{"report_id":"686f7d01-73b2-4267-96e3-6d0630b19902","version":6,"status":"done","tags":[],"date":"2026-02-01T19:51:41Z","url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"172.67.205.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"title":"Blockchain Investment Project Website - Unlock Financial Freedom","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"172.67.205.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-08T19:51:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"rtfsq.top","ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-12-27T02:50:01.751756Z","last_seen":"2026-01-25T20:14:08.334967Z","alert_count":0,"request_count":1,"received_data":220,"sent_data":397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-28T12:24:09.896795Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-01-26T03:12:29.058923Z","alert_count":0,"request_count":1,"received_data":356,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usdt935.com","ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-05","domain_rank":0,"first_seen":"2026-02-01T02:07:14.25267Z","last_seen":"2026-02-01T02:07:14.25267Z","alert_count":105,"request_count":105,"received_data":2417844,"sent_data":73518,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"apis.usdtifa.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-28","domain_rank":0,"first_seen":"2024-10-26T21:39:02Z","last_seen":"2026-01-31T12:50:51.67167Z","alert_count":0,"request_count":22,"received_data":573190,"sent_data":11762,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d6e92f200cff0675c6c843ee8980e5e3","sha1":"50ed9a2265e851f6b11abb8d1a5e0443151a7cfd","sha256":"9dcce56c16f2685a0cf3e10c3dd707e1685f9f98294c5a5036b2c3b3e2f30801","sha512":"49e0b72dcff5d666ad61db6e178e5a2a577f95a0b962dbd49bf7b96fadf11b1ebd2596c2b5c7cec7532c2f61809248fac043ac265cfa0c069c864c391c793be9","ssdeep":"","tlshash":"a2c08cc5b0c22d001612641014af24e49024802670881b028dd4d8482e220b08233e98","size":139,"data":"","first_seen":"2024-10-14T16:48:29.18645Z","last_seen":"2026-06-06T08:46:41.497037Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T18:19:10.618197Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","size":2207,"data":"","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"baf926373a5336bbdd42a02d78239e20","sha1":"a10eb81dee4374480d5414c25abed550d0be55ce","sha256":"8c2eff768a8d2a1c66d635ba46d5c553cc6600d1b5de5f2ac9d5d80e510d322d","sha512":"0aa58d4b1f32058be87a8ff4d8372e8b0aa659cc72d1ea929732905be52f7b9976c965a4a350476d92cdc7c184bafeb8f64d51ed683a8a375a317c11d4d222e5","ssdeep":"","tlshash":"b5c08cc4a0c22e102612a89010af24e8a034402670482b02ac94d8482e224b08233ea8","size":140,"data":"","first_seen":"2023-10-25T16:06:30Z","last_seen":"2026-06-06T11:57:07.720749Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5c56bd092d0b0dbebcea0dffc9d3e1c9","sha1":"e63350a080d3edda266861535b89dc0603f2150f","sha256":"8d56b21d15b7fb8d64c62e430f90397e05d7d1c8ff9604577435bcfe68568300","sha512":"fe57381fbb2ad34a6a6750deb2d29f7bb89372dde680dc4be3b99ef6ccf3cc0476c9bd4a550f3586f8d44dd12b07c3be71c2ce454a98ddd01035405ee2ffbfcd","ssdeep":"","tlshash":"eac012c5e0966a211e51a914646f25e49024941a74481746cca9e9d42a121f48123e9c","size":172,"data":"","first_seen":"2025-11-22T10:34:45.647279Z","last_seen":"2026-06-05T23:43:56.980292Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbb8281a186bd30f570bfca3f66c70bc","sha1":"113ecc8547ecd1d2cf2f7b10d8ce63e725c0ed3a","sha256":"8884166e9156c62e064132d041c98801b482a2cc6a8e146561895510917e1783","sha512":"6e355b11a3f54c746b5420b83caff25fb947695388ee01ab92e3d09fab418893a8fece553161807218370c8344f936de1aaaeab94dfea131fb25ab0c9231f5ac","ssdeep":"","tlshash":"37c08cc4a0c26d001a02a46054af24e49024402770481b029c94d84c2e220b08233ea8","size":137,"data":"","first_seen":"2025-08-26T17:30:33.449562Z","last_seen":"2026-06-05T23:43:56.976631Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0efbc289fa81555431fa55aecc16bdb","sha1":"c003e091a0c7577d31a08aecedfdf0fbf588a537","sha256":"3b4ede29d0c79d3efe1a1ff3cbfbd15653230a9b26d40b33bbb1f78b465d85b1","sha512":"3571fd6c4175cd3725b3072f73015426e759dde85199169e18bcee1292ebed1cebe10a929fe05561842703f59e82f528965fdff7cbe61b342040c3035ead5639","ssdeep":"","tlshash":"48e0618250e7295c0520816a354ec5171f6505b39e818d513c8c7765cff5e4bc05d858","size":420,"data":"","first_seen":"2025-04-05T05:04:23.897278Z","last_seen":"2026-06-05T23:43:56.968069Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-stat._gfGVicY.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","size":2873,"data":"","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-money.Df21XDR-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","size":3017,"data":"","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5d31ff7e60917b0ed4a4b70d37f66a2b","sha1":"c50f1dcef18065974e84265a1a49bdd0ee29e449","sha256":"aa6fd728eecb263d1055ba5f0b243644492895c8b51fdf396aeb35f2026ac848","sha512":"37b9cf72e1f471ea4b8ab70e1ced41fd251b10d068879907f2f7dd3276ac5c5cd9b0c3b90a731ee5449d42ba3b181ce145207561b4e72ddb32bbf1337361fb8e","ssdeep":"","tlshash":"72c08cc8b0c22d001606641010af24e49024402670482b028dd4d8482e220b48233e98","size":138,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-08T02:55:51.752036Z","times_seen":302,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","size":3433,"data":"","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","size":1194,"data":"","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"35e0563