{"report_id":"11b07c62-8bb1-452d-8753-579085bac3b0","version":6,"status":"done","tags":[],"date":"2026-04-07T14:18:31Z","url":{"schema":"https","addr":"usdt.fb-mallgo.top/","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"104.21.37.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"title":"USDT 转账","dom":{"size":51935,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24412)","md5":"dfc0c6d99182a2ecf9d3e7ba9c5c3768","sha1":"5c8a9a4a9c0f0227c30e090db260e4cd0a388f6f","sha256":"4d434bb985ab59d23b84cab70d43b906ef484308030bea3d7295c5e092f29987","sha512":"36fe72563cad75cea956427a421359f070e7a501b0e4269ef20a3dc945df76ccd262f0e93960727e5fa4a22a609fe8f44b52867308ebc430711a81c616b88a0f","ssdeep":"768:R98VugKsTkw6yoBEjlrptYeIeDKQ8lqpnFiqpTrUUdq1FE:I4gK2kw6pBEjlrptYNeeFgLpUbFE","tlshash":"b9339d592bf711216a23b4a817ab61022124f907b849ce687f9cc3644fc99e9cda37dd","dom_hash":"domhash473237375b95fcea4d1db4d6138a7bb5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"104.21.37.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T14:18:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"usdt.fb-mallgo.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-10","domain_rank":0,"first_seen":"2026-04-07T14:18:28.433693Z","last_seen":"2026-04-07T14:18:28.433693Z","alert_count":0,"request_count":5,"received_data":112978,"sent_data":2249,"comment":"","tags":null,"fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-05T22:35:26.697622Z","alert_count":0,"request_count":2,"received_data":1096519,"sent_data":882,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/tronweb@5.3.0/dist/TronWeb.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"40a4dbb7c64df8a858e3458618d7dcdd","sha1":"7b887ffe7db478084cac6eb9ab1891560842507f","sha256":"415e9511777e6654363ccbbcefd5d0588f8e125851b214782972fe189e86a47d","sha512":"90d899174a2d3c4d644e892eb963e380cf087c57df05327d541724f4956d489cc0dcc896ef8e7419ae29f6b5e2309e2d7ce7edbee7812fffe2bb79d8de3e174f","ssdeep":"12288:rYdb9W6rbtYLAVbjsUK1xs9gr2SIEA1mS8:rY59W6vtYLEbjsUK1WC2SIE4mS8","tlshash":"3435f88876c6f166479220f0043b640eb23dab5cd45ca554f398e4e37df9ada872bb34","size":1075009,"data":"","first_seen":"2026-01-24T19:48:09.076307Z","last_seen":"2026-04-07T14:18:33.203897Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/qrcodejs2@0.0.2/qrcode.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","size":19927,"data":"","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-04-09T07:05:38.010184Z","times_seen":54649,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd55fa4890b7be9fca1a1b405232d1d6","sha1":"f810d0fb6bd58a9d67ae9c4b93c03655a1bb78ba","sha256":"f2d4eb121129154d17be3401edbd501e36fcf4a8525a5c5db2c14d6f099937fe","sha512":"d2fdc03560d6ff3ee66423035e944777d0a977c4e6cf6dd7dddaa056a8c1518e1c6dc86b1e7ab2cab872e759fd5a77b47ab499b53e7e10473065101cf8400eda","ssdeep":"384:9UqIPKQmQwQLJQPVCCJIxg69dnq17W00goT7u:KrUUdq1FV","tlshash":"458274592bfb1131073374a9479f60163024f9073848ee697b8cc7221f999a9d9b3bed","size":19008,"data":"","first_seen":"2026-04-07T14:18:32.308927Z","last_seen":"2026-04-07T14:18:33.205255Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T14:18:08.