{"report_id":"4652e3e8-b366-4644-9a26-70988f556dc3","version":6,"status":"done","tags":[],"date":"2026-04-07T14:35:00Z","url":{"schema":"https","addr":"usdt.defi2016.vip/","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt.defi2016.vip/#/","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"title":"Dashboard - DeFi USDT充值站","dom":{"size":18795,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16418)","md5":"f9d68729595ee35026df5b451c89699a","sha1":"a3359065b888879ac0da9f28f30103eedf09de4c","sha256":"1d57c9dbc4750f52b4f0c30e086163309677c7df26106ba81b4458f8b9d2dd0e","sha512":"5774a345a49457759abef0f90c7e1478e74f66441144f44e0ae64fb825b54db7695fa55d6f49b6e26ddedd9ef84009715481754b608948e8d3fe290472bcbf84","ssdeep":"384:kgtFsxJ7hjQQXccuvytw9wfKE6M0UDjvBtB:kgtFCQmuvytw9wfKEND7F","tlshash":"77821d28b000117b05b3d5c6b57afe0a60eefb1bc5da08417eae52541eefc65f8a5839","dom_hash":"domhash421382546fa2003114dae0b6db5cf25f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdt.defi2016.vip/","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T14:35:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-05T22:35:26.697622Z","alert_count":0,"request_count":9,"received_data":249958,"sent_data":4718,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"usdt.defi2016.vip","ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-23","domain_rank":0,"first_seen":"2026-04-07T14:34:40.832385Z","last_seen":"2026-04-07T14:34:40.832385Z","alert_count":13,"request_count":13,"received_data":4797513,"sent_data":6047,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Popper:2.11.8","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Bootstrap:5.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"adminlte.io","ip":{"addr":"104.26.7.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-05-03","domain_rank":166790,"first_seen":"2017-05-17T16:28:48Z","last_seen":"2026-04-07T14:34:41.359516Z","alert_count":0,"request_count":2,"received_data":412119,"sent_data":868,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/overlayscrollbars@2.11.0/browser/overlayscrollbars.browser.es6.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b623a38f3e80ba36bc4cd0b51966f16b","sha1":"f7806e5436712b769c9d831daceb1d386c367f14","sha256":"3d65f79196d8e343933c034755f1e561112c186e1bfc8579c592cef33b6574b8","sha512":"714b6dc270093e3c6d355d09ed85844268005dd480f13a3e44eff579082b8cc32d0e6bb234fd3062036a350f629eca95dbbd25fe1b77a281a246e0b4a0b8298a","ssdeep":"768:QiD8VBbz+bFQfsUgIIxboQDzQ0likQCyKp+HzLm0+j4FSl8HImkYN27Rcbq5GAoe:PQTI2GQtBHLWPpmkvSfg57V","tlshash":"80d21ae17692f02912ff0cc694794624e31d0959340b88c6e1bcae16bc7a4a365f7f3e","size":29334,"data":"","first_seen":"2025-11-10T06:40:47.153467Z","last_seen":"2026-04-07T14:35:04.686112Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminlte.io/themes/v4/js/adminlte.js","fqdn":"adminlte.io","domain":"adminlte.io","tld":"io"},"ip":{"addr":"104.26.7.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2610a5494cdc54183a4e6e012729ca5e","sha1":"2071227838e65f4f9aa5db9e1e4015ec3d286284","sha256":"1ec2eb7a4313367c74d8258c4d7994b767e6ab65a5d715828dc84e734fe66ac5","sha512":"beb30b68ba90a5bb6b70d209ac0131a9ea5f868e67add44de9b93ca9cd5c34b0f706e6e58c5669d8aa3bcae218f30b1a0fac4e03fcc842872166c4f5e9b90dd3","ssdeep":"768:n9BIZWMXZytWBElX2K1/E5t8ocUSrV0diB9MaFKQgcsAAL3a78:9BIaWBkvocUSrV0diBddAL3w8","tlshash":"132351292efb04734167e5be2b9b6185fa31904b3805cd193e1c8b881fd5b6056eebf4","size":48330,"data":"","first_seen":"2026-04-07T14:34:44.39607Z","last_seen":"2026-04-07T14:35:04.698791Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/index-hlIBeYsd.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc70fe639ea46dc0da2020d39fa65cb7","sha1":"170c1868eeb99750527e6c1eaaa7579aad397065","sha256":"8a3025771b2bf0017c6a4a26a722f2c2364844cf65c3dca7f2123e25a6d9101a","sha512":"9bf2fde9345bf3a7c4b9cff6640ea7794c8f6ca36f292d5aac8b37961938466dc4a993108c09d64ec82e2c177bc5be0b00b0318ed01cbeb28086a78e8fa2d8d0","ssdeep":"12288:LkqDuEr8/yp7A7zDE8BevdQo01ixK4jhAgjVA5TdJL:LkqDuEg/ZzW1Qo01ixK4jhA6VopV","tlshash":"f1c44b897046707a57e356e570bf0541b2382e86f0498055b4fccced2a7ac25a67bfbc","size":591908,"data":"","first_seen":"2026-04-07T14:34:44.402955Z","last_seen":"2026-04-07T14:35:04.691271Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-07T19:38:09.391388Z","times_seen":237085,