{"report_id":"5bbce04c-91d9-436e-a736-248725353b47","version":6,"status":"done","tags":[],"date":"2026-01-07T15:06:30Z","url":{"schema":"http","addr":"usdt931.com","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"172.67.211.205","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"title":"Blockchain Investment Project Website - Unlock Financial Freedom","dom":{"size":10920,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4205)","md5":"3c540e6c30b0521bb87ea1b944b9b038","sha1":"7e39293b7a91a60461a98d81d7685e6dcbe5ec4d","sha256":"6092c31f1de422f28bf4a3fd95daef58ca010b28e755d45184858e0aada1628e","sha512":"f0e24ef4b28777a2681df9e7e4e20e4bf881b5a1c6311b5cc5a96b389e3c0d1c410700eff369c3711c7c7c1c413ef10499baa28fd57e13c40678216d215cee7b","ssdeep":"192:g2T/bSaZpwVpbcesy34jZMsHgS0sigysrrxRco/zAJ:9wMJd2crrxRco/zAJ","tlshash":"163240143844409912363f43f9d2d65da982b30bc711d878b4bf57a99fc8ee98cbac76","dom_hash":"domhash4712d56d81cc9f483775ba9c69a96cfb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usdt931.com","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"172.67.211.205","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T15:06:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"apis.usdtifa.com","ip":{"addr":"172.67.154.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-28","domain_rank":0,"first_seen":"2024-10-26T21:39:02Z","last_seen":"2026-01-06T13:38:29.077097Z","alert_count":0,"request_count":2,"received_data":154258,"sent_data":1065,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rtfsq.top","ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-12-27T02:50:01.751756Z","last_seen":"2026-01-03T22:01:19.897088Z","alert_count":1,"request_count":1,"received_data":220,"sent_data":397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-05T13:13:41.270215Z","alert_count":0,"request_count":1,"received_data":578,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-01-05T02:41:01.3201Z","alert_count":0,"request_count":1,"received_data":355,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usdt931.com","ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":60,"request_count":60,"received_data":1657484,"sent_data":35957,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0efbc289fa81555431fa55aecc16bdb","sha1":"c003e091a0c7577d31a08aecedfdf0fbf588a537","sha256":"3b4ede29d0c79d3efe1a1ff3cbfbd15653230a9b26d40b33bbb1f78b465d85b1","sha512":"3571fd6c4175cd3725b3072f73015426e759dde85199169e18bcee1292ebed1cebe10a929fe05561842703f59e82f528965fdff7cbe61b342040c3035ead5639","ssdeep":"","tlshash":"48e0618250e7295c0520816a354ec5171f6505b39e818d513c8c7765cff5e4bc05d858","size":420,"data":"","first_seen":"2025-04-05T05:04:23.897278Z","last_seen":"2026-06-05T23:43:56.968069Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0951a72701a995f6f19518ce49792325","sha1":"6995a4b50a7fd86a4fdf32657d5fbf60d39b8605","sha256":"59bb000eb5de16037c3cfd8c30b75845ad57f4564920866696ce1e9f1fe7f3fc","sha512":"14be3bb5051110025b856b2c17e66795a3c1bb0976e4ff738747edd8bbdfd1cda3ea1838184affafcfd5fdd5c03a29e6370a5f4709d7288aec1f135c8e22f0af","ssdeep":"","tlshash":"55014908a3f221a2912b74bc8b9f9614293040037508ef51bd9c5781bf9643486ebfc9","size":758,"data":"","first_seen":"2025-04-06T03:52:55.464031Z","last_seen":"2026-06-05T23:43:56.971169Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e267cc44511bdcfb9d6a29aa9e0f9e87","sha1":"7068144ccf89432eab5a1b51f1d7634ff629fa21","sha256":"5df8efa06d78c4e24760df1e0f34d1487deb5109f000bed21b225e9e84617782","sha512":"34223ca932af064d34bfb746454477f0edd1a28f495a12642b5e5b107a07029685ba89ebafbf0f12b035443fd0352d8b333dc969e7e63dea56f1271bf8056a52","ssdeep":"","tlshash":"7fa001a3cd57d739187d90282301594daca3068204224c84369f28421fc81006081983","size":72,"data":"","first_seen":"2025-08-26T17:30:33.459192Z","last_seen":"2026-06-05T23:43:56.981187Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T08:34:15.133404Z","times_seen":98179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e40cc2aab8d5d376280c17d363344fb7","sha1":"75c283226da7b59501ef980f3f8d8256a1425ea2","sha256":"187749c0617b275173ac1ef4e8273c2e95cb5ed334d3a1baa5235251ed02e545","sha512":"0518d6e4f074dd336768ae9d292bbb2baf2db8866645d7d938143fe77f3fdb283d47af41d852165a22ae63e9c11d4f41ca8762b253dac0ed14e17a77da098810","ssdeep":"","tlshash":"18e0d8736f5665744473e02e637f7720753b516b4250c9067a2c868c0fe0a87666d6c9","size":411,"data":"","first_seen":"2025-08-26T17:30:33.468213Z","last_seen":"2026-06-05T23:43:56.989253Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/index-DcZrAb-o.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28ee8c25bbc5545a74782a7951b9a6fd","sha1":"2194b6108264af7ded37b7e0eee6387f4093b775","sha256":"4639c812ad55aa7e23890138b4f979c821075b2d3a17607044b736f3fb373be9","sha512":"4e2851f1fac247d5cb7ec79db7e1c856bb7b4577609301bb10b73d10b2fe00eee81302d0d206b2bb017ce53e33b2033a050957874065936881c9bf45a2ac223a","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+50ROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKE","tlshash":"1a05af9a338a702106f536d2306e3631a3745e65f84ac0c876dcdeea25fbc056297f79","size":873735,"data":"","first_seen":"2026-01-04T07:38:56.489286Z","last_seen":"2026-03-08T15:12:25.595754Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-06T11:57:07.727068Z","times_seen":15872,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"usdt931.com/assets/s-money.Df21XDR-.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-bc9\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oF%2FstMVUwMg8XKb4PBnEX1upIlTpqelClCG7uebiqy6C%2FOsf7oCCqaGsH0DnYE%2B3z0sl4ZUehJ6k4OVf%2B2X5pQ7Hlz7Z7pD1UTVR\"}]}\r\ncf-ray: 9ba45b79f824c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-89f\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4uBsasJYSKXfK0UaL7ogn9luqrdDvN7Y0RQQWfcwk5pwJNrxuiiAnoQpTa8H3BP6NJFY6b0CfmGLd3cVCNyvt%2Fwy2japsdsiuk3W\"}]}\r\ncf-ray: 9ba45b79f825c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-54\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nFm1BELtn2LpnqqYX0Pr6sfsjaiWMmj19d87WD4loKF0uBO32Qkm6YhwFBnFYJBwIRPm6b2IV2Nd2%2B6H03oHO38PH%2Fpp3un1Hs7G\"}]}\r\ncf-ray: 9ba45b79c808c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d69\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2FhzGfLs3iolSiHwm5eBVMWBl5PuCbOZclZCGx%2FNYhvzGwZyIxOynzpgp3QI7h%2BaAPOrpMtEoibziGQHZz0CnzRa6Td0Ajy%2BHfT3\"}]}\r\ncf-ray: 9ba45b79c80ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/index.DuhDaPHN.