{"report_id":"ea87a42e-bb89-4a13-abf1-02358e4f5b17","version":6,"status":"done","tags":[],"date":"2026-03-04T18:47:24Z","url":{"schema":"https","addr":"invoice-crypomus.com","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"172.67.166.223","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"invoice-crypomus.com/","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"title":"Cryptomus Payment","dom":{"size":12124,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10882)","md5":"f32264b8b28af9f6dfb6f482e13c296e","sha1":"5c0a5bc031c9feeda5dcdab44bc4a106527cc138","sha256":"855a85ec0563aea7bcf57e03454eab58f11cc1c14bba047bb315ff9a3b4569e6","sha512":"062e1d1dbc98272abfce7c87270c5a52b293a49836a2a0972afa0f6d1f2c1cddc894e26d02a5088d74def23efa9e580faf087af5b50daebd8ea9c20f28f8fdf3","ssdeep":"192:L5WLb9N/NU3fMisU96pBrTUy4SaKwTshDP6uNZb9N/NU3fMisU96pBr3G:VW39N/NUUibq0Sa/shDP6uNV9N/NUUil","tlshash":"724233bcb000555ff5b3ccc385623659e472a6affa3d0544faba7136dfd2c28a8a4524","dom_hash":"domhash8a6c2f9cc59f6faf3839f325ecd0da04","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"invoice-crypomus.com","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"172.67.166.223","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T18:47:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"invoice-crypomus.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-01","domain_rank":0,"first_seen":"2026-03-04T16:21:43.835522Z","last_seen":"2026-03-04T16:21:43.835522Z","alert_count":6,"request_count":6,"received_data":2065923,"sent_data":2752,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":2,"received_data":12163,"sent_data":993,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-01T22:15:00.771016Z","alert_count":0,"request_count":1,"received_data":73797,"sent_data":543,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"invoice-crypomus.com/assets/index-C-jM6lTn.js","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b973245b0f57740546a7c0769638756","sha1":"bdc17aff933f43aa1f00fd40f960b5068ef47520","sha256":"867048ef34db981f27019bcc448fc87668219fed75646afde610d46a2965480e","sha512":"a9004187ff530efa20c0deaf7c42827dfeff4ab3069c9853cbdc7212b2a988d8172d1e3011581d3957dfe7ff29d4e23c3a33ff11a29e37656372bada1dd5097f","ssdeep":"49152:tueHzINAgW2U2awTFwPu5Sf9tywPlBW/28zv46Dcsc2fP5E5CYUjcCQ2s1Em2zFn:9zaFwPu5cywPlU/28gsAbbn7Y","tlshash":"a2953b8472d6f576439610e4143b140af23d6a5ca01c90a8f39cd8e7bef998a867ff74","size":1913990,"data":"","first_seen":"2026-03-04T16:21:47.871324Z","last_seen":"2026-03-04T18:47:27.735999Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Golos+Text:wght@400;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Golos+Text:wght@400;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Mar 2026 18:47:02 GMT\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5904,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"228432a495d8c423b9e11fa98d882f7c","sha1":"95d8dd9aa663579111bb40f98c88cb050880bcc3","sha256":"6b3fab7d0a0529ab23bfeed0784cd6d2e1c26136c98c4c9d2c7b58b3cf085b9d","sha512":"4bf203230ae8b45dc43b1d6be6f6d88e5830dc716b5792a463b6c01dc856c155d51b2f18d2b07251dae88f57ca51af744d136a505c3bc9a849e3a5c22cbb5c07","ssdeep":"96:vOEaJfOEagFZGOEa4Jc+usOEa1N8OxMaJfOxMagFZGOxMa4Jc+usOxMa1N8OpaJ/:4JoM8a1JSW8QWJB183XJUw82E","tlshash":"b0c1e291852b9e00eba31cc1a3ce7e73ae0e51093400c5758efd08a8ac9ec360395b5d","first_seen":"2026-02-12T21:01:59.184439Z","last_seen":"2026-03-15T04:53:32.935361Z","times_seen":15,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":93,"dns":1,"connect":9,"send":0,"wait":19,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://invoice-crypomus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 18:26:58 GMT\r\nexpires: Thu, 04 Mar 2027 18:26:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 1204\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-04-04T13:46:08.042805Z","times_seen":18511,"resource_available":false,"data":null}},"time_used":386,"timings":{"blocked":152,"dns":1,"connect":30,"send":0,"wait":30,"receive":52,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/site_logo.svg","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET /site_logo.svg HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 31 Mar 2026 20:02:48 