db9526e0c5fb582a10302458c","sha1":"a1f9f0f5d0b5c690795b05928ad7ca0c103b9777","sha256":"65edd78a29d50b17ea83883ed1d346bb8e350b5cc13e7bb107b7507199fa8eef","sha512":"c7c38f574d0cda3932f3e34d78956e744ea361286aba39e79003d524f9f19ab05603900fe145662c11a0c04a43898bf00b76ab2f8a3783d319092bf55b430d3f","ssdeep":"","tlshash":"51c08cc4b0c32d002602645050af24e49024802770481b029c94ec492e220b08233ea8","size":141,"data":"","first_seen":"2023-05-05T08:00:34Z","last_seen":"2026-06-05T23:43:56.983347Z","times_seen":663,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","size":84,"data":"","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","size":3165,"data":"","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","size":4187,"data":"","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36f26a090abdcc337bfc430f7eba2abf","sha1":"bde4b3d8e5ebea671a9a85174cfb4058a4bf0adb","sha256":"217e71e9b0dbcd6bf49e06ed0c8570fc448a800192167db81cba4cbaefddce78","sha512":"a191f331612f086b236bcab8dc8340639cec8859afceb86edcaa7913e42165ff3d184a5a5f4bac7ea93f59aeea3c76e505c456f9f5da206347076658fc271a87","ssdeep":"","tlshash":"12c08cc8a0c72e101a12655015bf24e4a024402a70489b038c94d8482e230b09233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T06:01:07.24381Z","times_seen":1577,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-08T16:51:31.596607Z","times_seen":3525,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d774fed07205a75db9f9c598203c2b9b","sha1":"a431d5203ffcde744a9025d0d7dbe794bc4b52d9","sha256":"138b79a6155dc1e18b3b0b74d7f108c73ca2ef9818da9bbfaafd03b420fe957c","sha512":"c7809ff091b5db0e57371c7fc960cb39f95047c34bd6c495c64bcf297cfea0f47d51834301b4b6b29d04b42605fe8d667d4df03f06d56675ae1973876631814a","ssdeep":"","tlshash":"72c08cc8a0c32d002602a51020af38e8b034842770481b139da8dc483e730f08233e98","size":147,"data":"","first_seen":"2023-09-19T16:42:51Z","last_seen":"2026-06-07T22:53:03.015796Z","times_seen":191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","size":15321,"data":"","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","size":30192,"data":"","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0951a72701a995f6f19518ce49792325","sha1":"6995a4b50a7fd86a4fdf32657d5fbf60d39b8605","sha256":"59bb000eb5de16037c3cfd8c30b75845ad57f4564920866696ce1e9f1fe7f3fc","sha512":"14be3bb5051110025b856b2c17e66795a3c1bb0976e4ff738747edd8bbdfd1cda3ea1838184affafcfd5fdd5c03a29e6370a5f4709d7288aec1f135c8e22f0af","ssdeep":"","tlshash":"55014908a3f221a2912b74bc8b9f9614293040037508ef51bd9c5781bf9643486ebfc9","size":758,"data":"","first_seen":"2025-04-06T03:52:55.464031Z","last_seen":"2026-06-05T23:43:56.971169Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","size":2530,"data":"","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1ca49f0e439cf34669924908e59b2897","sha1":"efea6ef6bd12f3ded99d07b429c6af21c23ed826","sha256":"9f9ee6011e8f88513c2761906180f430478c9d9835d4e74a211cafd3c79b955e","sha512":"f5dfd73abfc4c47819a1c10e68b974d2253a67fd9fb113e510809ee5ea650d5dd1f003dedcd6f88235e4e5b696f28c5e2f18526e794579f3b9f5a1d7db17bb21","ssdeep":"","tlshash":"fec08cc4b0c22d102602a91010af24e49024406770481b168c94dc882e224b09237e98","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T06:01:07.246399Z","times_seen":538,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","size":107818,"data":"","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e0cdd733c246a219ef3f620b22d69aa","sha1":"863bf764440755fa39ead6406e3e3e2c61df2fcb","sha256":"30d09f0fb47d204d4f13487482604c49f69eb595608f211f30684ea589eb9ebe","sha512":"c3504ed49777cfe19faaf41429845212358b3c2078bce5d31c43da809c5b631a0d9cf568b55cda87c4307a290ca35f73f6946ddc3e3a6ff8fc0e4035b114ea4b","ssdeep":"","tlshash":"01c08cc4a0d32d002a02a49024af24e49038402670881b029c94d8482e230b08233e98","size":139,"data":"","first_seen":"2025-03-17T10:03:33.622599Z","last_seen":"2026-06-05T23:43:56.970392Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","size":2166,"data":"","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","size":18856,"data":"","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e267cc44511bdcfb9d6a29aa9e0f9e87","sha1":"7068144ccf89432eab5a1b51f1d7634ff629fa21","sha256":"5df8efa06d78c4e24760df1e0f34d1487deb5109f000bed21b225e9e84617782","sha512":"34223ca932af064d34bfb746454477f0edd1a28f495a12642b5e5b107a07029685ba89ebafbf0f12b035443fd0352d8b333dc969e7e63dea56f1271bf8056a52","ssdeep":"","tlshash":"7fa001a3cd57d739187d90282301594daca3068204224c84369f28421fc81006081983","size":72,"data":"","first_seen":"2025-08-26T17:30:33.459192Z","last_seen":"2026-06-05T23:43:56.981187Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","size":2870,"data":"","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","size":1312,"data":"","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","size":4762,"data":"","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e9ccdf6128f496cf5fad41555021d5ce","sha1":"79948ffa9e6b239bf806d1be3ee8f33c5b44b47f","sha256":"881fc2e41e6bbf997e99d29a85de0d6b047eb5f7641f0247a82fef78b2a0e615","sha512":"448c3038447b8755d6d73486eb9d3eb05ae55c0a6b1e3e07be4f091caaea70a5d284d994087f3113841facb6baf13f8e8cff818808a38f26f1effbf34daaa313","ssdeep":"","tlshash":"0fc08cc4b0d26e201602652519bf2ce4a034802774482b028c98ed492e220b0833be9c","size":148,"data":"","first_seen":"2023-08-12T11:46:41Z","last_seen":"2026-06-05T23:43:56.988332Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"82b314192b4dce18e996c2179c3b795f","sha