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-07T19:22:50.655113Z","times_seen":95392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-07T19:22:50.655113Z","times_seen":95392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"31032b08bd8e72220462d3f54f8bd69a","sha1":"871d6ef1070bd363ea390e0c8c384e47dce7f389","sha256":"c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782","sha512":"4cf8763b1960d73a7e933de7140d02e6f542ea5786ffa9a6d73f7e980f35308e5e69456a6ac3cb3bc0ae93880c1788147cfe5eb51ef7ae053ff0f34cb127aca1","ssdeep":"384:PZjckOxmemwN3igs6HdfGmLmnNV5LrpfV1Nn1K4kwTiO6rg3MI/9NUmJ/aZg:uxmemg3igs69TYf/pd1Nn1uwXSg3MI/9","tlshash":"f392d7dc3a94f0e5167b52bac03f011fb2379524218ee510a255d6c92c74ebba23bd7e","size":20122,"data":"","first_seen":"2023-05-30T11:24:05Z","last_seen":"2026-04-07T19:27:38.511391Z","times_seen":8934,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/js/bootstrap.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"20780829333b37d19f72573fddec1bbe","sha1":"1aa51f1308d88e9457c104109c7d16805aee67ed","sha256":"95e979ec98a6d7f096e08d621246877b12bf27d87f6519de78e44a890b8d3888","sha512":"cca79ead61c7b8fddaafb917d962814843736fe189cad15204be87ad1da73d247590e5f5aa39bea07a2842d6c3a4305221383297b417640a6f0df0d6bca8e453","ssdeep":"768:/kN++IvGHWyOOY/fwAxOlU5iBNY6DPg1vbMQVRKrU/cay9KRU1Y2WZGTs/hzQ59S:/fxkO0jalhmRtFGFJuNSkDY","tlshash":"1053a6563244b9330ade84e68172430bf7155d98b547816cb5bcacde2b7ec827273bb8","size":60775,"data":"","first_seen":"2025-06-27T12:24:01.077743Z","last_seen":"2026-04-07T14:35:04.689482Z","times_seen":158,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/overlayscrollbars@2.11.0/browser/overlayscrollbars.browser.es6.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/overlayscrollbars@2.11.0/browser/overlayscrollbars.browser.es6.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.11.0\r\nx-jsd-version-type: version\r\netag: W/\"7296-94BuVDZxK3acnYMdrOsdOGw2fxQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 1222477\r\nx-served-by: cache-fra-etou8220195-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 14606\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29334,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29175)","md5":"b623a38f3e80ba36bc4cd0b51966f16b","sha1":"f7806e5436712b769c9d831daceb1d386c367f14","sha256":"3d65f79196d8e343933c034755f1e561112c186e1bfc8579c592cef33b6574b8","sha512":"714b6dc270093e3c6d355d09ed85844268005dd480f13a3e44eff579082b8cc32d0e6bb234fd3062036a350f629eca95dbbd25fe1b77a281a246e0b4a0b8298a","ssdeep":"768:QiD8VBbz+bFQfsUgIIxboQDzQ0likQCyKp+HzLm0+j4FSl8HImkYN27Rcbq5GAoe:PQTI2GQtBHLWPpmkvSfg57V","tlshash":"80d21ae17692f02912ff0cc694794624e31d0959340b88c6e1bcae16bc7a4a365f7f3e","first_seen":"2025-11-10T06:40:47.153467Z","last_seen":"2026-04-07T14:35:04.686112Z","times_seen":7,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 07 Apr 2026 15:22:38 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TLBSMDgv6XO8SN%2B1jMQyASH%2FfUh36jXFjuKhvAeiz2nGgX7huyXEdGS6CjSCh%2Bxib1UJ3K4LyOQ%2FYJpBWnF2rNbGWawuf446s3bbQqZzTeCXyMwEHqmbTGb71ygPIB3bgF79Qw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncf-ray: 9e89c1159d5123eb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-07T19:22:50.655113Z","times_seen":95392,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fontsource/source-sans-3@5.0.12/index.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fontsource/source-sans-3@5.0.12/index.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.12\r\nx-jsd-version-type: version\r\netag: W/\"ad2-dPui/DdP92UDBG6Mc5kDY4XlTpk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 1005053\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nx-served-by: cache-fra-eddf8230091-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 572\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2770,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"05c8d96168f3ddff8151eafb286eaadb","sha1":"74fba2fc374ff76503046e8c7399036385e54e99","sha256":"b5725f5dfa7a130b758a53f32c3b509c957885c953f57b9a6542b252f9b2afe4","sha512":"47ed062ef719b0d14da06f402f0ba192a72ea4d990e4286e23b2d3be98bf0fdc0b9b691291f1b00cbed6ebb3b4aa28db82458a4c6e9c48918376137ba4f47b60","ssdeep":"","tlshash":"b9517a7280a1323077672d45a7df6d12195d6413e2cad76eef2d48500db283983d5fee","first_seen":"2025-10-11T12:16:44.475414Z","last_seen":"2026-04-07T14:35:04.68752Z","times_seen":12,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":65,"dns":0,"connect":26,"send":0,"wait":15,"receive":9,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/overlayscrollbars@2.11.0/styles/overlayscrollbars.