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-65e\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uGgFfZtD13QZlMqWKyHZyt1US5ZbzurGKDZIySYnpKk9JyIvMwOSBjAg9fbWaUgnCBe3aC5x3jG1iJNtd8D6bLVHaJeci8uXJpx7\"}]}\r\ncf-ray: 9ba45b79d819c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1539)","md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"resource_available":true,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"172.67.154.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt931.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:06:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cApPRhrKc758t9xJ4ZhsMY%2BOutpquhp52Ug6WP93nR773wiU%2B%2BHr0O9XYYNrmwrmAwIRoiGZ4h8U%2Bm4EHyI1SxBX7adbAIa0JZk%2F53C%2Bv3g%3D\"}]}\r\ncf-ray: 9ba45b7da816b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (51193), with no line terminators","md5":"288252493c941d250335b457b98a2b5d","sha1":"87edf52081a0e36cad3bf461c71ff1c73e811c10","sha256":"a4e64900605f08d8741e6dc70916adb10201b3d1e8b8449fda8b09be17f4b671","sha512":"56edd3b9b35bf612df8d5351f3d7347526cd8e96cd8d8043357f6a40b903d39d1b4232080e5816c4a2eedb04652d481ad5ba9a17a07a8a22c518add5d4aebab5","ssdeep":"3072:g7PC6Hy1ZEAIEPaL5Wfdg94Is59JYGhqZ:J6HAIEPk5WfPIsDhqZ","tlshash":"7bf3d7add6d6431288d330ccd2c2b7bbd17878127749edefa052dbe901da505993a0eb","first_seen":"2026-01-07T15:06:40.805628Z","last_seen":"2026-04-07T21:31:55.272025Z","times_seen":2,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":368,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-fab-D2Ib7dhh.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-fab-D2Ib7dhh.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-c0f\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=48KCTzW%2FDTqyluPn1FlYedYVoVnVNslp7lG2SDf4hkqzclSRo4KkxicBXLvzxqpfBeSznP%2Bm0A5g659h%2FQSKHBDoBOkWBNHawLgJ\"}]}\r\ncf-ray: 9ba45b793fd9c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3087,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (3084)","md5":"1c85c6659c80c6d97d956a08a1be24f6","sha1":"6eb58b78742743606df302b9d1252b6b05970205","sha256":"62e879df98a95ea3c4c4afc1721abb54717a04f954886b352e4db25fd11c3226","sha512":"08e2714d05a5b244f3e9a2bfbd5d739bc0d2d47c9e28c65fec46657dd016ce985197c8bae38d16c5c3d8f1f96f6e1bc71999ccb420ad9a0903e4239438bbd548","ssdeep":"","tlshash":"4d51b83e29192572383fca87c590a9a44c15fd53d6a304cef01f0b1d4d9798b6598f7d","first_seen":"2025-08-26T17:30:33.369834Z","last_seen":"2026-06-05T23:43:56.931948Z","times_seen":21,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/userIndex-yvkidZCu.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/userIndex-yvkidZCu.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1ce0\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zp9%2BznoAWL5PkSBAE0pJUl%2FlYiXjkATrOfy9aUnoOmZ94TIwee5c9sZTrg%2FJB67y4caRsyIG9iWf2zqYS5jeYmVU7ZCu7ljmhQJT\"}]}\r\ncf-ray: 9ba45b798ff6c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7391)","md5":"be34723763a118d67d255cd364b2f45e","sha1":"9fd33f03dc8dc12add2f57b33b979ffaf4712ab0","sha256":"f9cd2efd4a2892c48cbb0d5ca111aaf3a7cfd568df9062e2aae6dfa74739fe66","sha512":"4f5420319587696d050708df9ef45d7d26a3c7659ea46307d603ff69eef6c7d3f9da0d7fec769020ba7cb35cc217bfe02ca5c089ca676cbb33f420dbd2ee1ffa","ssdeep":"96:I3+puM7NbHnDu09iTZUQXaQEInlQAr+RWoKb:IUBHTWTt","tlshash":"f3e1d834778d3a04aa3bce6884f0774ea110e38be9479a8c648375768cd70d33a795f8","first_seen":"2025-12-31T19:20:07.101137Z","last_seen":"2026-06-05T23:43:56.89998Z","times_seen":17,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-5b\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=46Hi8%2BZ4HTaOwDM9rjRsOUa6t2xFR86z6G8J%2BRp%2FI30%2FEYa1L9TeM%2BR%2FSCzgqHixsQoI2xsq4sUkfrTBNTt1tr%2BI8jYriPOqeiZc\"}]}\r\ncf-ray: 9ba45b79b806c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-129a\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5WDEvBvM0ZVKPZrYj9wNsTt8WEY9%2BdNMS42M4ugLu8sveh3hlcfgCahCQlK%2BUO8sg5qyYjnYQsXZmqJg4m8FVtu5QT%2FsiSqdaq3B\"}]}\r\ncf-ray: 9ba45b79c80dc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-18f0\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7nC0UfK1c3hPjsk%2Bl98uB9JTy097k%2Fq%2FC%2BOAkPTHwcLDzRwzBKdL%2FLek9NyW7EEbN2XDNf1NLEUvBCIacQjOwbSNHFgAVf4MVxN%2B\"}]}\r\ncf-ray: 9ba45b7a082cc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-section-CDcYCXgd.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-section-CDcYCXgd.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-174\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FFwpz0XD6T036ntzj8y4VBhFvXVwZw%2BR08jWXxOjCgRPc7W0m%2BsZA8CZr42DqRH2rv52K2M4JFxLBUuMN3ram0Ob9FC4MHLGyfEM\"}]}\r\ncf-ray: 9ba45b799ff9c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":372,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (371)","md5":"006a7f142fdc4795801553a74c5f0ccf","sha1":"c2889babfcb0370ab068512f13e74f12fdb00094","sha256":"7225c3b57051f107a8e638cb536668f1ca88fa9925544670a7f44050adcd535f","sha512":"ed7cca52ec98758a50462be334b7891e70aa95301a74c308bc171395a674418e646e20ac865eda6848f12fe81972e650b794ba6a806c856c2bbde59d2b502c4f","ssdeep":"","tlshash":"b1e09b16778eb54c642bd73b34a2bdc80124d621c277c10d6671a3584da734711026fd","first_seen":"2025-08-26T17:30:33.40408Z","last_seen":"2026-06-05T23:43:56.967297Z","times_seen":22,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-876\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=La1kK0WriQRr4zvc1P3eAEo1%2FLxt9nNLW282MZEPkwFW55IYKRrlfwZP%2B8uO5HTFDDbzLeKqAssrDY034GJcp9%2BimpqYjKenm%2BP8\"}]}\r\ncf-ray: 9ba45b79c810c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b36\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XffEcX66ULxLZKU4BtVUQEZsW%2BupiDJniQlXZ6DD%2FRbZ6ngqCe%2B484Tg5quD3fkbj%2BjAB7m1mNq%2FsdtXLuikrpoi15T%2FAhvQGQXf\"}]}\r\ncf-ray: 9ba45b79d813c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-confirm-CVVpLVF0.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-confirm-CVVpLVF0.