1":"caf6f26b907ac13a6cb9491dee030755bd05e8d9","sha256":"84947a1b1be359bf621fe720ff7be49752dff1864c8b425bd03878586e6f6bf1","sha512":"bddfc79a501dc421a245cbae7b0d55d979c178f44810749081e62296e01f7399ecb87cb0e1e41f7b3769d3ee8c9838563cbec5d0c34eb2841184d4a589afae25","ssdeep":"","tlshash":"90c08cc5a0c22d002602681020bf35e4a024442b7448ab528c94e8493e620f08233eb8","size":143,"data":"","first_seen":"2023-04-17T20:49:21Z","last_seen":"2026-06-08T02:55:51.752619Z","times_seen":290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","size":6384,"data":"","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","size":4741,"data":"","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","size":22638,"data":"","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","size":27070,"data":"","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index-DcZrAb-o.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28ee8c25bbc5545a74782a7951b9a6fd","sha1":"2194b6108264af7ded37b7e0eee6387f4093b775","sha256":"4639c812ad55aa7e23890138b4f979c821075b2d3a17607044b736f3fb373be9","sha512":"4e2851f1fac247d5cb7ec79db7e1c856bb7b4577609301bb10b73d10b2fe00eee81302d0d206b2bb017ce53e33b2033a050957874065936881c9bf45a2ac223a","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+50ROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKE","tlshash":"1a05af9a338a702106f536d2306e3631a3745e65f84ac0c876dcdeea25fbc056297f79","size":873735,"data":"","first_seen":"2026-01-04T07:38:56.489286Z","last_seen":"2026-03-08T15:12:25.595754Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","size":2457,"data":"","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3e352e40da965a477c73b85f45fcbcfe","sha1":"3e723988fae01e9002cd221d32d0b80fc932dc85","sha256":"5437083c1c0938d596758b071b379432c6722f887cbe2dca49cc5dd12e4f48bc","sha512":"36bd9ae9981675720b34b16739e5bd73967018d36cffaf325c4415dede978a5c8950cd9ee99567264cef03b5020fc26def12f1274befcfba2f680291e9f34580","ssdeep":"","tlshash":"e2c08cc4b0c22d003a02a41024bf34e89024402670481b028cd4e8582e230b08233e98","size":140,"data":"","first_seen":"2023-05-19T17:54:23Z","last_seen":"2026-06-08T13:56:48.035085Z","times_seen":686,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"11ab169d0bf6e806e9ac049d3b54e3b6","sha1":"71fcbedf3a9a8e22003315106b9910f2bcb258fa","sha256":"3f301446260bd8578ada459db15fa8a65a2334c872ea63fe34a93be0d42943cd","sha512":"6da4335f25d683d37adc45cf7ab8d32a1bb460f0d5a564b6e7750fd6b2aaa59abd6231252a9c4aa7059c43363c77ab2c6515d8b52eb9090da8746fa854dd7805","ssdeep":"","tlshash":"99c080c471c36d0125155520507f35d490644017749c1b568cd4dd552f130b15233d98","size":160,"data":"","first_seen":"2026-01-04T07:38:56.521144Z","last_seen":"2026-06-05T23:43:56.977464Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c7e852b3890d84ceb019fb49d8fb82f2","sha1":"39fd7387eb73882beca538337c8c3cbcb0e29274","sha256":"5464fd014fa7fc9f785002e31cf3ab6a9c4e5ebd440ae9e313c2e4e2e1310a7b","sha512":"cc52b7193b565d3f3cce8ee54ff11dfee752d80dc7f51d59be7ba83b692e419528bb0a1b726935e56664d7c449fa0d6a1566253431dfb22bc266762e423d6287","ssdeep":"","tlshash":"cfc08ccdb0c72d002602642050af74e89028402670481b029c94d8592e230b48237fd8","size":144,"data":"","first_seen":"2025-08-26T17:30:33.454142Z","last_seen":"2026-06-05T23:43:56.984264Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","size":522,"data":"","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1faebd0b8ec83d9258948f07393e454f","sha1":"44d5ca89f13c7829bb8153a66ba0d76047eeb290","sha256":"9b72256f8545b5a7756926fc56e1d8634a74b0efdf96ee8291b743ac3434846f","sha512":"14dede173aa4e1c8244528fef9c867f813d3f391f66f1a356c2887fed20294f9df7265d0e8d5bab67bf8e1e1a3ca2238d1da9a6b806c008154a19ef701877830","ssdeep":"","tlshash":"dec08cc4a0c22d001602a41018af24e490248427704c1b428c94d8483e220b08233ee8","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-07T16:47:46.391545Z","times_seen":315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c9906a60bf176582d9c762184036ff97","sha1":"5c61bc5b5cf5f9f82e45f9ed39397d6543de7e6a","sha256":"f72ccf65db7b64c33731893405e035c0d29bbfc704a4d4ad94d6e0d5a7684b20","sha512":"f922a474f726dceac9a7d8ae699f84be6815d0436ba8e3f514a21bb3d6907058ed6cd5544dfe13e21b701e787959e922df9967a2ea5a936b5ef789fe4848cfb9","ssdeep":"","tlshash":"bcc08cc4a0c32d002612681020bf34e49024402670481b438c94d8482e230b08233e98","size":139,"data":"","first_seen":"2023-04-18T06:39:26Z","last_seen":"2026-06-05T23:43:56.986496Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbfdbe498eceeae4b8955afded5953f2","sha1":"8c751893c399c81cfa90910f797e551c903f6f03","sha256":"58b8d2d45f5c38007fb9d52dbfa22b0e70b9fc6eed0dde5c96f3c600a54c387c","sha512":"2ca782e375b5aea7b15ef61611be19449f3ae3efe35807414b2efdce77c2250741e4efc0b626fe817be0c8ff1e221f8a3f95e7bd9306ff3ac87b930c510077c9","ssdeep":"","tlshash":"84c08cc4a0c22e105622641010af28e89034402674489b528c98ec4d3e230b09233eac","size":141,"data":"","first_seen":"2023-05-08T02:54:43Z","last_seen":"2026-06-07T22:53:03.018395Z","times_seen":348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0ae64cce4f24529caa56156b159bdade","sha1":"3f1c5a480a93a0bfdc86eb0d7769ea098682b7a5","sha256":"99cb12f023e5c6752e9a7e0132343acf246a432e31d1e7326a3fad10704711a5","sha512":"0ce54f9c86d027c6895c449a7be022ab96d9df608d39f56a3eb0c2721f49aac55b9f82668c5265ba231c626d7a841bcb68c13b169f5f5f9be40244d0c3abec61","ssdeep":"","tlshash":"eec08cc8a0c22d002602a45010bf38e4a024842770481b028de4dc4c3e230f08233e98","size":141,"data":"","first