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/overlayscrollbars@2.11.0/styles/overlayscrollbars.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 2.11.0\r\nx-jsd-version-type: version\r\netag: W/\"3392-w4F3sJPTRi/jcpjXUZdij9SL3Kw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 2087700\r\nx-served-by: cache-fra-etou8220184-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 2538\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13202,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (13044)","md5":"550f03bacd7866bf935f4e27d658128b","sha1":"c38177b093d3462fe37298d75197628fd48bdcac","sha256":"a22bd0869655d1bb6399b1441962dfde20a4b2e57de99c285b9c961517e798d8","sha512":"3c1ce8b850755ed0cc1d7f64550deb87b303c2f1c5c83e457e544d72e324ed0f4147dbfc0e0c23656bbefb2ac8c4e8ec756de3fac8fd2a79d8e7d263cf1e6159","ssdeep":"192:lM79XnH0aq0TVNA9yeeSWH+fZpzczaw9y3n3/diH5+uYrp:6OweRpQ1Yuq","tlshash":"7d52ff61fa6970f789ffb12dc9c66fed422ca3935f5804d1f0205f392a897ba168161c","first_seen":"2025-05-18T02:17:34.492074Z","last_seen":"2026-04-07T14:35:04.688148Z","times_seen":10,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":30,"dns":1,"connect":13,"send":0,"wait":15,"receive":2,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Tue, 07 Apr 2026 15:22:38 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aCbvEzrJODLSVCQ8K0mW0HqazTr5qRasrx84ktdjh2HJTx2MnPPGe5ZK%2FSNDW%2BaLTtHdwIctX5Ry9sfddytNMj%2BrJnXZXxbs1cuJS6Kon6d8k6V18cPC7mftQd3CDlywKe9BNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncf-ray: 9e89c116dd7823eb-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-07T19:22:50.655113Z","times_seen":95392,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-latin-400-normal.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-latin-400-normal.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.0.12\r\nx-jsd-version-type: version\r\netag: W/\"3aa0-R3zmzCrW27tgSPf7/stA+vdUUiU\"\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 1644288\r\nx-served-by: cache-fra-etou8220053-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 15008\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15008,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15008, version 1.0","md5":"d8aeffd476b499f02a1f4df160c68bb0","sha1":"477ce6cc2ad6dbbb6048f7fbfecb40faf7545225","sha256":"78e2217793fe46bec6cf1bcabab165033fd94be1935ad1eda2a31ad845073bd6","sha512":"b18a9b7cc9c60f9758e26ccac008194460893e1d9b386bab95e5ec2a56d8bc2e07e81c6b436499cd1d7f1220648c9615f41e2d9423609a8daabca653dd387c1e","ssdeep":"384:L1+Y2MufbyMonJzOgwzOJc5suTPw2Ckxh0syI:LcYluDyMogVzKYsuToH0hvyI","tlshash":"7b62c0f74931ccbfe235ae734661f6155e127a8c914e8eae3133b22a8bd74995d442c0","first_seen":"2023-07-14T22:18:40Z","last_seen":"2026-04-07T14:35:04.688803Z","times_seen":37,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.7/dist/js/bootstrap.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.3.7/dist/js/bootstrap.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.3.7\r\nx-jsd-version-type: version\r\netag: W/\"ed67-GqUfEwjYjpRXwQQQnH0WgFruZ+0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 1864150\r\nx-served-by: cache-fra-eddf8230026-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 17292\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60775,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (60496)","md5":"20780829333b37d19f72573fddec1bbe","sha1":"1aa51f1308d88e9457c104109c7d16805aee67ed","sha256":"95e979ec98a6d7f096e08d621246877b12bf27d87f6519de78e44a890b8d3888","sha512":"cca79ead61c7b8fddaafb917d962814843736fe189cad15204be87ad1da73d247590e5f5aa39bea07a2842d6c3a4305221383297b417640a6f0df0d6bca8e453","ssdeep":"768:/kN++IvGHWyOOY/fwAxOlU5iBNY6DPg1vbMQVRKrU/cay9KRU1Y2WZGTs/hzQ59S:/fxkO0jalhmRtFGFJuNSkDY","tlshash":"1053a6563244b9330ade84e68172430bf7155d98b547816cb5bcacde2b7ec827273bb8","first_seen":"2025-06-27T12:24:01.077743Z","last_seen":"2026-04-07T14:35:04.689482Z","times_seen":158,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@popperjs/core@2.11.8/dist/umd/popper.