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-cd5\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2FZMEjgAQBc5qGs9%2BWRf7e9mPirsornP8gCQznVfGMkTO5rAB06VHdmgrpebN44NZ9l96QE5dP4nsP5ct8VNjttrhiBf4hISJ5Tc\"}]}\r\ncf-ray: 9ba45b795fe3c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3285,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3284)","md5":"4218a36f7a6fccc299ffb3577bca67ae","sha1":"dd996d34c9100398526782d5af26887184ae3c38","sha256":"ae5f566f4f2fbfb0d3ce7aa0a5941a934f9483719e107b1c184cb1ed77d63601","sha512":"4c1ec008efdc5e5ee2e280c8890bd89a315dac3fe55fd4ca2c9659314c789bf9b382c59f7a6795ee423078d5a6f0fa82aa14971493303526fc584762f18febc8","ssdeep":"","tlshash":"27618f20ae692c848277c661aec05e49d379eb877af6094f7a4c4c134e8711e15fefe4","first_seen":"2025-08-26T17:30:33.418855Z","last_seen":"2026-06-05T23:43:56.912692Z","times_seen":21,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-popup-D2Okk1oU.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-popup-D2Okk1oU.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-10a3\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=scQNzXvibuf7Vfrbi0AMbf0BKPduqpkLY%2FAtguZVUu%2B4JhlQfccSORfs1gwUBslqEQZeXLhwMaDi%2BUPpVG1lLA7EWvOj0GLuNCFA\"}]}\r\ncf-ray: 9ba45b797fedc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4258)","md5":"06fcd30ff5c377c4a2f9f9f3ebfe3adb","sha1":"de7ecd01b1875701a718f6a23b13b42098eedcbe","sha256":"0afd9914f132bf3d55d12ad6b79db6a7759c03ca76fc0cf5721e027ac1b1f31d","sha512":"ddf5528973b5af2bd222c1c70f559eeb4e03950c583846b024d74695801159b855d3e250196077c0efa68283579470f0f8c62461d881caab4c2fb43f5751702c","ssdeep":"96:u/l9Nh+ecD+wB9u/BifBAoBESBOojkbHIDD2GA:iNMTD+wB9u/BifBAoBESBOojkbHIDD2p","tlshash":"c791c134abcd202cc0bfd37165d05e8a4276e79ebb660f2f61a50d134aa354d316afe4","first_seen":"2025-08-26T17:30:33.439943Z","last_seen":"2026-06-05T23:43:56.963607Z","times_seen":22,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-4aa\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bShosuZ4yOSV%2BJfRGr4YRx89wRcenZdiJs%2BQva4KPJ%2BOcUIzu0BVNARKxtqdgQz1chTVGiA3l%2FKNvOcx4L%2BotVPQ%2BY9GwpIupyL%2B\"}]}\r\ncf-ray: 9ba45b79f829c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/favicon-DYZFR1kO.ico","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:09.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/favicon-DYZFR1kO.ico HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:09 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ThED3fwwt%2BYePxW3K1iD5xbPQ6tIVuQmbji3YGHH053N5q2Cg%2B64e4qeo6kmlgnT6YJY25VeEVsPGL1uigt9gVIykf039AmdWFIg\"}]}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"695642bd-1083e\"\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba45b7fd986c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67646,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"c1e95980fa943781f0eb7e84beceec34","sha1":"16b7f463692369ba1c2f87ca8b2a9c0b78b0b1a5","sha256":"388ee33538664826ebace6ad3583c68031fbb50a9b64d6a4cf3f1b83ad16edf9","sha512":"ab7f0b44e2b8319476526d8868da0cddf44cbe13d234da08db0380653cae1899796f1f6219bdadcc9894a0576f7b0af8db8b8e6007ede7ca136e36ab836ea278","ssdeep":"384:8bcUhWm+++vR9wORuO4AGoNVwKOqr7IwV:EcUhbTrObxDwKOqrswV","tlshash":"cd637aaea6119d3cfc450e7ca4618c0409aa5f8e381dd2fb64e03a09677b7d8c85fd76","first_seen":"2024-11-30T03:53:11.674099Z","last_seen":"2026-06-05T23:43:56.926969Z","times_seen":107,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":163,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/index-DcZrAb-o.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:06.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/index-DcZrAb-o.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d5507\"\r\nexpires: Thu, 08 Jan 2026 03:06:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DuBE%2Bki8Gt980V49hJHKbowlZXttxqtmKKjGAwwcnpzasVlL%2BkyG4fxlhuOgPO%2FrFEZ1OP2MofTFY%2BIxOxCtiAti0gNESkmqKXbl\"}]}\r\ncf-ray: 9ba45b709ed6c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873735,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (26861)","md5":"47d44d4c73f529ca7ae84da637a85c5c","sha1":"a86616e9b0f27a4a11304ed397e1bad440b7cb1c","sha256":"f5b0edaa7e40365de50e60b60fef857a72808e2374c119e578377791eeafc4a0","sha512":"7c06ffbb844493807ed5d3f9b1f9266d39ea1743b2421a3d0ba16d717b1454814e2c1911573e9c3d2c9fd02ab8f5e1734067fc263a4e54d2a6996143da98410d","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+2wROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK7","tlshash":"a515ae547396b32106e935e1306b1732a3744e61f44ac08cbaacddd625efca4329bf79","first_seen":"2026-01-07T15:06:40.816319Z","last_seen":"2026-01-07T15:06:40.816319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":702,"receive":516,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-stat-DueXHMM-.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-stat-DueXHMM-.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-385\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WF36rnIRqO4c9%2FZb9sfJr4wsi%2BNlcajiUySHTIrFrMnNDsyDn8wxD8NPLhfBUY0geFVhmZ83aiUWb1%2FjUQsK0RHKFXAr2cv64UAB\"}]}\r\ncf-ray: 9ba45b799ffac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":901,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (900)","md5":"64b30841961e87a65747d84305f9aaad","sha1":"51d82963ba5f45331d3b5f72c4179286e5e7a547","sha256":"530e0ce2b3c9c76d652a1900d5aa26c3f33ce153582006f8fabccdc61da9f7d7","sha512":"a7a32cb7493e2a50b887a5d266318c22cc42db510d9c7f2e2fb66ecb976ec0582fbaced07fac83d1a86abeeebe8a92902a4a14586e48cd48d516331600a7c8c2","ssdeep":"","tlshash":"8611593a36c4fe54fab7d96029613b8f0110e6748963518d86a3e5bec5f71021e983ed","first_seen":"2025-08-26T17:30:33.403051Z","last_seen":"2026-06-05T23:43:56.964335Z","times_seen":21,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-20a\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4J7yauI%2BdanqrdYr6TVUCc1fLtqYbOuIyUR1PYw21KyiJNjhx4F79qBSbMkPaDvvNoPutFSJhNzKdu7eKAEGplpE1YKmG3SUwO42\"}]}\r\ncf-ray: 9ba45b7a082bc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T15:06:06.