{"report_id":"c2f91241-c156-4765-9d0e-68694fa6c08a","version":6,"status":"done","tags":[],"date":"2026-03-22T13:14:43Z","url":{"schema":"https","addr":"paytrust.live/","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"104.21.27.64","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"paytrust.live/","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"title":"Trust - Your Private Crypto Card","dom":{"size":47072,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26136)","md5":"fdec2d477c00cfb564727398e08573ea","sha1":"4007f6ffcde749366000d4271e8fa00f7c6cad86","sha256":"f2a29057671e4780e2d1bdd452671f8d6b7c7640cdb21d4be40477c0c096813a","sha512":"4df0fcd8201e336352c51eb124e3ad43e5e35c6874b89f730037bc36ff15ac1e3e53129fb6922d031b0652c0fdf67e4f68d28be9aa139c5e56d2774b2db8689e","ssdeep":"768:U3AsSzqziJdCQ515f9PqcdH9VUaNfeiGYbJ0:U3lQCQ53DHRNfeiGQJ0","tlshash":"3023fb324510213ab12b89e6bae3779cf394e024d75f17f696e471ba43db6d212b3306","dom_hash":"domhashd63a17dc07f8ad48bf6430b020400d39","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"paytrust.live/","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"104.21.27.64","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T13:14:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"paytrust.live","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":16,"received_data":3508186,"sent_data":7009,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"webtrack.sale","ip":{"addr":"172.67.220.109","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-05T23:26:42.853157Z","last_seen":"2026-03-20T21:15:43.120201Z","alert_count":0,"request_count":1,"received_data":901,"sent_data":399,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"paytrust.live/","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T13:14:21.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: text/html;charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zVn8F0GaVDQc9nrkX99F61a23IznUWFfZ%2BM8euiVoAabzFjQwI7jnu4jnGVriiqSSH8cFJqkyCp6iix6Ut3OpqxfdvbeM4qkXNz9wKo%3D\"}]}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e05757e2e9c9a3e-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47080,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (26136)","md5":"3cf14c35a337fe83a0e1dc9f6175c59c","sha1":"207bead388c0d271efabb5c92ab54b5cb0280108","sha256":"fa064f8a3beb7e0b8f9fa07403153351973f175a84f24044ea88f13036dcd265","sha512":"14e7578588cb7a5db5c9e6137fa74eeb3f39b847eccf8a3ba362905a0bc555aa358d14099a06cf549df6169a989bacffbe92a919d3343cb07cf07ae79980d15e","ssdeep":"768:83AsSzqziJdCQ515f9PqcdH9YlaNfeiGYbJ0:83lQCQ53D+wNfeiGQJ0","tlshash":"b123fb324510213ab12b89e6bae3779cf394e024d75f17f696e471ba43db6d212b3306","first_seen":"2026-03-22T13:14:49.236289Z","last_seen":"2026-03-22T14:48:46.989785Z","times_seen":3,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":77,"dns":53,"connect":8,"send":0,"wait":420,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/0f28aa307e29e466174084b4f0abed0f6f10f351.png","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /0f28aa307e29e466174084b4f0abed0f6f10f351.png HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/png\r\netag: \"092f39da4f5d165ccd9f8fd517b46547\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:30 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5mMTk7HegdtKXHuIjQEnq54GbRSESmQwgsttbsAXvAX57IohARORCLtFIgnHBts47IonzB3zaIo2vZlSKoBGte1R8YSi9Oyu6GTtsdo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e057581dcaa958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2919577,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3455 x 3101, 8-bit/color