GMT\r\ncache-control: public, max-age=2592000\r\nage: 254654\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cvbJo2ZK4Xe%2FhO4SklCY6zETx0yIgdBBp6iZOIwoYaitCTX0GUFPmu7t4wlFgPIAboCCEp6c0vbE7L%2BA9Hg1RnaA56V8V2BnSDZC5BAhtO1eukqI\"}]}\r\netag: W/\"69a49aad-214\"\r\ncontent-encoding: br\r\ncf-ray: 9d730c1158990d38-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":532,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0cd402e63c620817735889b6daa4c19","sha1":"b8336c7eb03e0216aadf802462bb3e0541dba39b","sha256":"180e5b43fc4cf57c03e9d483c96ed5676c6a40bd74e436bfb81f2a74c9c77d1d","sha512":"045b39b2311b591fc80a05bb896034e1caaa774b09ce87f855f82d1495b439bce808b7e42657a5824b8761f2f88cb330f23b06266d21d1c6a6296df243487791","ssdeep":"","tlshash":"27f059d48218769d6583cf1d0f299794676da0fefa70e346a9dec94c825b280fa13814","first_seen":"2026-02-03T09:22:06.540925Z","last_seen":"2026-04-01T04:47:56.897945Z","times_seen":17,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T18:47:01.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:01 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3vl%2B0Dh1d0q7NNeJ1gcoCS6ASY0YW%2FRZhlsppik4CoAJR%2Ft72t4e%2BoPQY7WlrXUYz8FrsfcmPL%2B9Li5bU2jpBz%2BJlkFdTwc3LiFqNXXOC1uKBIjb\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9d730c0c2ac3349b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a0fbb94f0c5b72ab10d18fa5be160ec0","sha1":"75f010ddc8a3ec9fb86a28491f891cf1cf33001e","sha256":"3a8193fa0d9fa4dc2c251ec15aefcb179e9552d6ed57bdb1e5f1cc37b1a9ea52","sha512":"5daf546c2cf7f81ac2b1c4d6be018388ccd7b05701eff06a6e379e7c3c6432de92ed85a011512d0331db3ee04c0a4a514cf4458dc35ba7c8eef8a9893ecf0034","ssdeep":"","tlshash":"a5210263a1a4c85203b085456ce3f4189f17810b0645ed25b3ee50fd5fd0ae68ae762e","first_seen":"2026-03-04T16:21:47.869371Z","last_seen":"2026-03-04T18:47:27.729772Z","times_seen":2,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":62,"dns":31,"connect":8,"send":0,"wait":81,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/assets/index-C-jM6lTn.js","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET /assets/index-C-jM6lTn.js HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tcSm4Qcvp7Er2vhCZ%2BYsfC8mTVUcpynlhtN8SC%2Fhq8e5OA21fNkMidTXswqzMUh129oG38c0dfw9FcsLLCFjzW8EGfNT489%2F27eMKf9TfhOlQNOq\"}]}\r\netag: W/\"69a49aad-1d3486\"\r\ncontent-encoding: br\r\ncf-ray: 9d730c0daf760d38-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1913990,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (64143)","md5":"bcfa7a6fdb817b7114f16e72212af8e9","sha1":"aa72e61cdb53afc38b67429ab6eea729c3ca2879","sha256":"e9ce50185a393aaea7371a2f5cdbfa75178f673d3796447039a0270963dc3a68","sha512":"380296bda8ef8d4971bd7727f1b24b05ad1f0e604da286dd32b233723351805a38e6fdb7b5c4de4d100bd537ff9290968628ceab855d45736cef93407c5fe6f8","ssdeep":"24576:tueHzINAgW2U2awT8Qp6Pu5Sf9tywPlBW/28zeW46Dcsc2fP5E5CYUp:tueHzINAgW2U2awTFwPu5Sf9tywPlBW1","tlshash":"27255d807291b03503a755e964771102f2385854700ec4acfbec9cebbfaa98a957ff79","first_seen":"2026-03-04T16:21:47.864552Z","last_seen":"2026-03-04T18:47:27.73104Z","times_seen":2,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/assets/index-IZcJDMIq.css","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET /assets/index-IZcJDMIq.css HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X12oYIMHCmMVmKNVP5MGpBQjQ4%2BkAqUBBmAA8%2FHe2jDVYEKbnURh9asFzD644Yt7hzZb8rb73LZYqRF6qG6fubxKYpFjzaASdF2CeMrOMnqMs%2Fwi\"}]}\r\netag: W/\"69a49aad-2db1\"\r\ncontent-encoding: br\r\ncf-ray: 9d730c0daf7a0d38-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11697,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11696)","md5":"203b57302388fd4386b8628689957502","sha1":"8a5d17a11518926a182423dc2c304709c12f0f99","sha256":"53fbbbeb2bf3e2e2a35c3c2fc557d13f8a42a86506eb5703d3226b7ea24f1de3","sha512":"f0ede94c6b7f09bcae3f21ca29fc732fdcfb082e37feeffa64bb5e694ec1fff09ef677124ad2009de65aea697cc5808d38de6c656ef9310a565f3ec4dad27a7d","ssdeep":"192:p1PU5BX4Sd1q3FbNqpwxk91M8D7tpSLe6lN3YX3KoUd3e23iH16FIHU8PH4N289I:LMBX4Sd1q1bopwxY17D7tpSLe6XUaoUg","tlshash":"8d322f21b11c242cb07bd8e1f88216aef215fb53e16b47a9fd51a136ccd35a72b32749","first_seen":"2026-03-04T16:21:47.870314Z","last_seen":"2026-03-15T04:53:32.939317Z","times_seen":4,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 