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:06:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=enIzysMDkVnl594R5naNH2O8LC2vVUKkXEQaFNosZUluHyMk5DG9kp6wptDS903bCzNmrWbjoO4lTYaVzjTjfB1oQFffMStsXQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ba45b6c8f350b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (464), with CRLF, CR, LF line terminators","md5":"efec4c8da83baa08db9905502dd346cf","sha1":"7e0b95553d0c03a0858094e5e9428027edee01cd","sha256":"a4c95ee00df462dcf4609e1d93cc408b38bf78b5c711bfbe76ddafb0d8f45530","sha512":"ad79362a3f516c6d022851ad16320fd77cdc3818bbb466770293d28a23885c46e9ed1046136d6b0f47b58ecbaa2bb85bf5fd272c4476124e2bdc0c64d0f8db20","ssdeep":"","tlshash":"be71b515bd90942402318a287fb3e60def3284735200eda478cc971b9ff4a46ccabdd9","first_seen":"2026-01-04T07:38:56.432781Z","last_seen":"2026-03-08T15:12:25.587595Z","times_seen":12,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":20,"dns":0,"connect":1,"send":0,"wait":514,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-input-CrT96B3I.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-input-CrT96B3I.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6dd\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ea6EE698qPuoGdpYK%2Fj0dgPG%2Fwco%2FLDzF0JylPMjo%2BKyYSE165x1qO2yWuOdCb3o7mLggpC6PwhrR8zEYdrTZRdmUEI82a0v%2BjCt\"}]}\r\ncf-ray: 9ba45b798ff3c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1756)","md5":"0b886cf1a1bdf47ff7dc92d7d99331a2","sha1":"8aa130ace09d333c7817ed114f2161247c6e9681","sha256":"11e33fcbf5534a186ed16416f1b65b27bfcd069cd373f2541e3a100acce43809","sha512":"020bd3e989b492df1bbf6b8eb66f6dc870f32853b481ecf40aea027369efadcd1d5b85d4752e5ed69f32f228e15fd6d77229301681437564d56e755a8b3c6f18","ssdeep":"","tlshash":"323111327d491855392be60efbc0be9d456462a2d393008df6d05b3a0847982fc6dcdc","first_seen":"2025-08-26T17:30:33.401018Z","last_seen":"2026-06-05T23:43:56.920964Z","times_seen":22,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/LoginRegisterModal-C0MgRRGF.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/LoginRegisterModal-C0MgRRGF.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-801\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LAftBwknf5Mg8t39n0TbPszXj3v9pPttbaEMHQnOjM20Vwzn8baWb5a4ivgntC02QoE4WcfX7f7wIEXksxdvgf3OMbK4fAopUH2%2B\"}]}\r\ncf-ray: 9ba45b798ff5c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2049,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2048)","md5":"eee85bae3cd742e5e7b74f0883e85942","sha1":"1c2f3bc7dc76ba102bbd309157c435c4942e3a53","sha256":"150da1f7dcbee84fb90720ef16ead3130001ad4936917a2982e1f39c9eb98263","sha512":"a9998ba400d872f30018580a288af850c0807dc103c5b8ba129bf107652604618668db597a6fe1c6eff62937c096f76d8f4b0cb94b5a73456e56c3fa4b44ec46","ssdeep":"","tlshash":"d141b85cf9ec1899107bcf2658f18dde1522a3fe921117bea5f3a0348c4b2832d3e198","first_seen":"2026-01-04T07:38:56.361717Z","last_seen":"2026-06-05T23:43:56.959813Z","times_seen":16,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-checkbox-7UAD-_pA.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-checkbox-7UAD-_pA.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-342\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=46uE4lHCmxFBfr9PhmfJfVY0FNCF9cwXk47gJ3REk2SljN3iCkOa%2FxIdGKDZVH4aoJSWShO%2B94Lh3Ng2hXIuuP81OlEU1Lhh7hHn\"}]}\r\ncf-ray: 9ba45b799ffbc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (833)","md5":"1d133a333267da931a20d39afae27197","sha1":"9c1ef3abf336ec77b39598b7bca0158d9c1371d7","sha256":"3f115aead4f822dc2e19473faedf8f874eeeab803c7a8b278af6e5a394547196","sha512":"998e29f964a04a62bbefd183c08b6bdc2fcbe0ae92b362679ca01e5f70fa510ba732f25fa5bf8561dcbbb86dca3e1099b5dacb817b2e5f7a3eae44f43da2c4e6","ssdeep":"","tlshash":"fc01cc33fa882518a233c7013391decd563a8381d766061ab39069144ccf78e2ea7649","first_seen":"2025-08-26T17:30:33.400114Z","last_seen":"2026-06-05T23:43:56.921574Z","times_seen":22,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-title-CVAcbwdi.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-title-CVAcbwdi.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c6c\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qCs3lNxDMBbQYDFVRhpyftcChkht8UEvatAcfAkxLI9P2wKMT6PtP6EUnAfhjejg09SMX3PLO7zu6YLlEXh9AkhbEK1b%2FqFX9WoL\"}]}\r\ncf-ray: 9ba45b799fffc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3179)","md5":"5177a0864313a3a5c4e35c97a88cc6dd","sha1":"0a600582603bc21aa49ea90db47c1f8fe75c0128","sha256":"0e3b38377ba563f6800ce39abb9bff953b64f949e0dd9f290bbbadff2da62356","sha512":"899a86a4d2e07cfb5ffabe2906b3a8403e720483e9b0099222a6c4d6ed79a1af784822b8f141943d6408d4693d93eb7a11c4e48d0fd6f56ed957d76ebc2c9a0c","ssdeep":"","tlshash":"1c6131316919121c8e33e7222ca037c99534f1a9f7d7116d53a7283e9dc764714faaec","first_seen":"2025-11-22T10:34:45.560659Z","last_seen":"2026-06-05T23:43:56.913407Z","times_seen":19,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/transfer-BRg7NsZa.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/transfer-BRg7NsZa.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-568\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lLhfhR0zycN9Bap8afMrSxTr%2Bi8mznROhG9HF95FFmHqX9KSuqDcpm7ijZzTDdbzI9hOFTDfUMC08SMcL46xeAv9BHkYN7fsK876\"}]}\r\ncf-ray: 9ba45b79a802c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1384,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1383)","md5":"8732b3e9351dbf0b861b02335c964d20","sha1":"6cad70740f42e02a06acdd1d47acc4397644e789","sha256":"d0fcdcfeb22f78ed82a487b1713e7102184a57059d7a278b811ba1a2a3970a8c","sha512":"ac3ad5cd570bf9a4c872df2c1f6f9ce2eafaf9cb843cadd1397e8eadadbd2d7aa77d147cae133564c8a5d68fcd8ac935340df1571fdd45966ab8da23915a8010","ssdeep":"","tlshash":"0c21475df54c2d6664b7db0a18f287cd9922b6b6c801565dbc6b3b10ccab3c3241678e","first_seen":"2025-12-31T19:20:07.098297Z","last_seen":"2026-06-05T23:43:56.951965Z","times_seen":17,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/userBoot-BzD3tkpn.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/userBoot-BzD3tkpn.