RGBA, non-interlaced","md5":"4eb607c03556865c926c0d972226fbe3","sha1":"cfa0f87619da4428e4274c3964d90fb5b76618c9","sha256":"1bdec3318928a09c9c8d6bf0a9fd119e44fe21644b45ae9161b7f0cdda5dfc13","sha512":"0424aea322be3a0521a8cd9a2aa2543f3c2a3a2601850303299209aaf63cec0b99bcad763f9f9a0e4b3719771a2cdbc5b4a841946f6d57ee5ae58f38fc217edb","ssdeep":"24576:iilvAFYAyfy5PEe273wjmBEQGApgq/MDeu2Sbx32Ig+1Xbvg6:iXF9BCe2LofQ71MDeebfD","tlshash":"d72523f8f14ac194d2e4953ca6795af8633240b8dd412de84632b2b6bfc29858d4dcfd","first_seen":"2026-03-18T15:48:56.517034Z","last_seen":"2026-03-22T15:17:32.799249Z","times_seen":7,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":141,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/548cd5df56cbbe772234630ba82718bc48edeb60.png","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /548cd5df56cbbe772234630ba82718bc48edeb60.png HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/png\r\netag: \"d9b41e719f1a670928067723380d3039\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jkcLUBjK04ldEwWHWf%2FkfCD8%2BY1MyNGqXAGh9TxRdT3gX1PUMWHvl1MVLE1ngWxDrBX23%2FpuHyPK1N2VQ%2FI%2B6%2F7W50hog4Ei5HpDLkE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e057581dcbd958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":148744,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 763 x 518, 8-bit/color RGBA, non-interlaced","md5":"d9b41e719f1a670928067723380d3039","sha1":"548cd5df56cbbe772234630ba82718bc48edeb60","sha256":"49982d38a3213a9e764c67f5376adfd185748f011f149083b1ba4ad643b7bc25","sha512":"49ab26332083cfd498aab0d7fa0cebbf770c02b0092f9d6905018679dc8a5ebe066fa59ee6a4937599a6dfe94ba793e31b1b608b698b01655c3439927f4a2ca9","ssdeep":"3072:tdzqbVITOtA+AIG7IsOIwbTCvdRN/WU3Nu0pU2I1vdFlcD:b0iOm+S7IC+GvlpuCU2I1xq","tlshash":"0be312da4759e35425ade3f23f19dca3e977a8c3d1b336ec525002b07c703a8c8665a6","first_seen":"2026-01-10T14:02:29.67497Z","last_seen":"2026-04-28T13:46:00.709922Z","times_seen":821,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/90e234e481359853e1a3d40644dff49ce20f5934.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /90e234e481359853e1a3d40644dff49ce20f5934.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B5kiWdHkiym5T8dXlb5NEA6UG8IsbdkbeyVRv4%2BCiU2LBqwH4cw9fTJVeQ2mcjHEetUNO54LcVIzXdDrv%2BYmTq6vNDfWgqpLWkDSBvA%3D\"}]}\r\netag: W/\"fbda6fe9682d63433ce25aec010fb362\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581dcc2958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10734,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fbda6fe9682d63433ce25aec010fb362","sha1":"90e234e481359853e1a3d40644dff49ce20f5934","sha256":"c6a0aa994362014ebe33193d0e9a16ec866d3787a32300c030f47fc45e2f4724","sha512":"a65f2964308672761d0c1d04eb449206231cbb1e9fa220937a89fcdf6f50339c037b42f56a7643d91edc2d7397bd5beef20ba1ef613cd9afa25f2a741b9d7f83","ssdeep":"192:SW2pQeCBWg8geYl7ByksxaThcuDNoMmNquwn6J9c3D32WMVwnNNqRSB:+oPsYVPZDmY2kju4Y8B","tlshash":"4122c7caf32869fdf6d34f59db1072b4260a303a0e66536c813d8d3c1a8560ee51fd90","first_seen":"2024-10-12T13:56:58.711689Z","last_seen":"2026-06-08T13:03:35.651068Z","times_seen":887,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/31540228a6b9ddc6cd4701720fb9b53210cb1e4f.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /31540228a6b9ddc6cd4701720fb9b53210cb1e4f.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o41OzdsUcvIS2im3EzKpqzckLsDHaaCL0m4zEXIzNMgEnsYLuPy6ciJZODNcHWsfyAeERO3arie6wcBFbIdBW2aJX97DeijYsKupkFQ%3D\"}]}\r\netag: W/\"e1e6944c95750e2f20dd0902e8065b2c\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581ecd0958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5818,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e1e6944c95750e2f20dd0902e8065b2c","sha1":"31540228a6b9ddc6cd4701720fb9b53210cb1e4f","sha256":"018c0cea41d585a7b4190176e7a18128a89e1aee685ab9e763741f376081b995","sha512":"e88c0f52743f841767e457a627248ddba418dab011ad59ef302b67a2da15908c8cc5045112348acd125fbbd83f236d4681fc64f54834d29ba6525718657d2699","ssdeep":"96:y2dqoNJZEMhiFeGnITA2dqoNorYvjfLVOgnXpv5pwYHBrhwYpWUoqZB2n+jOdFRf:hdqY38Z0dqJsj5v5iYZhv1Cr","tlshash":"3ac1c8d57734b9bcf0e70be9df10f9a4304e70761a559388c3a1ca3541969ce992bce0","first_seen":"2024-10-12T13:56:58.696978Z","last_seen":"2026-06-08T13:03:35.658216Z","times_seen":859,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webtrack.sale/p/62gzAzvto","fqdn":"webtrack.sale","domain":"webtrack.sale","tld":"sale"},"ip":{"addr":"172.67.220.109","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webtrack.sale","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 18:10:06 GMT","end":"Wed, 29 Apr 2026 19:08:34 GMT"},"fingerprint":{"sha1":"8E:FC:0A:E5:97:B2:4E:A3:87:2E:8E:9A:B4:5D:E0:A3:61:5D:10:69","sha256":"7F:7F:F1:87:6D:42:3D:55:EC:EB:05:40:49:36:73:C5:D8:69:AF:D1:A1:DD:0D:FA:2F:D5:C1:16:B3:0A:E9:18"}}},"request":{"raw":"GET /p/62gzAzvto HTTP/1.1\r\nHost: webtrack.sale\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\ncontent-security-policy: default-src 'self'; img-src 'self' https: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src 'self' https:; frame-ancestors 'self' ;\r\nvary: Accept-Encoding, rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-dns-prefetch-control: on\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ud6QB7PBs47cwwwrCVnd5Ya6GD0wrpcZPbHwXaF%2BEN3vsJtKVN8MUyjU84DO30SKNBcuJneY5bgz9SwdHxnU5ZfaD07JnqQ6pTYfLzI%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9e0575825807a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-06-09T03:59:08.294767Z","times_seen":90162,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":64,"dns":29,"connect":9,"send":0,"wait":99,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/62gzAzvto.gif","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /62gzAzvto.gif HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\netag: \"325472601571f31e1bf00674c368d335\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 44\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wksVc4KAyCSdvgJr4GShvD6IM31LPeU0cgasE2KzSC3bjoeOMVLvW7KwLuBC0CD2TKIZCA9j1hw%2BqfdW2VJrMye6xmtNTQFdp7DB7F4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e057581dca0958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"325472601571f31e1bf00674c368d335","sha1":"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a","sha256":"b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b","sha512":"717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc","ssdeep":"","tlshash":"bf900003ea80c002c2a2c0300e0ccb802b88b0308a28030fb0fc3baeec3a3a20c23000","first_seen":"2023-04-05T06:29:39Z","last_seen":"2026-06-09T03:59:08.294767Z","times_seen":90162,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/f0b4c3fcac90fdf5fb7eb7e1026a79586d5fcaae.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /f0b4c3fcac90fdf5fb7eb7e1026a79586d5fcaae.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NBROehFxSDZ02avwCscEvxnt9Q9WM28ja9C25jf0r56kZRDd2tDTdioCrCRYhxMPsENAYgmxM%2BZB%2BQcOsjONnSmB4eiDjbtBDNenE78%3D\"}]}\r\netag: W/\"8a14d9bb432e57219f83425475cab0e8\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581dca3958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a14d9bb432e57219f83425475cab0e8","sha1":"f0b4c3fcac90fdf5fb7eb7e1026a79586d5fcaae","sha256":"c9b42ab8c54c70771224ec2a1319358fe54fa8d5eac6e7adbca92ca5165b1f45","sha512":"d57fdd6ff2f0d6ad48478c45596a5637cb1e56b5e7e4ccdd6eb1a49202652f345f4a46c487965d8ef57f17b1452f7dc5754b406ca2111a33b55babbe6e2ef381","ssdeep":"","tlshash":"0db0122c818c8508d414ca28e8f48841505b9082475405eed1c036077225c5368662ed","first_seen":"2026-03-22T13:14:49.241149Z","last_seen":"2026-03-22T14:48:46.983561Z","times_seen":3,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/325294dfe8267c63104646d60cdce3e201f6d7a0.