:01:59.190486Z","last_seen":"2026-03-15T04:53:32.940374Z","times_seen":10,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/site_logo.svg","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypotmus.com/","date":"2026-03-15T04:49:07.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET /site_logo.svg HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypotmus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 14 Apr 2026 04:49:07 GMT\r\ncache-control: public, max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V0ia7OxLD1eN7PjRPumsUiskcJsgag8dcusV3Rz2G%2FKCSCRMtIoCY6oOp9DXzVjjaBTGxmK5Suu3dhg4OhXPv5c6ujmcALUpe4j9zjzS7Z3cyDfZcA%3D%3D\"}]}\r\netag: W/\"69ac11b0-214\"\r\ncontent-encoding: br\r\ncf-ray: 9dc8e3c84fbc3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":532,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0cd402e63c620817735889b6daa4c19","sha1":"b8336c7eb03e0216aadf802462bb3e0541dba39b","sha256":"180e5b43fc4cf57c03e9d483c96ed5676c6a40bd74e436bfb81f2a74c9c77d1d","sha512":"045b39b2311b591fc80a05bb896034e1caaa774b09ce87f855f82d1495b439bce808b7e42657a5824b8761f2f88cb330f23b06266d21d1c6a6296df243487791","ssdeep":"","tlshash":"27f059d48218769d6583cf1d0f299794676da0fefa70e346a9dec94c825b280fa13814","first_seen":"2026-02-03T09:22:06.540925Z","last_seen":"2026-04-01T04:47:56.897945Z","times_seen":17,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypotmus.com/","fqdn":"invoice-crypotmus.com","domain":"invoice-crypotmus.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-15T04:49:06.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypotmus.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 10:38:53 GMT","end":"Fri, 05 Jun 2026 10:38:52 GMT"},"fingerprint":{"sha1":"AC:CC:9B:2F:79:B2:CC:6A:0A:2E:1A:86:FE:0E:9D:7D:4E:B8:47:C2","sha256":"02:C5:E0:4D:32:97:04:11:88:51:13:F9:95:24:AB:7B:6C:9C:A3:91:E4:9E:9E:08:B1:5C:BC:BF:7D:A7:7B:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: invoice-crypotmus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 15 Mar 2026 04:49:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 07 Mar 2026 11:53:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BL50%2B%2FjhzF7A2bEKjwLvPKIiMG19Olx8rdZ6njUz23tU9vHX5DfpbJyDEkubIiR4Pf3vkhFSS1ktNwosyZMuoVSeZ2nHdYYfL0JBuyyZXmJFivN4uQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9dc8e3c149a70daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"347ec1e73847b5f2418bf90c88d4c825","sha1":"4a3d8ca6ea3a87f4ed78d8dc36ce05c6cf46792f","sha256":"cd0fab732285e7b4df7e0129fb7f2777615c1f1976664089261c8dbb52c9154a","sha512":"43d38c29950b36190245cc172d6a62121bd3f93aed5cb9a8e7f76d86f0096ddb220561a0de4eb242222db3ef65ff4d37a67738fcf317719d550f53eedba1094a","ssdeep":"","tlshash":"65210263a154c85203b081456ce3f41c9f17810b0645ed21b7ee90fd5fd0ea6cae762e","first_seen":"2026-03-15T04:49:38.227183Z","last_seen":"2026-03-15T04:53:32.934044Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":41,"dns":29,"connect":2,"send":0,"wait":97,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"invoice-crypotmus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}