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fb-mallgo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 17:18:29 GMT","end":"Tue, 30 Jun 2026 18:16:50 GMT"},"fingerprint":{"sha1":"43:01:CE:29:D8:A8:B0:B6:68:41:A7:C0:4B:EE:8C:D8:17:2C:29:7A","sha256":"1D:76:27:90:6A:09:E6:73:5B:F7:86:BD:35:38:6B:45:C4:FC:FD:C7:09:54:50:D4:CC:69:AD:48:6E:9A:11:4D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt.fb-mallgo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 14:18:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Mar 2026 16:02:33 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sp9%2BgDnwaleuO4zIU55%2BLVCyCQDGwhltAQDjJg9ymnuVXPt2T7bHRUFQV1tWiaCJ6%2BgsG%2F3rUVBYq3xAJlzgs%2BViZS%2B6COJUosTSEYqlT2Yvrp7i0RkezP4Ycp81C4U5lhv2900%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e89a8ec2a17723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27653,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"f9596d55bc2e013cabb8dc99c1de3f2a","sha1":"ce61972d09de1370fcccdec8a6862549b5872de8","sha256":"b18103322aedfc8b1d8b8f33aa1b1763f1a84f50d141943de313b6a2912ae8b7","sha512":"25aa6310d703d1872a36381e3caa0f43a6f184cec0309ddc4580a45a36327a3e413a296f6f1ec60cc8420608627c3dc8f47846869226d627413a475f94c18fa9","ssdeep":"384:19+VugKsTkwb1UfUqIPKQmQwQLJQPVCCJIxg69dnq17W00goT7f:19+VugKsTkwZU8rUUdq1FE","tlshash":"0cc2c7592bf711326623b0785beb61063124e903a449de683f9cc3604fc99a9d9b37ed","first_seen":"2026-04-07T14:18:32.276313Z","last_seen":"2026-04-07T14:18:33.166234Z","times_seen":2,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":264,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/tronweb@5.3.0/dist/TronWeb.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/tronweb@5.3.0/dist/TronWeb.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.fb-mallgo.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"106741-e4h//n20eAhMrG65qxiRVghCUH8\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\nage: 1171132\r\nx-served-by: cache-fra-eddf8230075-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 244182\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1075009,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65471)","md5":"a9d2edfcf9ea04db460e7e05c903019f","sha1":"9a197bcc36c0fe5aaaf52af19da848d7f42c7fd9","sha256":"fe151e58303f3779de0fdf93b48bd88ddc12e0dffeda674c021f90c6a554d5be","sha512":"b66a29b7c007ffecf28e715a522c53f6bf0bab37bda7e7959ffcc0b64a18b44fa4831a7f88d1d13561324bb9dbf32421ab731135292c7dadd954327543f90f06","ssdeep":"12288:rYdb9W6rbtYLAVbjsUK1xs9gr2SIEA1mS8:rY59W6vtYLEbjsUK1WC2SIE4mS8","tlshash":"4e25f88876c6f166479220f0053b640eb23dab5cd45ca154f398e4e37df9ada872bb34","first_seen":"2026-01-24T19:48:09.064329Z","last_seen":"2026-04-07T14:18:33.176684Z","times_seen":14,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":112,"dns":55,"connect":26,"send":0,"wait":28,"receive":84,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/images/imtoken.png","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fb-mallgo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 17:18:29 GMT","end":"Tue, 30 Jun 2026 18:16:50 GMT"},"fingerprint":{"sha1":"43:01:CE:29:D8:A8:B0:B6:68:41:A7:C0:4B:EE:8C:D8:17:2C:29:7A","sha256":"1D:76:27:90:6A:09:E6:73:5B:F7:86:BD:35:38:6B:45:C4:FC:FD:C7:09:54:50:D4:CC:69:AD:48:6E:9A:11:4D"}}},"request":{"raw":"GET /images/imtoken.png HTTP/1.1\r\nHost: usdt.fb-mallgo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.fb-mallgo.