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /325294dfe8267c63104646d60cdce3e201f6d7a0.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 44\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kOhLxJi3YF9qsHJrLnKFOwoKSGP4vjDBvez5R5myBvdz1VtM6Ao5OtgR%2FmaNShcQhXxzwuNxBa5FJ4SIPAY1uLS%2F0h2WYS7ASDKKvjM%3D\"}]}\r\netag: W/\"1645fe9e4e50c926db510f45d2670378\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581dcc1958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22271,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1645fe9e4e50c926db510f45d2670378","sha1":"325294dfe8267c63104646d60cdce3e201f6d7a0","sha256":"89f90f697ecb81bc6558e7a4df1abee65c3e45238e818631b14960c55e6b5ab9","sha512":"c569f384e77c296765cd60c630d8ac05d09e006b057e01f1a6940359d9b76cb3c62f613996be763b7fbd365c9496253ac985d1c2777e5977bbacb7e1775ff9f3","ssdeep":"384:jz7cy1KpXqwovhEqTjOyf731s1uhjNo8JNoXuhGYZe9YZ6iSqHmC/k6O+VgaCqG:jz8AVTjOyB3teC/kZ+yH","tlshash":"32a2b7ca6b385dbcf1c74fbadf2479e8200960ba0e2917d4813ea07d1657dcdd61ac94","first_seen":"2023-12-20T05:41:29Z","last_seen":"2026-06-08T13:03:35.655281Z","times_seen":871,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/75894cf8e5d238f788bd1d0fb258dac88c5b0126.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /75894cf8e5d238f788bd1d0fb258dac88c5b0126.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 41\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XibZOkvYDfYdc%2F3tyxMh9oY%2FXe2GfUI28TuzDaKLrujOs3NdT0TLMKQfKiiX0GUrIXLtzK3HPUe8NyWkB70J5ifNr5cQ4ndAK%2FHfUIU%3D\"}]}\r\netag: W/\"c210d79d224dc0acca1c3beeb029195b\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581ecc6958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4645,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c210d79d224dc0acca1c3beeb029195b","sha1":"75894cf8e5d238f788bd1d0fb258dac88c5b0126","sha256":"d1207a3591df9b2c69e8f08c29200283571c5744774d8e008aa3835957652a58","sha512":"d82594ace6a3cc531d7430a0d55cde548f4273f2ff170b51a93fa1c980baf3cce40bac295cdbfa444827666d7f8276860b854eaa4dd91bcbab07b277be2af6bd","ssdeep":"48:HRryHV/3wZy0xVsTtmv4jb3bU9UN6Zjamv4jbo6H9kMndH9XHO8laGH9XHO8eH9T:HdOAZrVsTsv2brHM1jv2bx1PL09EXud","tlshash":"86a176eafb2c9cbfe82787bccb48e1f5504d61d664c08368c2799f1e51046cb591aec0","first_seen":"2024-12-07T17:47:59.744392Z","last_seen":"2026-06-08T13:03:35.663046Z","times_seen":894,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/b67eb4b5fea974adb55977c6cfc42c3ce8b224d4.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /b67eb4b5fea974adb55977c6cfc42c3ce8b224d4.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VQD6uDrUW%2BeYSoW4ea8cYwkjO89gau1O%2F7g6euyskuF2JcoJWh9TlL3lhqny%2FYcbTa5mYowjgPxBj2t3kkBIslNi9Nq2BwZMoz2oOYg%3D\"}]}\r\netag: W/\"83986156dd8df49f40175538d33639af\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581ecd5958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10085,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"83986156dd8df49f40175538d33639af","sha1":"b67eb4b5fea974adb55977c6cfc42c3ce8b224d4","sha256":"be5bc71658387110e1776fe9d3a6eb1936d747edbeccef35bca7ef14719e0f3c","sha512":"819cfecc001cd9353ed5ccc8a0dca9848531bc26b61194581e29bd4b782e293a54dc55698e1ba5cdac29fcc7ceae9f6e4803796990be6fba397b7554266e0237","ssdeep":"96:9bEPGTGbE2GIywkC2nkDKk97uu6wW1J88PVyzXUtt00I/bCsQ5ZnQFZnS11FQqk7:pEPGTYEAGkD1hhWH8WOEq5gMn0+qkQCF","tlshash":"c022c8c677385d7dfa934facdf04b7e4302ea07a565e5398d2268a38114268ef91bcc4","first_seen":"2023-12-01T17:00:55Z","last_seen":"2026-06-08T13:03:35.656548Z","times_seen":1061,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/dff7963c2b7cc0a95b65d777bae56e7cf8a762f1.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /dff7963c2b7cc0a95b65d777bae56e7cf8a762f1.