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1c12\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RADDFQ2OgpTV8tzo3ixSnLJ1aUIWnlQSp7anol7hk70xEzbVy%2BCECzhYqQPwbVSQjlulbI8qbxvgWAEdMAmjAvT%2B%2BrD2aJrU1Uo8\"}]}\r\ncf-ray: 9ba45b79a803c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7186,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7185)","md5":"12b3de5bedc5d044cbf7560368f63d2a","sha1":"162705eacf8a88fca84088caa60a7de174a56d8e","sha256":"292bf74952b3710282a57b3f82421b100c587d5a2a6efc853ae0821da3617c7d","sha512":"90278bf1e15bf610333c03ca099ad4ab968cb0298e3cd344e785b5047ce2870c5e21cab4c9fb4321b1317c9da1a922c93cb1bdb076e1057b83683b8090f8f977","ssdeep":"96:JkydSwIx/+nVqSMSBavXwXYGv4FTW4z28rfcvu2k9k14TwlqIiqR/6/jdDqjMU4j:qOSe022y1krWG","tlshash":"ace142383d5e201eb5bfd102b4b152de0275b35ad341c6eeaa677a24cf971c628339d4","first_seen":"2025-12-31T19:20:07.071433Z","last_seen":"2026-06-05T23:43:56.922213Z","times_seen":17,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37d36\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z2j378otup6HJuCvocxXb9WN9gVWX7yFUpuGKXpE8NHtb7VSVp4FblW7xeESkE5f5B7mNh1aMme%2BaFejmJBB5zKvLUmnOTlda79v\"}]}\r\ncf-ray: 9ba45b79f828c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":228662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"resource_available":true,"data":null}},"time_used":832,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":665,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rtfsq.top/1.1","fqdn":"rtfsq.top","domain":"rtfsq.top","tld":"top"},"ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:06.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rtfsq.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 23:23:46 GMT","end":"Mon, 02 Mar 2026 23:23:45 GMT"},"fingerprint":{"sha1":"44:D8:A2:09:D5:CE:EA:C9:55:12:2A:B8:78:4E:92:E7:12:AD:51:91","sha256":"41:C7:8B:8F:B7:71:56:D1:BF:C6:13:70:EE:EB:69:23:19:45:C5:56:EE:AC:6B:E0:51:B8:C7:AA:FB:FE:C2:28"}}},"request":{"raw":"GET /1.1 HTTP/1.1\r\nHost: rtfsq.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T12:09:44.754124Z","times_seen":16177101,"resource_available":true,"data":null}},"time_used":1530,"timings":{"blocked":609,"dns":0,"connect":298,"send":0,"wait":300,"receive":0,"ssl":320},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-money-DEKo3EMj.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-money-DEKo3EMj.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1fb\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2F4fiEHq%2BlnxY1vWf3FjSyHepbFFx547urjBryrMyUNsK91IGxBU3avdA1xW7WKFgi5YAUMB2WWro5Mi6gj3%2FQ5blLcINMOhXout\"}]}\r\ncf-ray: 9ba45b799ff8c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (506)","md5":"1ec6a4f0444037a6b44b2a56d62f8120","sha1":"affa6da1860222fe4c4dbc1835b3311775cdafdf","sha256":"c054f4bb46d90822b76fad8d952402cae3ac9c39abb03bef2091f6b0a76570bb","sha512":"2ac2092c0bb97e180253f6e958287c951ea46f464a60071737ac5fa634824d6182478ed13d74ed52686ea05b4569e71e76f3c5af7cb97224c1d9fa50849401f8","ssdeep":"","tlshash":"f6f09ee07bb41f00db3f6d18296727a2d6323e836de143b48351a3a44e5b179150e988","first_seen":"2025-08-26T17:30:33.438038Z","last_seen":"2026-06-05T23:43:56.940303Z","times_seen":22,"resource_available":false,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":500,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-105b\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x27JLC4VWYVgmNCVUNX0XP5K7%2B%2BvXqaEV3%2F3JqKJ91%2FDC4%2BLIJaMNSt9JogeFaybSZccnVS3QX9Ob7qH2Qrzb%2FK0PAnleNtECfCN\"}]}\r\ncf-ray: 9ba45b79d814c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37f7\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wZfcOmeVtkdN6NUQhAgzHr10SRHiYtOhBy9XlNBiF%2FEI63DLGmCosC5hfJItGkm3yJdfGijAkrXVcNAZAkQh6B8MAcjo3pXac1NQ\"}]}\r\ncf-ray: 9ba45b79d817c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-banner-B1KD8OCE.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-banner-B1KD8OCE.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-81b\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z89BC1i%2BR9Cmf4WgTLh2DanHiJZGS2w5%2BHXR4R3m3FYmF7biSc3JqtbOg4LjQBQ9UfLvOuHMZYZcya5A%2Fsbo6eQfzbXe9qwcQ31E\"}]}\r\ncf-ray: 9ba45b793fdcc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2075,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2074)","md5":"12c9420c9ee1805a5a956e6b5f1f5c18","sha1":"ba25371146382376916a6195037fdfba8ae361bf","sha256":"73e4d379d8db798beafdd7dbaa4215ef0b9bfed3fa37057ce464b3072b699023","sha512":"facc5735d2b1329eb247c38cb34659843203756dad339dc9c1e92ccc99511a9f7f4b461fd0debbb236a8cf1ff9d791bfa7026b86803baf8d0246a1cda6ff322f","ssdeep":"","tlshash":"b841892cbc4d3f14957bc72615fa49cc0229b6beb723053d21e3b565aa0be822e02074","first_seen":"2025-08-26T17:30:33.376377Z","last_seen":"2026-06-05T23:43:56.95343Z","times_seen":21,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/mp-html-0ul9zqPJ.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/mp-html-0ul9zqPJ.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-896\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BUi2KikyREfCWJdYGc9RIYu4SVdGQ08ZPt9ox9puphkWiJHgsFEVw459FDGPQiVvj2WSWuBT8UR5El0R%2Bvz44eVub5IIs9FnhR27\"}]}\r\ncf-ray: 9ba45b798ff2c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2197)","md5":"39bf250660e96521f3a35e1ac976e1a2","sha1":"cc7d930bddc88105f7c3d6bbbe74db8f78c7cf50","sha256":"6ddc23e5714d16e58c5fa537109e04b7f45abf79ac4aa1b8f371631ea3520d75","sha512":"4dae98925cc55685a79033199037b61e7370685091480bb4e9c92c5f5a15176a092f868b8a531c1dbc5fa00b41c298d60dab95b8656f89c33954bc319f6a28b9","ssdeep":"","tlshash":"3d41412231fd68b052bfc83a2b84ae9555d77317a0b383f06d1009572d9b86666ca18c","first_seen":"2025-08-26T17:30:33.430307Z","last_seen":"2026-06-05T23:43:56.920278Z","times_seen":22,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/userContract-bOONBziD.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/userContract-bOONBziD.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1fda\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oJspUke4TBWcrZIn1VCNQYC%2FSX13pY5j3opZgFNzBe9gY%2Fp5sIKlfYxlG7cXo3EuQRP%2BTNr3BoRDT3YQBdeOsk4ChH8q0YJqq2MA\"}]}\r\ncf-ray: 9ba45b799ffec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8153)","md5":"83b83bb797c6007d7f03d48704a72001","sha1":"abc064e41cd4a625c49efc0dffed7848950a976b","sha256":"ca6966fe263d225f57a6a5c2cd8cc06958e3af709b5c287f24e0c0decd3027c8","sha512":"174f97c0a0baee5f6c03a2aab44b0d5799daf8b8b8fe9d77737f987e5395d6a42a721bda78551fc0fffa4b2d1f486ae887f8285d9bba9ec716db6a4638ac4dfb","ssdeep":"96:wfPCD9/4DoLBp34pMMJJqOum8NvupjI/nWpu5Hf7fApa+e1F:CNsD4pMoqJm8NGpjcnWpu5/74paV1F","tlshash":"7af19559bd0d1419e2fbd20a64f05bcd0624f76bf30389dc6253192acd9769b2a12fca","first_seen":"2025-12-31T19:20:07.049418Z","last_seen":"2026-06-05T23:43:56.935451Z","times_seen":17,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c5d\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d0EndcslZTMoUzIQ71mou9pgnB70vNt7iezoFzuEpptCahn0mpi5a%2BVDbcLJ0d1M4VVmlSntT%2F0GwG7k4BdBAyQ4Gkis9pOkIzvj\"}]}\r\ncf-ray: 9ba45b79c80bc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1a52a\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=saUSbMOVdq1FxVpg6H29upRpVW7mr%2BP1FYJ9WORpmvqBKTsDEaLXE58E%2FuVGAEJmu67lliebrUX7n5wCZyIGFgeiAZs1EwNeFV%2BB\"}]}\r\ncf-ray: 9ba45b79d812c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107818,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (64022), with no line terminators","md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":661,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/uni.734051d8.