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 47214\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Mar 2026 07:01:29 GMT\r\netag: \"69b8fc49-b86e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P1rX89taz8WVzVAR%2FgXtUsE%2FczhbGM1Iqq7A6kF%2B6AtogGP5%2FQJL7tsRHKRcrzjoUc8GGhqFMB%2FNPADDKMgrS5SIbYSqoUireTuUn7iOvbrLs1ddotnr0Ce%2FbF24FBhkL%2BhzebY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e89a8eeee2bb4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":47214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"4b4eee754ec00df2c9c0801a35797875","sha1":"4270f3a387b2295ed3ce0982630c0bbba0f2f5a6","sha256":"f8083ccf74caf460c9631773df2bfb7e48e0301ae7a8247035f41d33120749ff","sha512":"19b09257337b0954eaf9e2b43996ae81508eeeaf4a28fdd78f5229879dac8b9a0e3cdc5469e3319f8cbcf2fd8e1400dfa3636f034b4fbddcf7f4ec2bae5d6e4b","ssdeep":"768:Vw67udDw7hJlYNGe4WnwrKZxj1kryerKxQNNcWNEAzXUhFeIYRRifvVKYY/1tDPM:a637hJlYNGJWnmixjeryxCNhNESX+FeO","tlshash":"e72301e88a21dd0dcd73fd6d94648141a14a98175aa21fc70b7828cadfa4d8f09c6bc8","first_seen":"2024-07-24T00:05:59Z","last_seen":"2026-04-07T14:18:33.185436Z","times_seen":7,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/config.json","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fb-mallgo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 17:18:29 GMT","end":"Tue, 30 Jun 2026 18:16:50 GMT"},"fingerprint":{"sha1":"43:01:CE:29:D8:A8:B0:B6:68:41:A7:C0:4B:EE:8C:D8:17:2C:29:7A","sha256":"1D:76:27:90:6A:09:E6:73:5B:F7:86:BD:35:38:6B:45:C4:FC:FD:C7:09:54:50:D4:CC:69:AD:48:6E:9A:11:4D"}}},"request":{"raw":"GET /config.json HTTP/1.1\r\nHost: usdt.fb-mallgo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt.fb-mallgo.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Mar 2026 16:25:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pQ3lLPnwi2%2BKLrE9fJ1lte7NtSWowLUnBLZEMidk9u2m3d1j%2B7zrWlv8lhYoVGMc2ljfHr6AcmPy8ArBoDBO1iOaU9ZigJISAzA8YOWGgA%2F5viIZtqgV32CYMEctQ8T%2BLzv6iD0%3D\"}]}\r\netag: W/\"69b98087-d7\"\r\ncontent-encoding: br\r\ncf-ray: 9e89a8f22a23b4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":215,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e0adc05b2300ff91f6b809a981e9099c","sha1":"470a469399d30648afc2c71587de435c016107b9","sha256":"af551a48a46f9b6913cb4a4ebb6fbccbfdb955752d573b90a582c0bee2311281","sha512":"0b09b1a0db90f6ae95bc5fb0b29db7f38930dd649d2b302c34901d5d69ce4e324c62b39b1a70dfa7aab484833af907551706977b22d00fa07759def44d5341cc","ssdeep":"","tlshash":"3ad0a7009241330749d2b904e0ef4a53149e9d6195881c15432f820f47ac1ef0d6a20d","first_seen":"2026-04-07T14:18:32.273561Z","last_seen":"2026-04-07T14:18:33.196493Z","times_seen":2,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/qrcodejs2@0.0.2/qrcode.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/qrcodejs2@0.0.2/qrcode.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.fb-mallgo.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.0.2\r\nx-jsd-version-type: version\r\netag: W/\"4dd7-LQbB+CPzTBmYHGrgsOsPWGHF4Us\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\nage: 792819\r\nx-served-by: cache-fra-eddf8230162-FRA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7121\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (19927), with no line terminators","md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-04-09T07:05:38.010184Z","times_seen":54649,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":112,"dns":54,"connect":26,"send":0,"wait":86,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/images/TronLink.png","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fb-mallgo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 17:18:29 GMT","end":"Tue, 30 Jun 2026 18:16:50 GMT"},"fingerprint":{"sha1":"43:01:CE:29:D8:A8:B0:B6:68:41:A7:C0:4B:EE:8C:D8:17:2C:29:7A","sha256":"1D:76:27:90:6A:09:E6:73:5B:F7:86:BD:35:38:6B:45:C4:FC:FD:C7:09:54:50:D4:CC:69:AD:48:6E:9A:11:4D"}}},"request":{"raw":"GET /images/TronLink.png HTTP/1.1\r\nHost: usdt.fb-mallgo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.fb-mallgo.