_seen":"2023-04-14T14:41:51Z","last_seen":"2026-06-08T13:56:48.153946Z","times_seen":2101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","size":228662,"data":"","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5eefe40b85e8c2db9ca6b62c4c3c5399","sha1":"00c3b8914ba6e7b5e9f47b5111b63e9e0ed7a556","sha256":"5e0f7543b9c01385fd8fcf8669408e298108d313227ab99067161b46c5d60ad4","sha512":"8aeda493afb753af1917f681b30c17a5c5941366be426c10cdc863eac91477e17264c4ac13c3b2924fbd47d3df739e703a6b609e7681530d4df3b3889987eaf5","ssdeep":"","tlshash":"a8c08cc4a0c26e005612641210af28e4902440a6b4481b038d94d8482e624b09237e98","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-05T23:43:56.972648Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e40cc2aab8d5d376280c17d363344fb7","sha1":"75c283226da7b59501ef980f3f8d8256a1425ea2","sha256":"187749c0617b275173ac1ef4e8273c2e95cb5ed334d3a1baa5235251ed02e545","sha512":"0518d6e4f074dd336768ae9d292bbb2baf2db8866645d7d938143fe77f3fdb283d47af41d852165a22ae63e9c11d4f41ca8762b253dac0ed14e17a77da098810","ssdeep":"","tlshash":"18e0d8736f5665744473e02e637f7720753b516b4250c9067a2c868c0fe0a87666d6c9","size":411,"data":"","first_seen":"2025-08-26T17:30:33.468213Z","last_seen":"2026-06-05T23:43:56.989253Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-input.uefNOExw.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","size":5698,"data":"","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index.DuhDaPHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","size":1630,"data":"","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","size":5696,"data":"","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fda026047e8eb1a5882e868c6621ecb4","sha1":"94912222851f4eef4664202cb513d7f3d45993e5","sha256":"389ca4866842c71e748f3385526f79ec5d78e6fc86cf71a48a0c44012c59fd8a","sha512":"c7ddb08213f5190b3cb67a8b6cdb51338e1763bed5a088339a123b7fb1f6e67f25289f103a5664785612b1782a4301d3d9d16f8a6d466cceca1e1c1814af3145","ssdeep":"","tlshash":"d3c08cc4a0c62d002602681111ef28e8a028842a70481b039cd4d8893e620b48233e98","size":141,"data":"","first_seen":"2023-08-10T20:40:22Z","last_seen":"2026-06-08T04:15:12.783199Z","times_seen":272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cada8fb3cc65a39eb36a4df1c90f2caf","sha1":"609ae148c4c2d63e321211f8091ec3f8e0350de9","sha256":"889322541533390498d984110d2c5183e30f68eadbdd3e26d49ff14ddcf0da68","sha512":"9b2cf6f4c703f718d9cef1fa878443517aee40771676b60ef560bfc74e96b94578c7ba9b07041d2716ce040a4c8d786ee32e31f881b9d80443d9a0671f86fa79","ssdeep":"","tlshash":"88c08cc4a0c32e001612646410af28e49034402674481b02dc94d8482e620b49237e98","size":138,"data":"","first_seen":"2023-05-02T22:44:01Z","last_seen":"2026-06-05T23:43:56.979444Z","times_seen":551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","size":14279,"data":"","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-08T00:40:13.201748Z","times_seen":98189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-08T16:32:20.977667Z","times_seen":1555,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a7b3de7354307d425e2c87cd30f4ede6","sha1":"dc66414ea415cd874318119239b4af134ba2567b","sha256":"6ce792f41f1371f6d74e42988b05237acaaaf3eabaf18d6f6c7b56b2e58c4823","sha512":"15313ff7e64d913b8e7a1bc9f0802d26ec31225c1e0be7fa325315bc6cebe8d5e070cba2c58e83993c461951180bb947eed81bd1bbd165015772906c7b2599c9","ssdeep":"","tlshash":"73c08cc4a0e23d001602641010af24e8a0244026704c1b028c94d8882e220f08233ed8","size":136,"data":"","first_seen":"2023-05-05T08:00:34Z","last_seen":"2026-06-08T16:23:39.959994Z","times_seen":848,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"26ada63688eecf39cb8b0e0741aed2a3","sha1":"3e03adde982a6830c7a2e8c182d4b526ef9b1b59","sha256":"2616c1772127515b4ee84f38249e3dc6acdf300478ef7bc9081803e414323c46","sha512":"2ffecb0c1e9a36948b7104f5dfdf31d79ada71c5f4554a41eb88fdeb7c512e319e317535e184413a44d6b12c3316a354a0b4516cc2af569547755de8222cf787","ssdeep":"","tlshash":"60c08cc4a0c22d805612a92010af34e4a034803bb44c2b429da4dd483e674f48237ed8","size":149,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-06-07T23:01:03.47798Z","times_seen":259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-08T18:19:10.794053Z","times_seen":5637,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2cbead8d777092847714cf3153123fb4","sha1":"452bae521f1a8f32e2f02902edabfa48d6ca4626","sha256":"998e7a7ab80aa20b3d2f7b6d9ad8e897a24f43eed54b95dcd2b478a8fa66a56b","sha512":"bfd5838ce47877b46e3e446203789929a5843be24b0a3dd95da4f1fb4260367bc11ab9d5e4304b7f45ecf2e227c31a9ac2789b0eed2c1b0e7cbdb5c59ad46192","ssdeep":"","tlshash":"82c08cc8a0ca2e001a02641855af24e49024402670481b02cd94d8582e620b48233e9c","size":141,"data":"","first_seen":"2023-05-31T15:16:52Z","last_seen":"2026-06-05T23:43:56.99108Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e40acf04b9e1d2e7ad1d35c70f89add8","sha1":"826ac96f076cc09f10b4e38ca8bd6b67ba79149b","sha256":"6b702ffc46910b485fdcbb4791eaa2bcfdbfdaa8e3d4ca7b513ed029c875223e","sha512":"278dfd3d6830050797905e4e5a3565c6ee3210ca91bb415e630400808b555459f7e2bd154395aa08f55d6f69cfe49628964796446ced9ea429f1e8d18f768eef","ssdeep":"","tlshash":"23c08cc4b0d22d102602641410bf34e490248027b0485b028c94d8482e230b08233e98","size":137,"data":"","first_seen":"2023-04-21T12:20:40Z","last_seen":"2026-06-07T02:16:12.641574Z","times_seen":243,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a7e507f5998c97ab0dbb873768dd748d","sha1":"3eccb50466058830030b932a69b010061081954f","sha256":"a8d5d1e6f993c51f99757071832455971c5c050686ecbfc76c90e32a32ccc555","sha512":"d70d16b17806bd1cf085f7cffb3f94c9492ede6706d498e96f20a093d817c6667cec135fa77a0c3972f7087376993d233a176b4fb7b166da133d6eb9401aaf79","ssdeep":"","tlshash":"1dc08cc4a0c22d002602a51021af34e4a028443670482b12cc94d8582e230b08233e98","size":139,"data":"","first_seen":"2025-08-26T17:30:33.458228Z","last_seen":"2026-06-05T23:43:56.996833Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"usdt935.