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.11.8\r\nx-jsd-version-type: version\r\netag: W/\"4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 2267353\r\nx-served-by: cache-fra-eddf8230168-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7110\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20122,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (20033)","md5":"31032b08bd8e72220462d3f54f8bd69a","sha1":"871d6ef1070bd363ea390e0c8c384e47dce7f389","sha256":"c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782","sha512":"4cf8763b1960d73a7e933de7140d02e6f542ea5786ffa9a6d73f7e980f35308e5e69456a6ac3cb3bc0ae93880c1788147cfe5eb51ef7ae053ff0f34cb127aca1","ssdeep":"384:PZjckOxmemwN3igs6HdfGmLmnNV5LrpfV1Nn1K4kwTiO6rg3MI/9NUmJ/aZg:uxmemg3igs69TYf/pd1Nn1uwXSg3MI/9","tlshash":"f392d7dc3a94f0e5167b52bac03f011fb2379524218ee510a255d6c92c74ebba23bd7e","first_seen":"2023-05-30T11:24:05Z","last_seen":"2026-04-07T19:27:38.511391Z","times_seen":8934,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.13.1\r\nx-jsd-version-type: version\r\netag: W/\"153e0-rp/p6DPa9owjeUXpre5bfzVHjRk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 3074912\r\nx-served-by: cache-fra-eddf8230039-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 13598\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87008,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65354)","md5":"c88a56421d181b3808a23a69d9ef9560","sha1":"ae9fe9e833daf68c237945e9adee5b7f35478d19","sha256":"a5d6387a32ca3baec4d02336b5b3edab50c9dd518355576a011ea3dd9c1d884e","sha512":"b7b15ec3dc6575d12681dde829941a864348e1d4ba97cd3e7861331508aab7255876f7121b60f722e6fbed1db405da2d7d13c0f5c69a464835b7268988f98ed2","ssdeep":"768:tPcr8JUkZrpULKt4bDcf3oQpeqfZs0BWeUz5+XIHx5qkgwTZ:VrpEKt4moUeqfZbc5+XIHZZ","tlshash":"1283fbe8e58d05e8f372c48fbf42675e31aafa3cd5811c68f14a112d5ac16650ac7fb8","first_seen":"2025-05-16T19:02:39.078687Z","last_seen":"2026-04-07T19:31:07.605431Z","times_seen":996,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":28,"dns":1,"connect":14,"send":0,"wait":18,"receive":2,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/index-hlIBeYsd.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/index-hlIBeYsd.js HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d562d4-90824\"\r\nexpires: Wed, 08 Apr 2026 02:34:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1A8cimM4bTynENQOgTGmw%2FzubEhti4TQosB1izy5Ct1HgileA%2BmceM%2B%2FfKRnEOo%2Bwt8kywp2lnhw4i8JRuA4BdjK7sKBU9xDN63rL16abeA2hl%2FFsjRQaUqCYOfYw94qlDq3aA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e89c1177d9023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":591908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dc70fe639ea46dc0da2020d39fa65cb7","sha1":"170c1868eeb99750527e6c1eaaa7579aad397065","sha256":"8a3025771b2bf0017c6a4a26a722f2c2364844cf65c3dca7f2123e25a6d9101a","sha512":"9bf2fde9345bf3a7c4b9cff6640ea7794c8f6ca36f292d5aac8b37961938466dc4a993108c09d64ec82e2c177bc5be0b00b0318ed01cbeb28086a78e8fa2d8d0","ssdeep":"12288:LkqDuEr8/yp7A7zDE8BevdQo01ixK4jhAgjVA5TdJL:LkqDuEg/ZzW1Qo01ixK4jhA6VopV","tlshash":"f1c44b897046707a57e356e570bf0541b2382e86f0498055b4fccced2a7ac25a67bfbc","first_seen":"2026-04-07T14:34:44.402955Z","last_seen":"2026-04-07T14:35:04.691271Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/share-icon-NapgV8ur.png","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/share-icon-NapgV8ur.png HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d562d4-15bc32\"\r\nexpires: Thu, 07 May 2026 14:34:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Plb%2BaFMkwGpXtTsHMnKGeA1exNEUKdr9yIt3USpqnGvvkOLynea57%2B1BP6dZmvRgx30NT8G6ghsoZSlhpQ6Vv93w18RP546qlTR3CGz%2BXCGDqNI1wWgN4nI1dVI40KRGjOaqSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e89c118bdbc23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1424434,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"a0a61100a227a1fb1ecff6479a3791b4","sha1":"f8911aaca949cb3fe28d2379299c551552f68dd8","sha256":"fccda99ea58ddb2deddc9f68d2cc52a2e71f9ac322ebddaf02c5429008832bf7","sha512":"540fb80494189d71a795e79498d87e03c434e3be441b5b3531bcb3cc8f479e1d5a01e7f5d9447da2c208648f411b999c41d7be49e3e3236810a37fc3101799dd","ssdeep":"24576:hA4zMzKYpptcOaLxeQVlejDLRwJutYZLz7gormFobudAWFh:h/gzKmpiOu+nRM10orPudAWz","tlshash":"2a2533f9b50117b0e1677dfd209a3e8af5305fc82ad73acd0683ad684761c90e2475ae","first_seen":"2026-01-28T12:30:56.064792Z","last_seen":"2026-04-07T14:35:04.69204Z","times_seen":5,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/api/cms/page?page=home\u0026lang=en","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /api/cms/page?page=home\u0026lang=en HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oY7QOGgC4pzdcf7MzclChR6W9rdY4RL15VX0NRT4dYWZgkZFuzFpqlJSuCJ%2Fu3t4V%2BAhntHBYG079C0SUi0qRpYvCV%2BGNWYcHoKAkje9MiCMdCr0EavpBg9Ios7VFPpL7SLe5A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e89c118bdc023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4517,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3f56c8e683b001a0c29bd44b1b214387","sha1":"f389d2990cb5122262bc04cfe5b99aceafd366ac","sha256":"eb7d47cb631f98315721cc14de9a6ad0ab90c35c4bc26365a79c02c183d21b09","sha512":"6c979b2b56f5a6c49b85de89748084f594d6bba26e2e92d3217187cf25cf7d4324249dccd5097af5cc5a8496e67b48606df7a75ecd0429ed02d465a50a427da3","ssdeep":"96:V+fv5pfUWlqp3VtPFvoDeySx09XKNbPtOg5ImWwL5Bb1WQqVGdb2gtrLJ:4pUWlqp3VtPFvoDeySx09X2DtOaVWwcI","tlshash":"bb9130291a66df29c2c5fe8f71f43c3348e5e49a96d1b218749dce0c802adb1d287779","first_seen":"2026-04-07T14:35:04.692813Z","last_seen":"2026-04-07T14:35:04.692813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-cyrillic-400-normal.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-cyrillic-400-normal.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.0.12\r\nx-jsd-version-type: version\r\netag: W/\"23d0-eKl5d5m6cOLYHhsZV8QSZCdAKw0\"\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 1317381\r\nx-served-by: cache-fra-etou8220061-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 9168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 9168, version 1.0","md5":"28acbf0985392437b6bb76e1911e4e36","sha1":"78a9797799ba70e2d81e1b1957c4126427402b0d","sha256":"352d77546e37fd9ed33020aa8ca574157aca5091898c4e3f4dadc2ab5c5547ce","sha512":"905721c0248163a7f913c6d1266069169b52f712049f7cf53e0baa98b8daeae66ef1de5ab56a00e0edfa13f4f339e1239c282681841e3a380fcc94f9d8a2479a","ssdeep":"192:6Q063KExACNRNEk1hv5e5UvTjpIuguq1kbhbcDgfEuJGVTuFA82:TKErRNEqs2s2NAGExTuFn2","tlshash":"8112afc8e559b002f1d0d638dadca9a7ec60f36d87dc7177a14b84866020dea0db557b","first_seen":"2026-04-07T14:34:44.400426Z","last_seen":"2026-04-07T14:35:04.693847Z","times_seen":2,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/index-hlIBeYsd.js","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/index-hlIBeYsd.js HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d562d4-90824\"\r\nexpires: Wed, 08 Apr 2026 02:34:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FSH3jwFhGADch0f9TyLkox2fb71WLc0HeEanCmSQjGsLEW2x7PANKyIRrRcMMpWf2%2FOKb2S0A6poVjQHfYslJNfgZ%2B9F110qEjPQfdKR664pcHwJ5X64cHVkw%2BpDyK7L5jXnQA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e89c1171d8223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":591908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dc70fe639ea46dc0da2020d39fa65cb7","sha1":"170c1868eeb99750527e6c1eaaa7579aad397065","sha256":"8a3025771b2bf0017c6a4a26a722f2c2364844cf65c3dca7f2123e25a6d9101a","sha512":"9bf2fde9345bf3a7c4b9cff6640ea7794c8f6ca36f292d5aac8b37961938466dc4a993108c09d64ec82e2c177bc5be0b00b0318ed01cbeb28086a78e8fa2d8d0","ssdeep":"12288:LkqDuEr8/yp7A7zDE8BevdQo01ixK4jhAgjVA5TdJL:LkqDuEg/ZzW1Qo01ixK4jhA6VopV","tlshash":"f1c44b897046707a57e356e570bf0541b2382e86f0498055b4fccced2a7ac25a67bfbc","first_seen":"2026-04-07T14:34:44.402955Z","last_seen":"2026-04-07T14:35:04.691271Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adminlte.io/themes/v4/css/adminlte.css","fqdn":"adminlte.io","domain":"adminlte.io","tld":"io"},"ip":{"addr":"104.26.7.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminlte.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 21:10:49 GMT","end":"Wed, 10 Jun 2026 22:10:42 GMT"},"fingerprint":{"sha1":"BC:E0:E3:75:E2:40:72:1F:4A:E4:11:B0:02:9C:B2:6A:E4:49:CB:17","sha256":"F0:F7:AB:34:6D:97:0D:97:C9:8F:05:AB:BC:25:1F:0A:10:A2:12:CC:07:C5:75:F1:28:52:AF:E5:79:C3:0E:7C"}}},"request":{"raw":"GET /themes/v4/css/adminlte.css HTTP/1.1\r\nHost: adminlte.