04 Mar 2026 18:47:02 GMT\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4887,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fd96ba77783845730c343cf00ac7a93","sha1":"bc4f7f4f71aeae387232155c55c4f031c5f3f769","sha256":"27b95b2fcbc857ba25f7e5a707c5c4c06c5cf93415519b7669c19f4045edca37","sha512":"20b137cf9c61842c7bad62dd6c36125833022552379ad97324dbee2c2e9cb0303b17a9aee813ea2bcdbb68541c8c6edbfecfcfb2858cf27c2cff480d756d80cd","ssdeep":"96:aYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGJc+uTYg4aR6NDO4a3qO4L:vywfydyGy63gy/yFVyR73xpmj3U8fHN","tlshash":"37a1ed91006f9104ea431dd627cf7e32ad8e51956082e27d6ffd2dca6cdbd23122874c","first_seen":"2025-09-10T21:50:06.177565Z","last_seen":"2026-04-04T13:51:33.356334Z","times_seen":11146,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/assets/desktop-CmEk4Y7z.png","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET /assets/desktop-CmEk4Y7z.png HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 106951\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\netag: \"69a49aad-1a1c7\"\r\nexpires: Fri, 03 Apr 2026 16:21:21 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nage: 8741\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0DOrRbufACEyQPfEx5wp9tDxojm6KcFSl%2Fz0JxiVEezn0hiIa0yajCbv2jn0dBaW68c5NhjMwqkqobW52DYBCyC%2B0px9ScKQp7cTFJrR8BCs98Ws\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d730c11282d0d38-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1077 x 570, 8-bit colormap, non-interlaced","md5":"0cbf5f607f535d4d5d7454cab99b93b1","sha1":"d6f2ea86b12ab5212aa6209a4360f031a7528c39","sha256":"4cdafe990c9d5fde0d071a728ed7bb6a0a702f7962e44c58499ee7e0e8ee10a0","sha512":"cda0b51e974cd29d04d6ac994694967eedd2687f4ca875118b6b34632e377e090d7a034a9482f70b13f86ec44fdd932af4eb68cf962a0c989ca3222141dfd462","ssdeep":"3072:JI7NinDcGF7crdmCw1r2lgxoz5josKnAiQU3kEcFFq3wZ+5/8:MGnwmJ1axJvnKecAZ+a","tlshash":"f2a312a8e1c9cf02879e003752e31a3a27c55c456e3171f8326af26424fb665cdbd1eb","first_seen":"2026-02-12T21:01:59.190486Z","last_seen":"2026-03-15T04:53:32.940374Z","times_seen":10,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"invoice-crypomus.com/assets/brand-bg-DmCGC9LX.png","fqdn":"invoice-crypomus.com","domain":"invoice-crypomus.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://invoice-crypomus.com/","date":"2026-03-04T18:47:02.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"invoice-crypomus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 18:17:52 GMT","end":"Sat, 30 May 2026 18:17:51 GMT"},"fingerprint":{"sha1":"43:D8:79:F6:F0:AC:3A:49:5A:89:82:25:F8:1D:05:E9:F3:C3:BD:8C","sha256":"DC:4E:86:8B:B4:E0:8C:38:E5:FF:AA:28:45:B3:6B:FE:D2:DE:55:9C:1A:95:B0:DE:D9:21:D8:13:4B:4D:B4:A3"}}},"request":{"raw":"GET /assets/brand-bg-DmCGC9LX.png HTTP/1.1\r\nHost: invoice-crypomus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://invoice-crypomus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 04 Mar 2026 18:47:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 27361\r\nserver: cloudflare\r\nlast-modified: Sun, 01 Mar 2026 19:59:41 GMT\r\netag: \"69a49aad-6ae1\"\r\nexpires: Fri, 03 Apr 2026 16:21:21 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nage: 8741\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KinZHyv3HtomtNOG9uKitJoskftZupUltacT3%2BVQA%2FtGGFVV3buH4xWEMEHhE%2Fr5GN%2FdZrfqGgMEC33wNKKFcqOO2VpQrNrAfJrEFglBF9loYf7C\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d730c11282f0d38-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 455 x 212, 8-bit/color RGBA, non-interlaced","md5":"a59bd143fe31b649be7948218efa6e4a","sha1":"c97bab41c6b8e17b9946e7b0277d9c043a824958","sha256":"10f48f964657d5c72ca79fb78e8b9ef68ed2950b2068236b8d1043bdf39d7164","sha512":"10812981df73d4f7276351664f08edd9f6a0a40d418594842d7dc68c1cb72ceb977e719a85065c7e0c3a04ca7002381a30ba2fbce14e889b15a5ededaf0cade2","ssdeep":"768:dsoo1zPXFqkkybNXMZIeNqwP6Y+8OMm4hzW22fdZ:1olPXNXuJHP6Y+8Ox22f/","tlshash":"55c2e1aa373800a134ccd2bbd7ed766c9fa532942e95eb7d3c10a254122b61c5867333","first_seen":"2026-02-12T21:01:59.191594Z","last_seen":"2026-03-15T04:53:32.941289Z","times_seen":10,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"invoice-crypomus.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}