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-876\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7d9JiS958QzGGmXhNIUMTp2dwg5h9wKTUPlxsG5dImbjsUm%2FbYEpnDmdXvoTMrpIaG5rRGsfmaDamh4JXSHR0ofPEBTRjK4trw%3D%3D\"}]}\r\ncf-ray: 9c73fb77eb66b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/notice-pop-B_iwAnHR.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/notice-pop-B_iwAnHR.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-512e\"\r\nexpires: Fri, 27 Feb 2026 09:58:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381180\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZte4crFaoK3bsA4olBUIDK5%2F6iFmpJkqpSLaRDogjqsJ6GL6th9%2F2jKvlJGFaR751CI6OtvyCrJ0xasd%2B9DRMKOvfxK0eRQ1A%3D%3D\"}]}\r\ncf-ray: 9c73fb7acbcdb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"e8b6d6a684174fe592319167d41b794b","sha1":"8b27940304e963797b5a1d7bd01d715a1c486bb5","sha256":"8813d7728e298924f626b9d7d594a59a08d8a91994446342e408a47989e5908a","sha512":"a06c8d5e4ce8d9b7dd77826c64b264ea442523bd75618efa3fba4188995b81eebd6508212054f4b0ba32908cf225bc9a7489c28cba9962747bcfb2fc8ac24c7e","ssdeep":"384:bwxN5HRAbw5oxF2rn1jtdd/NqJEJeMIQFK9YYolYyvibnqMLq2CX0iN5XSmOXXXx:bwxNJRjGAj1j9/GEVIZyh2nDL21NpOXx","tlshash":"8692c19216a902d1adb8eed13bbebd5799865b94862c6c00fb1d3d3798c4d0117c4fb8","first_seen":"2025-08-26T17:30:33.408647Z","last_seen":"2026-06-05T23:43:56.898346Z","times_seen":29,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/home","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/home HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9HGd%2BebG8RmmxRpZ8%2FcssRWNsj6ryqWMuP1D2JZrN3%2BhbLYEM6NhA3oSFjLWg5ceB6UeSERTHQrlELHe4J7iTIA4zfSXfHqbh3Lwt755\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fb7c3bc10b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/vip-icon.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/vip-icon.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d1e\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ec9Z6Ho1%2BhqJ1upQucvdIBZL9Ut5M74f22B%2BZENt4qI0%2FuKxsWf9MNEB%2FadVBgFszTcPeuaE8XhvKIxdbsgvlWXKAUTLFbK%2FgA%3D%3D\"}]}\r\ncf-ray: 9c73fb7cac10b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit colormap, non-interlaced","md5":"95c29573bc4958142f4bbff771f82895","sha1":"b03b76fe266d70f1bb068deb4abe211b7db56f31","sha256":"400154b273cf2dfba3d1f4da5199639507a0932b4fc67eab4c0bbe53a7307686","sha512":"2f7a3ec619b6dfa1d314d593c51d959c877e6f6f07999416e3429aa455af638d0949d794ebabd0810dd5ac5e49320dfcac3f7e5fbb24754a2b59e22731dbd759","ssdeep":"","tlshash":"20614b69f721fd24c1c946a09fb80d091e507c429bc9d79a7295b0174031bc8a814dee","first_seen":"2026-01-04T07:38:56.313899Z","last_seen":"2026-06-05T23:43:56.909597Z","times_seen":13,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userBoot-BzD3tkpn.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/userBoot-BzD3tkpn.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-1c12\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BKNqoz9vJTe%2F2O%2FHErTs%2BKhoJZ4hW35%2Br0a%2Fk7uf3S6JYQQt9GUb4dkdjERxU6%2B7GOh5ThwDwe4DeicwspUqpTEO2Y93fZ4AnQ%3D%3D\"}]}\r\ncf-ray: 9c73fb732ad4b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7186,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7185)","md5":"12b3de5bedc5d044cbf7560368f63d2a","sha1":"162705eacf8a88fca84088caa60a7de174a56d8e","sha256":"292bf74952b3710282a57b3f82421b100c587d5a2a6efc853ae0821da3617c7d","sha512":"90278bf1e15bf610333c03ca099ad4ab968cb0298e3cd344e785b5047ce2870c5e21cab4c9fb4321b1317c9da1a922c93cb1bdb076e1057b83683b8090f8f977","ssdeep":"96:JkydSwIx/+nVqSMSBavXwXYGv4FTW4z28rfcvu2k9k14TwlqIiqR/6/jdDqjMU4j:qOSe022y1krWG","tlshash":"ace142383d5e201eb5bfd102b4b152de0275b35ad341c6eeaa677a24cf971c628339d4","first_seen":"2025-12-31T19:20:07.071433Z","last_seen":"2026-06-05T23:43:56.922213Z","times_seen":17,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1285\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ck%2B9atVTBm1YaOLTJdJmNDOAaZtAX8kBy2dvB6bvoK2IyMMg2zlzGt%2Bfir1phzJJ7mKEnWJ3f%2FhM1Khw8MwSZ5aSwBfDX1%2Ffmg%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae6b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-37d36\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cfMMrMiePuk9tNoWPxApLr8uGFfsHNlxku0kdUTQ0uoReGIX6DVZy6u07BbopjGK8rmeNQmyEY2JCEFdIDWImdzS7StqAJ4ulw%3D%3D\"}]}\r\ncf-ray: 9c73fb736af4b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":228662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-5b\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pW%2FplkXv4Ss4%2BFGDFXdFuTtmiUhktSNaRTELRLmqMVIgmKXeE2rbqnXGe%2B1MR1Kasiufi0%2FDHWHU8sjABny%2BARr9hO5V13i3yA%3D%3D\"}]}\r\ncf-ray: 9c73fb778b4db51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-08T16:32:20.977667Z","times_seen":1555,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-b36\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HFGsxlLdrvJ4KCjS%2B6yTQNEpKq4qhYvwHPZkObi5yQnBypogitX2IZ2hBbM6bklVh4iDiUCTMGcAmKpYvMZsDuUuM%2FGxxZt68g%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb5bb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/favicon-DYZFR1kO.ico","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/favicon-DYZFR1kO.ico HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b6otq7fYA0Vb0Rt8gnJK5IeT%2FG75LwJ3qVRBYJaZbLl9tEiPvkSiCNFJJrVp0ioidDxaSJISkBcuYBbksdvkSoJf7pr4Qd9XUg%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"695642bd-1083e\"\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c73fb78fb8bb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67646,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"c1e95980fa943781f0eb7e84beceec34","sha1":"16b7f463692369ba1c2f87ca8b2a9c0b78b0b1a5","sha256":"388ee33538664826ebace6ad3583c68031fbb50a9b64d6a4cf3f1b83ad16edf9","sha512":"ab7f0b44e2b8319476526d8868da0cddf44cbe13d234da08db0380653cae1899796f1f6219bdadcc9894a0576f7b0af8db8b8e6007ede7ca136e36ab836ea278","ssdeep":"384:8bcUhWm+++vR9wORuO4AGoNVwKOqr7IwV:EcUhbTrObxDwKOqrswV","tlshash":"cd637aaea6119d3cfc450e7ca4618c0409aa5f8e381dd2fb64e03a09677b7d8c85fd76","first_seen":"2024-11-30T03:53:11.674099Z","last_seen":"2026-06-07T22:55:03.543584Z","times_seen":108,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":500,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/message.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/message.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-8da\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Rtyda15NpVNQPGw8GBjpRELlRIRS8V17rrGUqLwErVpifW1C%2FVPSedAF%2FxTajKBBdiHrVmYsmkZjyVdgrwhE20VlTm4zzGeaw%3D%3D\"}]}\r\ncf-ray: 9c73fb7c9c0eb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 82 x 94, 8-bit/color RGBA, non-interlaced","md5":"37012d79841b66014ba8cad9da7adf9e","sha1":"8036e4412ed7b3382f54b263b3ed31f4e73baa72","sha256":"a48ece7c63208f04720d485810e58d939080a65ef1d50323d269778e592074f4","sha512":"6eaad6c89f200a827070455898199d848d5cb59bfb0af6ed3047bfa01f8191fbf7d9260f8229a467e2dd20781b1bd083d75efc4998fb966b5993f28fac1e78b7","ssdeep":"","tlshash":"05414b23fab89c4b490fbee7d493e619d3a8db29041730aec21b0e45d8702c784fe250","first_seen":"2025-08-26T17:30:33.416951Z","last_seen":"2026-06-05T23:43:56.940978Z","times_seen":16,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-button-BpzWQUlV.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-button-BpzWQUlV.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-162d\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GczKv1yUkJjuNfKX2m9qUat7k3mZh1QApCUON3xdJc1779aymYiKhOWnq71VlL0lMnGRzAJPRQ%2Bx783LeztgpbUFeGQvWzMmQg%3D%3D\"}]}\r\ncf-ray: 9c73fb72dabeb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5677,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5676)","md5":"119264cd3c80acfe78ffad71134d788d","sha1":"8cda9c0b48b8d22eed34808e6cca43caa59c891e","sha256":"08e80d2433a59c8e2371d0268b7c42e849404c218150ea0eb043037743bb53f7","sha512":"f52bafe7171cc2ff034930bce798aeff2d138762d357c8142740fa28459931675db2df6a1ccc5c76f9b3df8bbeb511a547571fc102ac076c630e429b926ee69d","ssdeep":"48:jPwdIWejFN9UGzb7GDBpX9rU9E7hEVhRQeESmjxfkgshmhMv2k/IS5O1V:jPw6WejFN9UoiDDXtz8Lm1fLsQGvvg/","tlshash":"70c137e6f3cc48693a6bd29a43667b7d1c6e72c7c2040f26f4673a644f220d2357218a","first_seen":"2025-08-26T17:30:33.372003Z","last_seen":"2026-06-05T23:43:56.924247Z","times_seen":22,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-89f\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4tnNErrOuJoo%2BnOhR8I26aQPv31EMj9aSamlbgvPY2KygIB4sBWltedgu9HtC2K7QYc68sG1BUbFKQ7GBfY1dNXoUEOvPdW9iQ%3D%3D\"}]}\r\ncf-ray: 9c73fb735aefb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/home","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/home HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5fSNG5sutD%2B5jSfPi8ksogdNGNm%2BWDfJkgtAMCorGp8VNNmNv2eFcQ53Gv6ibS0%2FFeY7YntoQKu6sUEaAPIdNXE4UGxBBUOPilX1T6Et\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb7d5c7b0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":352687,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3d32b74f0967089e1484c27e97e5f37b","sha1":"a46ae77b9850783ac66e5182ccb0233c314df53e","sha256":"d042e1c250412b6d9855cc71c33a50b0283aad31144329e462cbf16564ee3298","sha512":"5ccc24774b83dfc2c1efe04a003522025e77f609a7b5d1805e9fca16fd62e63b13547a8490ed7a0ff7d81f239a5bca616bb757cdca08e77ea98cf4929157f127","ssdeep":"6144:KYMOlmtc3trZxMJZbqlLjORLjOjMCiw8rMNNOOb9FqlO515q5X:JtFBLjeLjsk","tlshash":"27842a3dd3eae3284de1318d65527f72dbac2123e7c9facf824ade4911c997441294b2","first_seen":"2026-02-01T19:51:50.414586Z","last_seen":"2026-02-01T19:51:50.414586Z","times_seen":1,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:22.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:22 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2%2Fdc%2FXGfz44vz9zRFdOQbQD%2BzqYW9v6p0PIU7ylsX7rrqKRNCZvOixWcWX%2BUcKOduUUBHNTOgrIlJvw7b6cAPvRi%2BTukl4TF8qFQYdwe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fbab8a7f0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-img-AdHTCu8Z.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-img-AdHTCu8Z.