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 10 Jul 2025 12:46:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"686fb616-586c7\"\r\nexpires: Wed, 07 Apr 2027 06:50:17 GMT\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\nage: 27861\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OwHtbZB%2FNT1dBVxli691aLbYf2OpLy3ydbef%2Fb%2FmAnVanJRsZk3vzZtf0qh3E613YFEWABbBKuwppv%2BG6f%2F4hjne0LqzJCpvUjq6zlm7Uu4oIKrewz23lzCT7fjL\"}]}\r\ncf-ray: 9e89c115ab1e8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":362183,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (343)","md5":"2803da9db32c0b91a92747b76f72fa59","sha1":"9c4e964b64ee11feb16829f202ea2065d7af0989","sha256":"b3b8d952d7bd26494162a92213467f46bf0d973d26cb015dc4015d6efc04b80e","sha512":"de66480279b31c362071a7ee13d918862c77c5d681baa7b96b4d4daf30b0c893a45d8d5addfc75eb38b5a6f349aeae72ffbdf7e524eb046607726e4b8073d16e","ssdeep":"1536:9sKQf3NuWusiWqK3i5Ac1I2IG4MiHx1VtHalTuqy7H65ZVAA8dtIjNbPZaGpAcz8:93W3A8dtIjNbPZJYXVaIj","tlshash":"b1746558fdf13828387b9259659bbef87b7c5086ca0dcc76b5d32224cf853d158a29c8","first_seen":"2025-10-23T02:34:15.356198Z","last_seen":"2026-04-07T14:35:04.694612Z","times_seen":4,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":13,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/favicon.ico","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/favicon.ico HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: image/x-icon\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Sun, 29 Mar 2026 00:12:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 22\r\ncache-control: max-age=30\r\ncf-cache-status: HIT\r\netag: W/\"69c86e70-10be\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dccwx%2BvM8AywkNnfxgVuZ7DjlZXkGn74kZIjQ1rqE5CYfRfARJiuGrZYhleKdEbjMA3OmmC5wYKKYZU1CcIy%2BemYKrO6Ihff%2BpBBSimwR%2BF2JeR6WYZ7eg7kCZuvSMLfGQvSJA%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9e89c1176d8d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"1ba2ae710d927f13d483fd5d1e548c9b","sha1":"c0605efed936ee2600284e6480521d06fa64f872","sha256":"db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445","sha512":"f933cd352eaba92f509b3863353ddfefadfada26a4152ecdc4727d450bbf35e7b10fb3038fe8db340d5c63d74e608c1560ec84d0f6ffc8ccd940c9e0d7533544","ssdeep":"48:i3H5R5hLOR4kt38PduMoglJrd6qTrp9hweFC0+6Ga:ipHFUs4MLBvuyCda","tlshash":"ee9175df61c388d9c1b1977f78c449a14f6fd951ba28351f55cf30622e5d75818c1c46","first_seen":"2023-04-18T17:42:03Z","last_seen":"2026-04-07T17:02:52.125026Z","times_seen":5875,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/fa-solid-900-CTAAxXor.woff2","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/fa-solid-900-CTAAxXor.woff2 HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/app/assets/index-WrSOqjoC.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\netag: \"69d562d4-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 22\r\ncache-control: max-age=30\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8crTVOl8AezsKrcvGo%2FEnqWgyLOX%2F2vSnyUR0VWDbzOTiD9uY0xiPfjeIRUC0w2Vgt8tZcAJQR1MjhMsdCmtthUavkaawBOehMW5kcTPGWughSQhGbNj8S3ypbMfVfUGr8VUBg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-ray: 9e89c118fdcf23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":158220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-04-07T19:26:55.918393Z","times_seen":21181,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T14:34:38.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=43pvl5Et7VyZO3a7VH3mGvh%2BSGYsQWHtlTx7cSS3Hjo3rpVTau5%2BYUYkQBa%2BXO%2FGQNSsR7URJz%2F6w6h7nCJ08EJB2y8WFSlndX7UMPlIrl9HVUX79IxyAmCdyGaIjunoPhmo8g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\ncf-ray: 9e89c11449f256b5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Popper:2.11.8","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Bootstrap:5.3.7","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2220,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (368)","md5":"84b386dac53fa35e517c47a4905fc001","sha1":"8eb341787aa22843e3729040ad86462514b0f507","sha256":"39c5061044fe9ec5732ea9695d7e7b676848696cf23ea7611e92d4f139152bd5","sha512":"fb1ca50bc3b41b5388ddd146ebb4af5a870eb48f560f9c3e269909780b2c1127b0e3f88672a35c892d429aa99851ab8369d657013cfda64903327cfb828a0ab7","ssdeep":"","tlshash":"7441241a6cd0de45531146c8b9e2f868dc926913e294e8e4b1e7c1aa4f907db8c4f82c","first_seen":"2026-04-07T14:35:04.696795Z","last_seen":"2026-04-07T14:35:04.696795Z","times_seen":1,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":22,"dns":1,"connect":2,"send":0,"wait":60,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/index-WrSOqjoC.css","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/index-WrSOqjoC.css HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d562d4-77d21\"\r\nexpires: Wed, 08 Apr 2026 02:34:15 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w8FBo6EoITRunvkk0i4OmINPPaAxvtUee%2FD5lHqtYwZrR4lR1oUypGAurnG%2FxIi9sVfTNYQyKcwQQKzLEAg0WcrWklS757bd%2BEZS9WFtIhunXCvi9jUr7MnPEdUg9Wf5dIhaQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9e89c1159d5323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":490785,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"35d5a63343dd6f66dc1d0b7cf5685a18","sha1":"03ee9b13e752c1f220fba6da530ac77c903fb269","sha256":"15be4c32cc4e5fc824371417365413479ed77554e1174f29d44fd1e8871e3ce8","sha512":"d392efe6263ce5be6af234b4147d0ce55cabfca2669b03d92503cf44ea48fa43c610f8fdc4ae9bd30d19dcd89ffdb159559724836ea954eea0ff0363ee1e5ecc","ssdeep":"6144:JcwY98+pz600I4nGuudx5N07pU+noJmnn9GfFJXZuq4iaCpz600I4W26:O98HBudxj0FU+oJxJX/","tlshash":"bba4a6d6f190303ae8a7891e8590bebc453fea45cb020996f0236b685bc67c71957fdc","first_seen":"2026-04-07T14:34:44.413316Z","last_seen":"2026-04-07T14:35:04.697992Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adminlte.io/themes/v4/js/adminlte.js","fqdn":"adminlte.io","domain":"adminlte.io","tld":"io"},"ip":{"addr":"104.26.7.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminlte.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 21:10:49 GMT","end":"Wed, 10 Jun 2026 22:10:42 GMT"},"fingerprint":{"sha1":"BC:E0:E3:75:E2:40:72:1F:4A:E4:11:B0:02:9C:B2:6A:E4:49:CB:17","sha256":"F0:F7:AB:34:6D:97:0D:97:C9:8F:05:AB:BC:25:1F:0A:10:A2:12:CC:07:C5:75:F1:28:52:AF:E5:79:C3:0E:7C"}}},"request":{"raw":"GET /themes/v4/js/adminlte.js HTTP/1.1\r\nHost: adminlte.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 10 Jul 2025 12:46:30 GMT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"686fb626-bcca\"\r\nexpires: Wed, 07 Apr 2027 06:50:17 GMT\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\nage: 27860\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QTfkaTixfGzv0X9VLGPXZxk5jUiYUxI25KciEmm2y5k9HoAvOYNaNP%2B%2FOJ9NSnTYsBnnKOi3YB%2BzyPkYrLhhVeAfmyv%2F5fbhlrWI7XPw2eNmeD%2BZmTk%2FhrGcicfA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e89c1170be5a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48330,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"2610a5494cdc54183a4e6e012729ca5e","sha1":"2071227838e65f4f9aa5db9e1e4015ec3d286284","sha256":"1ec2eb7a4313367c74d8258c4d7994b767e6ab65a5d715828dc84e734fe66ac5","sha512":"beb30b68ba90a5bb6b70d209ac0131a9ea5f868e67add44de9b93ca9cd5c34b0f706e6e58c5669d8aa3bcae218f30b1a0fac4e03fcc842872166c4f5e9b90dd3","ssdeep":"768:n9BIZWMXZytWBElX2K1/E5t8ocUSrV0diB9MaFKQgcsAAL3a78:9BIaWBkvocUSrV0diBddAL3w8","tlshash":"132351292efb04734167e5be2b9b6185fa31904b3805cd193e1c8b881fd5b6056eebf4","first_seen":"2026-04-07T14:34:44.39607Z","last_seen":"2026-04-07T14:35:04.698791Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/app/assets/hand-D8v4c4Vk.png","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /app/assets/hand-D8v4c4Vk.png HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 07 Apr 2026 20:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d562d4-a635e\"\r\nexpires: Thu, 07 May 2026 14:34:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WvAhcJkai7CPmXmVVe8UP13Sa1L7%2FRolqA9VUAlcRWAC9xOnpjGexRySWSGrbaY2NgEqYmYmXs%2FHbWffUU%2Fd%2BcZCtk6CSO3CRchntxAYB%2BrOV%2F8hF75wID0ETKeKOCN13dXgCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e89c118bdbe23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":680798,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"337d12193e34b57c755a1885a30a6440","sha1":"a0a25a22ce7a7771d45a3464180a7d9a9515203f","sha256":"1d31096bd290005fba39a9aa66d9446ef799711c7a254053d7373e144550915e","sha512":"307108f6f2b2762783fbafc749aafec65d5e6083c1adacf7da3e13b6aa2caa0be066131d16f1cba15c9bf09b85880045b0c2d7a5eb4a730d4f8f0017ba66af7a","ssdeep":"12288:52SMiaXycOWBkKSc5mWYF3Re7DmdjHr2AYmjEwKnSaW6WIz:4CoycLScte3kASIxKnJW6","tlshash":"f4e4234d1102ffef9613ad403d449812def482b9a1aee71da13977674bac4480f62dbd","first_seen":"2026-01-28T12:30:56.06799Z","last_seen":"2026-04-07T14:35:04.699678Z","times_seen":5,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/api/stake/plans?locale=en","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /api/stake/plans?locale=en HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bfihR3EC9yY62NkEig5VTipjwge7hMUuU6bn1DR9WtuuHwr%2F8%2BA8xkTGtvy96Qb3%2FFEirXo%2Ftfqu2tbDTE82S5ifba380j8z1RyXGyeUKAhzo2na7HVsX%2BOAVZhjMqXvZ40vow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9e89c118bdc123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4564,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0940eb0ae638845ce67e7ebaf06b509d","sha1":"168f1012cecb766a4718ade3311b7eaa8a4f2521","sha256":"e461ca7f7ccf331920e8fb41c32580ebe749ff9e9122b97c8f758413f7364f88","sha512":"33e82420f65246520f68575e7f66f10e8a6f47733a766f078e5c3f0611b12da9a4158181571dfafb0ae9f567959543c666f8797bf94a0d2230442861622de13f","ssdeep":"48:YdYRudddddddddddddddddddddddTgvhHvfSOenIfEXDW:VRAgJHvf3enIfEXDW","tlshash":"c29148c3f7b27f2dcd820498a6917a3d944574972ecac89696cd8c3dd830e92081bbe5","first_seen":"2026-04-07T14:35:04.700472Z","last_seen":"2026-04-07T14:35:04.700472Z","times_seen":1,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-vietnamese-400-normal.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fontsource/source-sans-3@5.0.12/files/source-sans-3-vietnamese-400-normal.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usdt.defi2016.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.0.12\r\nx-jsd-version-type: version\r\netag: W/\"1608-UJYaMmvHfvfCSKnmPpa1WdEwMRc\"\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\nage: 829085\r\nx-served-by: cache-fra-eddf8230046-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 5640\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5640,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5640, version 1.0","md5":"a4c7c4adac4f70382248037383c74462","sha1":"50961a326bc77ef7c248a9e63e96b559d1303117","sha256":"e5ad6fee4061dd87d572afa69b64f8190f9e0e25bb7ce671cb95898a592a8adf","sha512":"b81ea80c450a159ad63fc2e925b6b5a36fb9540e113e415820a309ff179e4181902a36ba3b1e1fcc1b368aeb57ba07eca515faff831a3b985154429e72624b28","ssdeep":"96:dhwFby8eCfO/6+vzL/hC6kSqYUwJ4/3URTEbvo6IUPKRt5lAAr:T/8eCfuX/hlqoJ0YEMfKatXAAr","tlshash":"ccc17d9857bf49d9ca18f3b1474b56b4c67a90745ea0e3e9598e07ee4fc174dd088070","first_seen":"2026-04-07T14:34:44.409746Z","last_seen":"2026-04-07T14:35:04.701675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.defi2016.vip/uploads/20260405/6e33454d1626cb5e273e82436a3b5141.png","fqdn":"usdt.defi2016.vip","domain":"defi2016.vip","tld":"vip"},"ip":{"addr":"172.67.201.74","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.defi2016.vip/","date":"2026-04-07T14:34:38.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defi2016.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 04:21:15 GMT","end":"Wed, 17 Jun 2026 05:14:01 GMT"},"fingerprint":{"sha1":"C9:F4:70:E5:96:7C:BA:6C:51:C6:FF:5C:44:AC:CD:FF:34:35:51:3E","sha256":"3F:9D:BC:C2:D9:17:D0:75:C9:DC:0C:1B:42:BD:45:70:68:5F:1E:7C:0A:96:36:E3:B8:C5:3B:38:BC:1C:14:31"}}},"request":{"raw":"GET /uploads/20260405/6e33454d1626cb5e273e82436a3b5141.png HTTP/1.1\r\nHost: usdt.defi2016.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.defi2016.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 07 Apr 2026 14:34:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Apr 2026 16:15:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d1393a-c586e\"\r\nexpires: Thu, 07 May 2026 14:34:16 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 22\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V4xPcBXQRsmqn6ZcMfKm4GGtCII5tf%2B0ljyb6uq5lBf3MwSnBiZIzUAKHyicJzco%2F2rCZ61ZdvpXMWyTg5a4tUamS3n0asLPIuaSSCwYCTgRXthUm7SxVJXAuubrbEUZYDIAag%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e89c1197de623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":809070,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1122 x 720, 8-bit/color RGBA, non-interlaced","md5":"6e33454d1626cb5e273e82436a3b5141","sha1":"5fca9b23edd04445fc63c2800e7d6a81b9aaac14","sha256":"fd2242be5d12f0d85af5b5e6beefc4c46e69bee7741cf7503afb892d3e512fee","sha512":"f1a2d11a042793ee0817386eabd340eb3b0c1357649e1e0c5be1d947a86eff4d44bab7529b39959271acb2f65fcdb5fac41bc38c22e55642a5b4947883c4893e","ssdeep":"24576:knvbi47NpCBquiQP2H4+3l7qb7O5RjwsYCCMt1:0h7eQu94h3lGO5R0vC1","tlshash":"110533b4dc2d1af3e6f89213275acc93358e45603ab119bbd0371b8290ea11ddca67f1","first_seen":"2026-04-07T14:34:44.419117Z","last_seen":"2026-04-07T14:35:04.702411Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt.defi2016.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}