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:06.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/uni.734051d8.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-8019\"\r\nexpires: Thu, 08 Jan 2026 03:06:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NkWMXF31M%2FCg5sTvnesq90Wf8mZlT9u8w1JDQKbBHrhYeDBqmu1aoQy9sxsjoJjFhq0IZjDXFfN4rllUTkdGBDRhCA5bOHyKmo7%2B\"}]}\r\ncf-ray: 9ba45b709ed5c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (32792)","md5":"dd5eb10f1e082900e8fc9f5294a20ea7","sha1":"0cb5185449f798d94746d77f3d50592cef306b81","sha256":"734051d81039fde90b77b4172ad966afe58f19ccca555fd849fd990d5cf327b1","sha512":"a7bc4f19c6eff7dedcae0d639d4f3ed9aa54fb0abbd517c4503b1b75693ceeddc1cb8e9c9813e373b81f4e0e4c7b735c4d8ce02cd16f296a1140519488bcda4c","ssdeep":"768:UoL4zei+XH7eryHDAtrEW1xBiM5TiDMBNXpriBdG54mZr9YnDcwpH:UoL4qxHHaISCmZrirt","tlshash":"dee2d6325e012939f8b7ca2668d1db8f2331c173d5531b6deb7975288b8e8c9167b384","first_seen":"2024-12-20T22:15:00.546241Z","last_seen":"2026-06-05T23:43:56.945127Z","times_seen":25,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/InputPayPwdModal-CwjLcKcJ.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/InputPayPwdModal-CwjLcKcJ.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-10e\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ffm2mVwlf0gUtYlPQG%2B%2FOtTmE7nxIOgsb2mBXCgGtYCYNJjPwJ8JSdPetr%2By%2BiO4E1lFYokzx2FYx%2B1HKUup3TkWrgGu9qDHc10W\"}]}\r\ncf-ray: 9ba45b799ffcc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ef857145a2387fa7f0b696d9c04e7309","sha1":"e720751d4d447040d3d1c52ccad4e080be11828a","sha256":"9c5c2bca02b37dc58e30ab5662894d521eb4d8f1c6b509e9b7a0f7a26cb9e67a","sha512":"481f8aafaaed51b3a6c35f90eec289047c3b99c94ecc569f7d430243581db234fb8654f63922025ccbba7b6b50928a94082ccda6553169a76f50556f8233d148","ssdeep":"","tlshash":"56d0c22fb8cd8050dd7fce222498edd98833336b6788148e2cb619a2c9533062221888","first_seen":"2025-08-26T17:30:33.409471Z","last_seen":"2026-06-05T23:43:56.965058Z","times_seen":22,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:10.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:06:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Wed, 07 Jan 2026 15:36:11 GMT\r\ncache-control: max-age=1800\r\nset-cookie: __uni__uid=rBEQRWledmNu9T3hAxbwAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-06T11:57:07.649114Z","times_seen":16179,"resource_available":false,"data":null}},"time_used":1501,"timings":{"blocked":627,"dns":2,"connect":247,"send":0,"wait":247,"receive":0,"ssl":374},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/index-C2R1XfRB.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:06.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/index-C2R1XfRB.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba45b709ed7c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"355ae2adca7c2e75e4fdcbcfe692bb36","sha1":"efbcd648a79b97294cbaaddd69059314cea2c380","sha256":"bbe20274f109dfd984deb66d9501c0b825cb63c6e8a621c7198d77d91f18278f","sha512":"da5ea57f302194ef5188a3ef3c4970333e75fccfdf6a22f920be9eda8da73de91a964d5912c84c7ec5c7c241f4f5b3703ff29e1354d3e1fcda8aef85978e707a","ssdeep":"96:1j9jwIjYj8qDK/D9KU4EG4Fh8/G4FV3424FB+skKmv9eQmN7UWu4Im7RLlTaQxP:1j9jhjYj9K/Bbek3V8VIruBm71lWeP","tlshash":"17e18672b1f5527600a381923695fb5a7ae0c213c7ff5594b3ddc2236f9ee81e903290","first_seen":"2026-01-07T15:06:40.829507Z","last_seen":"2026-01-07T15:06:40.829507Z","times_seen":1,"resource_available":false,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-drawer-joDNLxy7.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-drawer-joDNLxy7.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-67e\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TJuxojh4yHNEgJiR8Fo1UbLHm%2FmG%2B1WrtS62pRwYegoLHi48j0427681C4clEuWoLPqP0La%2FhPt1GkigMRmBnxq1gMG3lFx%2BQrP2\"}]}\r\ncf-ray: 9ba45b799ffdc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1662,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1661)","md5":"c459d8c22b13969efd179467452eb13b","sha1":"0c10dad7104de3185801252919cd93876687f9f0","sha256":"da10cabef00245f7c0337951d5ff5cbc9a8a1f6c83efce5dc26b6230c2edaf1b","sha512":"1d8d798bd83557544abb5df3e3251afd3bc7834f2f24521fccfa19be96e04d5a1c6844f28658fdd5e33d7316796e66cb5e0496a6fab13ebef553a676865a80f1","ssdeep":"","tlshash":"53318a325d553c18767fd316d4e1d9a80f3cd2d3daf2acce6209652b0a4b9b9205b582","first_seen":"2025-08-26T17:30:33.419712Z","last_seen":"2026-06-05T23:43:56.941652Z","times_seen":22,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9e2\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oW2yIwngvKR5d%2FQbiCWnKyeBBpXGkbLypBs1ru4U1YOI7ctfLjgPXalWRXLQ3ZQamPVU%2BKm0cJm4qZAdsc8GzZqMyXzuCbvxz5r8\"}]}\r\ncf-ray: 9ba45b79f826c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-49a8\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8jC8pIf7AQHEO3Fr%2FwADGh8yHb7x27QVjTqdssOG%2F%2F%2BRI1FP4nygceEQd7KFsWPUWaXmACADrb0v4mQLBYDCxjtbkKzAZiLeTckp\"}]}\r\ncf-ray: 9ba45b79d816c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1285\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W7eHchzb4l%2FL2%2FFhFmRjj%2B0TTrJzUvsvALnBMIkuPHZ9iKR5K%2FUv8g6H2nCQSjF9QK1gNloiyAwRdsoQYP53tyjsI1S%2FuX7zkuRc\"}]}\r\ncf-ray: 9ba45b79d818c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-stat._gfGVicY.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b39\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PrrA7Pa4JOvHAL3x3iwop7luKD%2BZ0Sh1Lgw6KkDUYeW1UrIabbx5LWXAB64RSEhYfAuxfBkExB2QFIprhSS0whvAZWBymy8MUUAW\"}]}\r\ncf-ray: 9ba45b79e822c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:07.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 381\r\nOrigin: https://usdt931.