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-13f\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eQ%2FajYhL9ZhKHr0bD%2FE9KCIq7pS6FETeo4C%2B3BLR6NX8UkBp0Rhi2uivbisvcN%2Fb0yKLI32vE2kxo7b84lkJyPMGz9cLwNK85A%3D%3D\"}]}\r\ncf-ray: 9c73fb72bab6b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (318)","md5":"caad3ce25d72effb824a029ed4548224","sha1":"464bc035b1972a6b3c45a92cdb00b6627146d6df","sha256":"a68414fe0955a195cccc7130dfbaa6de5308a690fd5a9ae0cd02b57eb135be85","sha512":"ea3eddb3c854ecc7ad8270ac5b60f0ab72f275818311a0102cf88c3edd900aec87ad714bc5158732ec3665ce7355335c0c05ff458203f736a3b2016ee3b7b008","ssdeep":"","tlshash":"c3e026ba2368788008ebf10039f4ea484138a9b3eba3049fc5801390ca0f6017609aa9","first_seen":"2025-04-22T02:10:48.304952Z","last_seen":"2026-06-05T23:43:56.957428Z","times_seen":23,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-confirm-CVVpLVF0.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-confirm-CVVpLVF0.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-cd5\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2LrAm92QARwQQEdx%2FpxNRmREjEHDSzNkbGSawimmr%2FpoxChWgx7J9tRBe2%2BG582qJEJ91EKfy6EJ5sN6f57SgN%2FXilmui2%2BM5w%3D%3D\"}]}\r\ncf-ray: 9c73fb72cabab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3285,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3284)","md5":"4218a36f7a6fccc299ffb3577bca67ae","sha1":"dd996d34c9100398526782d5af26887184ae3c38","sha256":"ae5f566f4f2fbfb0d3ce7aa0a5941a934f9483719e107b1c184cb1ed77d63601","sha512":"4c1ec008efdc5e5ee2e280c8890bd89a315dac3fe55fd4ca2c9659314c789bf9b382c59f7a6795ee423078d5a6f0fa82aa14971493303526fc584762f18febc8","ssdeep":"","tlshash":"27618f20ae692c848277c661aec05e49d379eb877af6094f7a4c4c134e8711e15fefe4","first_seen":"2025-08-26T17:30:33.418855Z","last_seen":"2026-06-05T23:43:56.912692Z","times_seen":21,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-d69\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GzbLcJRuTGSEwsFgCT9vWztjxA6U%2FRYmKEEsLhH1QFynBB5npeIFHBa4OkVUujV2YRlDsLs5wqfkutbJzayf440j2U03HOnk9g%3D%3D\"}]}\r\ncf-ray: 9c73fb733adbb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:28.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:28 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S2LOVg9fW6OT0oziANSdtkDcNYPF3K7z4bNgtIQSqhaJC2JvmLgFMojiS431zgXJYYRZMDvpaOgk%2FDLR3BXyjHJE1lmOC0y0SGMHwBtl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fbd1195f0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-54\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OlIgNGBiW0j7CH8jMx8QPJpIfPKO93GBs9sdbQ4HzvMViOuqtYjNEhyvLgM4BlcLUd%2FYOqzkabPnmEmMfzG8MQx3QB7M%2FukPOg%3D%3D\"}]}\r\ncf-ray: 9c73fb733adab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lld6GjAGVz1%2BpDLnq3pjGGuK%2BmVZC%2BcDgwBt%2F4PargfnP3FuPKdoTiz9gsOSezRVqZkmJyhN6KqehLHmXvIcgCpoUxU3S%2Bw4X%2F3E99Ov\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb73db0056bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":571,"timings":{"blocked":21,"dns":36,"connect":1,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-3bd9\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7cQKy4Fiu0eZ9EAdQBUjuDfKc5LsLycIhIYawBt64Fa%2BGYXGVllQw1dw2i7fW0KS8sCZv23HVp%2BkjdXFUiRypnggSw0qwng3tQ%3D%3D\"}]}\r\ncf-ray: 9c73fb77eb64b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:26.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:26 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jFgQVQo9HBMBx7YGsmhChngzIPprhU56zgtPL4i5GY4DxRggxiFQMdY3wKUPhl%2BD1X2vzVkabgGC3TFGDZJqCQLiD7g4UBYd9HOG1YD6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fbc5ab2e0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/z-paging-Dz0lgrdA.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/z-paging-Dz0lgrdA.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-16b3\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pmZDegZYl0g6iHzKpJDYoA1lp3yrhA9EDv%2F%2Fe%2F8K5FPywqHbEXXtBypdjy57Pa0W3GZAgGzpgoYqxkydTKLfcIKmzMU7lfcrKw%3D%3D\"}]}\r\ncf-ray: 9c73fb72dabdb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5810)","md5":"174f196dbdd575437914dabeae885229","sha1":"a1dce8d47bfaf62e197c543e9aedb3664f3f6bca","sha256":"a95bc9745d619306f65889023d4289d026702e73d0bf9bc45e5af4c8e56f508d","sha512":"b045262974cd61251dcd03d860374946efc593315765061de3be9176ea5fc74a88de76e45dd8976f1ee4c957568824eb1a0f0867ca38cfd21bbb47c3bb58969c","ssdeep":"48:kRpuakdxeHDeCa3z4NhamadBaJlLaJ5GaMoSa+J8vasCayagKarUEqFN3YA6J1jS:cYxeHCaJpxIFHHoYs2Fk3keCk4","tlshash":"3ac1232d716db0395577db6e60f49a6c5060e22bd72bea8c6343231bcdc76e539242cc","first_seen":"2025-08-26T17:30:33.429333Z","last_seen":"2026-06-05T23:43:56.939575Z","times_seen":22,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userContract-bOONBziD.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/userContract-bOONBziD.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-1fda\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wBU1rsZ836fxw0z07xqhZXjbWB8zSu7skXOn6O2YEQN9JC0ugESVa6IpBa4V2XoSzXi5H3lEfR7NgwlCxHiG6ZfOGaKe%2FF1g3Q%3D%3D\"}]}\r\ncf-ray: 9c73fb732ad1b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8153)","md5":"83b83bb797c6007d7f03d48704a72001","sha1":"abc064e41cd4a625c49efc0dffed7848950a976b","sha256":"ca6966fe263d225f57a6a5c2cd8cc06958e3af709b5c287f24e0c0decd3027c8","sha512":"174f97c0a0baee5f6c03a2aab44b0d5799daf8b8b8fe9d77737f987e5395d6a42a721bda78551fc0fffa4b2d1f486ae887f8285d9bba9ec716db6a4638ac4dfb","ssdeep":"96:wfPCD9/4DoLBp34pMMJJqOum8NvupjI/nWpu5Hf7fApa+e1F:CNsD4pMoqJm8NGpjcnWpu5/74paV1F","tlshash":"7af19559bd0d1419e2fbd20a64f05bcd0624f76bf30389dc6253192acd9769b2a12fca","first_seen":"2025-12-31T19:20:07.049418Z","last_seen":"2026-06-05T23:43:56.935451Z","times_seen":17,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-586e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9sbpByAJBnHjX%2FtjP4IALkRiCHhLPO1Hz5pB5oQgg9m6tMxt0oSWCacNLboUHXyZJvObGC5aaGwsPazGW%2F9YXnxn5Ty%2FvGOgEw%3D%3D\"}]}\r\ncf-ray: 