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 42\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F5%2BgQYTQwcBE5Bag7gV586Z9xRBXBURj4H977sFg6Cps0k4gU841wpwfLhP8ACRbxMwGlidfCZuaCTJeOOFGF0Mtekrz9PQs%2FON06to%3D\"}]}\r\netag: W/\"cda874259b72818dd657fdc8e026f343\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581ecd7958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6947,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cda874259b72818dd657fdc8e026f343","sha1":"dff7963c2b7cc0a95b65d777bae56e7cf8a762f1","sha256":"00d4932ea31ede39a2d7348985c6dd5416b54e19fda923b866b5fc435e2d6c82","sha512":"3002edc71781a68f7b90c19806eb740e4708436510896f74f7e225fc851f87e111776a99fba399e6b1142862b02713e8c763398668f591267451b2ce5afe5276","ssdeep":"96:ArdFO+fLClvKoyTjtgI95CfDMd/kPpxPL:ArLOIyioAJ95CrM1Ovz","tlshash":"a0e11ece37440cfe7e26079aef2a72b9102255fb2d886200c53b1a79158165ead3fec4","first_seen":"2023-12-01T17:00:55Z","last_seen":"2026-06-04T13:11:26.48777Z","times_seen":1007,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/dc5fce55c6b738fe4b4d34ee14d539ef1741c77c.png","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /dc5fce55c6b738fe4b4d34ee14d539ef1741c77c.png HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 734\r\netag: \"5bcb862683ac8ae7ab8129299dc8b0dc\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gqQRIXBT%2FhU4r%2BBAq9jb0Rs0C6J8J0Az%2FKmtMwvqmiEPMTX9H9P%2FHHO2E5P10SHQBCRavJRNYz8w9HVH0U6FzczL%2BlSQA6g0o4y%2FfBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e057581dca6958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":734,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"5bcb862683ac8ae7ab8129299dc8b0dc","sha1":"dc5fce55c6b738fe4b4d34ee14d539ef1741c77c","sha256":"fc44d80d6db12638ec4d231a530a025b78cca1505e74c525822f277412b08c00","sha512":"c32ee8d8f672c9234b0411030491c20308cf0404dec78a01c6c0ac2034d95d35a250698ee8fa9843617c65c66d2a359e370f34289ac2b39a79a25047998e886b","ssdeep":"","tlshash":"46017584b165f42ec8a86a138907d241cc0e818c8a4b3a6517f406fb108671000e4906","first_seen":"2025-01-03T04:12:35.302667Z","last_seen":"2026-05-08T11:01:57.104482Z","times_seen":8,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/9fd5c01757e2b33b05fb4160160042a43bb00d4c.png","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /9fd5c01757e2b33b05fb4160160042a43bb00d4c.png HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/png\r\netag: \"43d6d80383584c0352e833e73fd1a1db\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VTpJ%2BUgwTmUlduIjSyzP2%2Fll6GQKQv1RMXy%2Fc9n0eYTjSL%2Fa%2BlEifocMNmN8nhRA4grsZsChN5VaKLVNw3qzXlFzX3OQ5wVlDOCsJHs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e057581fd30958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":244812,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4306 x 778, 8-bit/color RGBA, non-interlaced","md5":"43d6d80383584c0352e833e73fd1a1db","sha1":"9fd5c01757e2b33b05fb4160160042a43bb00d4c","sha256":"512d9435396205c125b69901aa7c5af87c6893a1b0fea13c8a2b2874207c7c49","sha512":"1d173d3cf03cf2863a4cd814160574f88e7cfe93b6df2ad32d0325eb7f883e77e79617a7e068344a949937a11dc8f3f818210f867a9a916bbf6605bcd74b2d81","ssdeep":"6144:BGEdAx0hJjgDEkafFT3T5sDuCXCublZ/bwfyK5f5Olgf6QORxwCw8W:EEexIJjgD4dwCublZ/P25V8W","tlshash":"4d34126a8c075ce6fdc6c036a52aaf043b32746e1c1697cb03be5f360ceb14790c96a4","first_seen":"2026-03-18T15:48:56.51086Z","last_seen":"2026-03-22T15:17:32.798536Z","times_seen":7,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/fa0595f7d03ef2eb83c6ea2beadd23dce3e6579a.svg","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /fa0595f7d03ef2eb83c6ea2beadd23dce3e6579a.svg HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\nage: 43\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=itYzrwqp515UitSCERmLHLLDk9RWdfvoRPdh0NKbkpTfpGyqQFCmtH3Imgbz4tD%2FnXiRw5m0EJs2LgxrkcFqNDJwszN1QvXkx2qt%2BqY%3D\"}]}\r\netag: W/\"94df810c2ed1a1fbb3d89f767b243411\"\r\ncontent-encoding: br\r\ncf-ray: 9e057581ece0958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10250,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"94df810c2ed1a1fbb3d89f767b243411","sha1":"fa0595f7d03ef2eb83c6ea2beadd23dce3e6579a","sha256":"1a07b51df7cce62e8d728ca85759d6a735fff8f54144660fc2b7206b9cf194a2","sha512":"231fb23bbe4cd8a1754f265ff7a4af7444cba4c6a3680fdeb7f49520a3822ca8e779e155373305aa192b35fac82a2c08930d1d4396dda2865cb5b191b686644e","ssdeep":"192:KAcdLt0TAR3pxOVpjWjZiO4NgCAtZ6wzvRx:3cdJ0UR3TgjWjZizqZV","tlshash":"8a220dce3b145dbcf93287a6db02b3b9202b49b707e56310ce361a79640195ea93fdc4","first_seen":"2023-12-01T17:00:55Z","last_seen":"2026-06-04T13:11:26.547825Z","times_seen":1018,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/96c0e32d42d46ab090c5087a1e0baf618f7e7627.png","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:24.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /96c0e32d42d46ab090c5087a1e0baf618f7e7627.png HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:24 GMT\r\ncontent-type: image/png\r\netag: \"00f314640a70760e560c7781243c48b4\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2CZHbqHrADMa7Etdoy4WxKE0nVOfsI2AWK8mCX3XyoJMTuBoIBdqBo126GRomJSci1WXMFZ9%2F1woA4kVWSB4mD7lFuVQf%2BaAA2b8rLg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e05758d695d958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 132, 8-bit/color RGBA, non-interlaced","md5":"00f314640a70760e560c7781243c48b4","sha1":"96c0e32d42d46ab090c5087a1e0baf618f7e7627","sha256":"246ba40b62913b8dc0a91340f5fe823a716b25b979e022ddece8fb9bd05f4084","sha512":"77a110032616e9ee071bea77d3b27fdca906abf7b29af684919e720fa7a02504de08c0ab18927525b70d3079567d1180655adb2e94ed51a4e4a8f77aff8b88cc","ssdeep":"384:3WAx50nmcPohOa2YopY77IIOiG1LwLbYM/To90hLmG2Xq:75HcPm+Y4Y/3wBQ/3hu6","tlshash":"1672f1deb31dd4f3e93a063c1969c52afb153a5c7bd26780c1d1f68c94b2037c96a898","first_seen":"2026-03-22T13:14:49.247213Z","last_seen":"2026-03-22T15:17:32.800625Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2222,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":616,"receive":1606,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"paytrust.live/f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298.woff2","fqdn":"paytrust.live","domain":"paytrust.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://paytrust.live/","date":"2026-03-22T13:14:22.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paytrust.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 06:28:28 GMT","end":"Fri, 19 Jun 2026 06:28:27 GMT"},"fingerprint":{"sha1":"80:5C:A3:2D:9A:87:CD:38:46:24:ED:DE:05:57:0E:DB:4C:B9:70:97","sha256":"76:CA:EA:6F:43:28:23:88:91:A5:11:93:80:BE:71:C8:77:2C:6A:F6:FE:BE:05:2E:57:10:71:53:04:25:C5:05"}}},"request":{"raw":"GET /f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298.woff2 HTTP/1.1\r\nHost: paytrust.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://paytrust.live/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Mar 2026 13:14:22 GMT\r\ncontent-type: font/woff2\r\netag: \"260c81a4759baf163c025001c4f27872\"\r\nlast-modified: Sat, 21 Mar 2026 07:17:29 GMT\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZR9iypBnFlRCYubjeYYFIGhAWSErqnd75kkJuoPLefX7XnStbbSlqBVFgMKhReOUqMa82dgGdV0Cu%2B4LMfxBJQYnMtcVnowugvYEqM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e0575820d4a958c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-09T04:03:09.833474Z","times_seen":18963,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":382,"receive":243,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"paytrust.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}