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 34174\r\nserver: cloudflare\r\nlast-modified: Tue, 17 Mar 2026 07:01:30 GMT\r\netag: \"69b8fc4a-857e\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ranges: bytes\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RAR8VxT4KzgxQ5Z6KrrmqfrT%2FFnAQW5%2Bmlqp%2B1saAI3zb4pXdQf9ijHZzfhaLhpgFLIJXGkFEaw2NWDB%2BJDpV4qFt5gx8g6%2B2wM54a7oIRqN43q3ANDUfpEIR4qlgvuzJbGfn%2Fw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e89a8eeee2eb4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34174,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"651de7f9f4894e6494776e80c301bfc2","sha1":"d7eaaf01ebe99e3fdd5b9176f75b4340d3b796bc","sha256":"dd7fe5ac51869106729d7d9d4d2deeb4911a5311e3a00cf177d92c697e649517","sha512":"31c9f1179002c9d029e6f3a2c0695b085d58e118e606a729190321b908d34de854a0c7a4390daed053af08cf06d0cd12bde47331f6f51fb4be928a11e3949a6e","ssdeep":"768:r1tI3HbzYeq7f7yG0YLobTTub0aQXtGUOV6PMz7MXYEcC7suBO:rgzYeqawobTabFQXAUOpzVxCIj","tlshash":"13e2e15e7b6cd4053834c03ba184616b6f37b31436cfb85d0846c9b98e35d9ebfaa861","first_seen":"2023-05-14T18:27:19Z","last_seen":"2026-04-07T14:21:40.292288Z","times_seen":134,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.fb-mallgo.top/favicon.ico","fqdn":"usdt.fb-mallgo.top","domain":"fb-mallgo.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.fb-mallgo.top/","date":"2026-04-07T14:18:09.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fb-mallgo.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 17:18:29 GMT","end":"Tue, 30 Jun 2026 18:16:50 GMT"},"fingerprint":{"sha1":"43:01:CE:29:D8:A8:B0:B6:68:41:A7:C0:4B:EE:8C:D8:17:2C:29:7A","sha256":"1D:76:27:90:6A:09:E6:73:5B:F7:86:BD:35:38:6B:45:C4:FC:FD:C7:09:54:50:D4:CC:69:AD:48:6E:9A:11:4D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usdt.fb-mallgo.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.fb-mallgo.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 07 Apr 2026 14:18:09 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nage: 2\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CV9n%2F7%2FteHEbHY%2BzeplLhoJC2MV6%2BP3AXNj7EQr0viy7zHj%2BfVIrFDesL74NiKaRvIiaUapnJM7W4rdiNGAjy4kiSYZEAkoAc0zHna61cLYGNRvPg5G1EENOyQSXgqa7o%2BxvoFo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e89a8f2cb0cb4ee-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"38fd9129885a19f7caa296ee2f929add","sha1":"1220f952376702a0d27126d44f340380994d9577","sha256":"7a50dcaa62ecb3ba63d3f2e6f62c821f54f40e5f6b8fa78a594cd6834c50b4fb","sha512":"645bc135e9541dd231680805032fc8e5a6d115dff706eedba0d6bb67aa236753970b310a498b7ff6826650bd09027931e16a244debca3f220e5d70a5c06fa627","ssdeep":"","tlshash":"35c09b1d655365449913115163c33541d195833f689a84110901c543b0cf196c4c63a9","first_seen":"2023-05-31T06:15:15Z","last_seen":"2026-04-09T05:20:21.847688Z","times_seen":1721,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}