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdt931.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\neo-log-uuid: 9920083858972507034\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T12:09:44.754124Z","times_seen":16177101,"resource_available":true,"data":null}},"time_used":944,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":913,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/CurrencyList-DB3FY5Nt.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/CurrencyList-DB3FY5Nt.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba45b798ff0c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"ee11fdba4353e21cb24d48fedbfd2994","sha1":"a9c16a0070b4b5ea6638aa39c5085444ba33598e","sha256":"9b25a3c66c2b3ff9d14d27c4d87772815040004deffaaaa077dc95f8c8f5332d","sha512":"c69797bfb5cc706aca93a5e18d33a1e5c2771a2d6eb1c25dd5ad3b816e41919d1fe80ed61ae00c023474c141cf777c918892f40b646590a283d0d1edf7ee6017","ssdeep":"96:1j9jwIjYj8qDK/D9KU4pG4Fh8/G4FV3424FB+skKmv9eQmN7UWu4Iy7RLlTaQxP:1j9jhjYj9K/BSek3V8VIruBy71lWeP","tlshash":"e6e18672b1f5527600a381923695fb5a7ae0c213c7ff5594b3ddc2236f9ee81a903290","first_seen":"2026-01-07T15:06:40.833972Z","last_seen":"2026-01-07T15:06:40.833972Z","times_seen":1,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-popup-bottom-BiGtqM4n.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-popup-bottom-BiGtqM4n.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-276\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BDqhYk1BDFxN1GXFo%2FSn%2BLbK6aSfSJKIe50HFZKoVQZo96suMuE%2BXQLDqvKfn8Dh%2F5Vmpz2TJ4j9T%2FLX1nd19wjdmB2R10yIgeON\"}]}\r\ncf-ray: 9ba45b798ff4c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629)","md5":"795a7b7857567358cc4f8e630fd824dd","sha1":"687095a0389bcc5580d15fb0ec22ceb131705f84","sha256":"81d2b6e508e695666536446d38bcee719890675c8f4483a5ecfea69dd117b84b","sha512":"4369ca94ce84ebe80b2e9affe1519e7e1de2f166f24f4bc6803a666eec3af351341f0293e777fa0593fbe95a27021e28e38ab0214c92ed2ebfc13711f81730af","ssdeep":"","tlshash":"25f0282879823050687fc75af990ee44423da689fef609de22d516854f0bdca78065d8","first_seen":"2025-08-26T17:30:33.378514Z","last_seen":"2026-06-05T23:43:56.890756Z","times_seen":22,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-520\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1E91QS3AUUqa26ILJDaNag7SLfcw0zNiyFgg96KGxDkQ4dClVW1jydKrrGkS1ijL%2FM4kA65UZML7ltt1a%2BXbH50eHXm%2FPQwJOi%2FM\"}]}\r\ncf-ray: 9ba45b79e81fc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"172.67.154.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt931.com/\r\nOrigin: https://usdt931.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt931.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vfcITwfjz%2FVkGN9n3a4kqhe1YliDVupOQQE%2F0llrkYBxd0m%2BPiZPcjfqm22LcXuJxp%2BdbnEdIbPjGP%2F4VsFMEMl9To1bg0%2Fm17qcIl7dtkM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45b7a4edcb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T12:09:44.754124Z","times_seen":16177101,"resource_available":true,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/ProjectItem--WQEwVja.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/ProjectItem--WQEwVja.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-548\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uUnAkVZME140LfnQwVByGmab3Ijd4dHyJeGC85CK4fjq0v1xQzJo%2BIy87tWGYU5wOYhacrp8aR%2F1wsNeXu9ixlZEw4Q8GwhO1HjO\"}]}\r\ncf-ray: 9ba45b798ff1c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1351)","md5":"30c73a40912b2d57d2bcf3a9eaadefad","sha1":"d3313e7a5377930b330338beb0648d139c26c7db","sha256":"6de8272c94e2df8961626816b63c5b4b55e5b190670faf3826bdc18798feef9b","sha512":"a8436f768e1d29d40ec7b43a04f77026c58e6653bcccaffdb5bfb23f7baa4379466cd7dbd502c4d6c51853f8dde2fc7d9dbba70d405d55ffe47325081ca9d77a","ssdeep":"","tlshash":"a121cb21bb4c60087037c90912c98a8d1279b247a11a0afd9a7e3099df476b3303a3c9","first_seen":"2025-08-26T17:30:33.405062Z","last_seen":"2026-06-05T23:43:56.93881Z","times_seen":22,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-586e\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=85LpHLwPSW4ojUYiagT7pSNmqRgXl4U8cEqjxpTEJTZWfr2L8mdZcL38oAuKAaauaUfC5HnSgwo4mAn8mfSoQOSbtqmyXz1tCFay\"}]}\r\ncf-ray: 9ba45b79c80cc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-69be\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AiD5BBztvf2dSYfSZSmBxyAEtz3Sl3Y5pFQC85ITVT5LsUN2qccFB1hBAauH67qPXMSffVUbTZIqetQ2cPeIzAiJ6z4Z58tTTlAq\"}]}\r\ncf-ray: 9ba45b79e81bc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27070,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27039)","md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-input.uefNOExw.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1642\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MhDKJhlR5KBaj5EnRime9RSmdR5gmnHsmha9rGYM%2Fl7t5W6e9p1ssqw1w2KEomIt3n5qImK52k1J%2Fy3J545B9PDj9xSMKGW26zrW\"}]}\r\ncf-ray: 9ba45b79e81ec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-button-BpzWQUlV.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-button-BpzWQUlV.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-162d\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OCYXiwy%2BzdSlmyxT9MTTuYesyP%2BPFOPHWcyysqmMdBrTpB%2FGgBK7oBx%2B57OXCJAiewXVbH%2FK25LYSXejW%2BaqEC2bZfZSVKZbZSGf\"}]}\r\ncf-ray: 9ba45b797fecc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5677,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5676)","md5":"119264cd3c80acfe78ffad71134d788d","sha1":"8cda9c0b48b8d22eed34808e6cca43caa59c891e","sha256":"08e80d2433a59c8e2371d0268b7c42e849404c218150ea0eb043037743bb53f7","sha512":"f52bafe7171cc2ff034930bce798aeff2d138762d357c8142740fa28459931675db2df6a1ccc5c76f9b3df8bbeb511a547571fc102ac076c630e429b926ee69d","ssdeep":"48:jPwdIWejFN9UGzb7GDBpX9rU9E7hEVhRQeESmjxfkgshmhMv2k/IS5O1V:jPw6WejFN9UoiDDXtz8Lm1fLsQGvvg/","tlshash":"70c137e6f3cc48693a6bd29a43667b7d1c6e72c7c2040f26f4673a644f220d2357218a","first_seen":"2025-08-26T17:30:33.372003Z","last_seen":"2026-06-05T23:43:56.924247Z","times_seen":22,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/index-C2R1XfRB.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:07.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/index-C2R1XfRB.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:07 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-79c7\"\r\nexpires: Thu, 08 Jan 2026 03:06:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V5ao6a%2BBfw7JxKRxC2wFmr5OtjtHK4eyhdssVCp9%2BSjJ6xfdT1R6dY2Mbv4fs%2F3c4lncQXutXH2SEMjym7okow7DEv9w0%2F0OABos\"}]}\r\ncf-ray: 9ba45b757f70c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31175,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (30950)","md5":"92b434074c6cf3e47cb9a2658db8ff08","sha1":"ea753d3fe316f85264e01edf521521958668a9b5","sha256":"4014fcaa52dda1b273304725500679ec91f70da9bd54c6fedc9c63a6fdfd382e","sha512":"b59cb7e09b90d2f7d5941e1d87bdcb210f324a997cf94887c8f9ddf59b02a712d80b6f0927d4475b7044f11c7ea01677a0345031273a8d82697305b2792af083","ssdeep":"384:qeDzFzaU5couyYDdnsf0VSxa15tVjaXeCcrUUf2GWthmohI:dDpOHFVdS+SE7wfcrzf2RDI","tlshash":"ace2c5bf598d14c873baca43e75077ec2d25f52ac362489ef067294ccdc72a31a5266c","first_seen":"2025-08-26T17:30:33.412092Z","last_seen":"2026-06-05T23:43:56.951239Z","times_seen":23,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/s-img-AdHTCu8Z.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/s-img-AdHTCu8Z.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-13f\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bb0zHCYSvCJ5unCl%2FX4T19MDuk7XWdmBFoFLeuVWZ6YqNXIn7f%2Bk0BV3RSzVLbW8bSekifWzQxQmHJVuNqjdDcHAarEiENgtMCwT\"}]}\r\ncf-ray: 9ba45b792fd8c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (318)","md5":"caad3ce25d72effb824a029ed4548224","sha1":"464bc035b1972a6b3c45a92cdb00b6627146d6df","sha256":"a68414fe0955a195cccc7130dfbaa6de5308a690fd5a9ae0cd02b57eb135be85","sha512":"ea3eddb3c854ecc7ad8270ac5b60f0ab72f275818311a0102cf88c3edd900aec87ad714bc5158732ec3665ce7355335c0c05ff458203f736a3b2016ee3b7b008","ssdeep":"","tlshash":"c3e026ba2368788008ebf10039f4ea484138a9b3eba3049fc5801390ca0f6017609aa9","first_seen":"2025-04-22T02:10:48.304952Z","last_seen":"2026-06-05T23:43:56.957428Z","times_seen":23,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/uni-popup-Fqn9N-Zi.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/uni-popup-Fqn9N-Zi.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6ea\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1%2FaQYsYDlbFGx%2BXYrPfpjeQJh6U8Jwqw5OjZAZFCKhohTGwtfOZPFkaUt%2Bmyl%2BDBp6bjSg0AXlbqmUq269zaH3XZpLfsxbViP94P\"}]}\r\ncf-ray: 9ba45b798feec759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1769)","md5":"d082db8500b272c2e43675d8c52d8fdd","sha1":"b6a165928e6ca58ee847e1b9316b0954a0a7b126","sha256":"2567b7b7dff7c1b3092ef67294d1adf734c4a26d1e6ba21ba15fa4ab2404ea01","sha512":"ec6a79cd5137ebe2eb07f48e22b5c1bf70afabb63a1685e49aac0b7b73479b1e9994369488db30971644dffc33bae8310432891df182d4cba8c0d735d7f7f4e2","ssdeep":"","tlshash":"9f3170723c1d351984afc0e6689aef46432c72339553b6946678f4180cdf9e23e5b6bc","first_seen":"2025-08-26T17:30:33.414771Z","last_seen":"2026-06-05T23:43:56.904585Z","times_seen":22,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3bd9\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mY4BBRIy3hzhJ29kNWgwAyLtu3nbZlK01mX4KHPmNqLEjF3%2Fsl7jkRmVjiSGeS0dfHnvMm3RlPQJdBZ0EDDOPwb7SoVivMafgY7%2F\"}]}\r\ncf-ray: 9ba45b79e81cc759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1640\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tdt0wJqA4QD8YKVjxBDKyVYnPFFhtG03QCabNfK26pieritFUpN7O8pBU4i0lbHB9R5HfNzmJkZ65gLjlqCH%2F9%2FUvicWeYTUzCyL\"}]}\r\ncf-ray: 9ba45b7a082ac759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/z-paging-Dz0lgrdA.css","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/z-paging-Dz0lgrdA.css HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt931.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%223af9a473-af47-5ae2-86fb-5f8de2932c23%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800167574%2C%20%22ct%22%3A%201767798367574%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=3139df28-e428-5d57-b4d4-d7f3c2726656; __51vuft__3JnRFYkERItiZhCQ=1767798367581\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-16b3\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=724XNpi8uBB6Cvlq%2FueYYEMOIrM1STFtHAhAzGABX0Xx0XZBPYtVNTkVMIsJ5TqXPFo4FdPcUQenSt5DrDp5K2izPijZe0mggmSm\"}]}\r\ncf-ray: 9ba45b796fe8c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5810)","md5":"174f196dbdd575437914dabeae885229","sha1":"a1dce8d47bfaf62e197c543e9aedb3664f3f6bca","sha256":"a95bc9745d619306f65889023d4289d026702e73d0bf9bc45e5af4c8e56f508d","sha512":"b045262974cd61251dcd03d860374946efc593315765061de3be9176ea5fc74a88de76e45dd8976f1ee4c957568824eb1a0f0867ca38cfd21bbb47c3bb58969c","ssdeep":"48:kRpuakdxeHDeCa3z4NhamadBaJlLaJ5GaMoSa+J8vasCayagKarUEqFN3YA6J1jS:cYxeHCaJpxIFHHoYs2Fk3keCk4","tlshash":"3ac1232d716db0395577db6e60f49a6c5060e22bd72bea8c6343231bcdc76e539242cc","first_seen":"2025-08-26T17:30:33.429333Z","last_seen":"2026-06-05T23:43:56.939575Z","times_seen":22,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-75f0\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BoTF1vzDgfEB8NdzGijCBkE0KQKOm5jqVY7RnCMYiP%2FqVCQ9QXgrHgr6emJOcBlxvEFPpGNiOrpaUbahlaSp3QPUlk0YCg2B3FC4\"}]}\r\ncf-ray: 9ba45b79b805c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt931.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt931.com","domain":"usdt931.com","tld":"com"},"ip":{"addr":"104.21.59.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt931.com/","date":"2026-01-07T15:06:08.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt931.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:35:29 GMT","end":"Sun, 05 Apr 2026 16:34:04 GMT"},"fingerprint":{"sha1":"4F:0D:FE:2E:45:7B:C6:DC:A9:05:25:BA:D9:D3:47:F5:78:8C:67:5A","sha256":"75:B2:C0:36:D9:39:22:8D:D1:5A:C7:C3:9F:AB:D5:A5:3C:D6:FB:80:64:21:01:D8:FA:F8:99:1A:A9:EF:14:CF"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt931.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt931.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:06:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-999\"\r\nexpires: Thu, 08 Jan 2026 03:06:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a8QeZ7%2BF%2F2Dby%2BpnEKWsBdrzXVmYXklBMEXtD3ukhkxE5tlY39rXjdy3nrBpAfXH7BiT%2F5QAG7zP1em8Yt9lYFY33cN5SH6%2FrHt9\"}]}\r\ncf-ray: 9ba45b79f827c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt931.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}