9c73fb734addb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-9e2\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kl8tXoLfZ%2FZk8VV9G2jOOlV9kJP7tv%2BySbjwX6d0vOfruEzWQhg5BZW%2FyhNj2lCLkBejYsRuGMKJxl7xiAmX3MaimwYWItOEbg%3D%3D\"}]}\r\ncf-ray: 9c73fb735af0b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-37f7\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=893%2FcwLhZaliBqeDCZpTIb2qr0q9y5dCnVjXu86fOa6%2FYlLlgpUAXZffZ2AzRphqgGWhk%2FZcpKdjbUeG%2FUgSVzZtLgN%2F2pdDHQ%3D%3D\"}]}\r\ncf-ray: 9c73fb77bb54b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-money.Df21XDR-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-bc9\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hEzJs%2BVjIHhLHZFivSdeC1Y87PBa0G9WQ3OtiVcaWNHSxllt0HDO6vKPQ7J%2FxddTPo1YXHE%2FrSQg3idMvHNLCxZjLXKbZXpq%2Fg%3D%3D\"}]}\r\ncf-ray: 9c73fb735aeeb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":487,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/index-DcZrAb-o.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-75f0\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2yuCDF%2BRorvorWAYDUlWSGqgVvEY0DRcz3SjnPn6%2BfhVbwWWdJsMxA2%2FULBUo6SBMGEDLFbIsBEPNufFgAth4wqHI9Dhh6PSeQ%3D%3D\"}]}\r\ncf-ray: 9c73fb775b41b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index.DuhDaPHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-65e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qn5mZRoUnbUCaspWtt34K75i1NiC2uGVswsmx0kRsDcGpKR8xYghMV768Eu2wpY44cUJsGoZVBp5ZyjeTeMQL%2FnZe%2F5pREt1yA%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae7b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1539)","md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:30.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:30 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EWtMu55dEJ0XAFaxFIyWCvb5CZ8CJOeUkc0z2bdyzFPtXV2ay%2B8d3M6cEt200YRQtVP4%2Fusg4vzTYc%2B0OJWTtX1zMSHtw3JImmbPWV%2Fm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fbdea9200b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup-bottom-BiGtqM4n.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup-bottom-BiGtqM4n.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-276\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mggDxg7akk6b6m9O%2FkxyqSePmFU4K8eAaQSH4DYWsYmc8dRnm14FvsJLQBFALLKSBtGyHieVNON37sr%2F4hGYUFKzH3zGJ6yIGw%3D%3D\"}]}\r\ncf-ray: 9c73fb730ac7b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629)","md5":"795a7b7857567358cc4f8e630fd824dd","sha1":"687095a0389bcc5580d15fb0ec22ceb131705f84","sha256":"81d2b6e508e695666536446d38bcee719890675c8f4483a5ecfea69dd117b84b","sha512":"4369ca94ce84ebe80b2e9affe1519e7e1de2f166f24f4bc6803a666eec3af351341f0293e777fa0593fbe95a27021e28e38ab0214c92ed2ebfc13711f81730af","ssdeep":"","tlshash":"25f0282879823050687fc75af990ee44423da689fef609de22d516854f0bdca78065d8","first_seen":"2025-08-26T17:30:33.378514Z","last_seen":"2026-06-05T23:43:56.890756Z","times_seen":22,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-4aa\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3BujzFDWnyWyc9itzeXe3CONoOuvMID7YnJ7kI%2FCq9DKXOs0J7DoZWBnys7Bgc6%2FnJsTUYn%2FGcKkZpOMuEeXWr%2FlOpIUHyq5A%3D%3D\"}]}\r\ncf-ray: 9c73fb77eb68b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:20.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:20 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yfHQGKj1dZNSkWp88zSrO5vI%2FnP08I1%2BaMqv7xKHTQzH8uO4ytFC3kgnN3o2UOoAdBRPELcDqYQbQudwwNODrekH8zV80lOaJe3WPREH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fba01b920b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fel7mtg3UlWIhHwml8DvCmNdw%2BIKU%2Bvd6JT6aa1ZRbaPgYpF6cGpMp8CT%2Fw6BjsRweBaB8BlSf96NCYKk2%2FYsL%2BzrWznWOBKD%2BVFYmRU\"}]}\r\ncf-ray: 9c73fb771ea956bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":152608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (51193), with no line terminators","md5":"3a9d37424e5c11b438cc471eb66acfb2","sha1":"5997259b613feff57be16cf8c5e174a781f4b52d","sha256":"f9488d237a8cdc340ce5fb87c298b7a43ce157e7224e95121249ac999e86eb9e","sha512":"25fd8bd7cc1af7439bb4be71a11c0d214b26622146e3881e17e16c416d6b256deedecf8f8f3275a8f8795c80f6f87dd4a1564cc404e8896554ec81023d1fa0d6","ssdeep":"3072:g7PC6Hy1ZEAIEPaL5Wfdg94Is59JYGhqo:J6HAIEPk5WfPIsDhqo","tlshash":"8cf3d7add6d6031288d331ccd2c2b7bbd17878127749edefa052dbe901ca505997a0eb","first_seen":"2026-01-07T08:29:50.94448Z","last_seen":"2026-02-01T19:51:50.460759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/language/en.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/language/en.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3540\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121839\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qJdE7mHjCZB0KsmOFgLVSKupTGli1ekLn0nQKsO9L7s07XT%2BUu4LdqXQdIi%2FPp9z0Oaqp7TSrWgFKhJtgx4s34K32dlDQ1abqQ%3D%3D\"}]}\r\ncf-ray: 9c73fb7cac12b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13632,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced","md5":"006b7e7d7fde776f342748895f1ed3a4","sha1":"fd0c89c849c4c7a2ecd7ba60f77eaa1ed4386af6","sha256":"c669e7dc48949e9cd63b4d1e70edb8c1798231dd2479056c216a3db7231e9d32","sha512":"60bd0897054b66bcbfaa3fbddf19145c1f63bd868ffed331a40e37b169f1957a5138c6ec84d993eeb3c6fb5eaff30411578281c32341ded04fbf28a4383d1f69","ssdeep":"384:N6oGLPs9AQOZvDRfdpARWKyzlykMASiium50oXx5w5fFmVD:BGMOJZZKyzlaASZumWos5M","tlshash":"8c52d0dd6f184a63fbce03e7a959d98a303de3de19413efac4804618151c3966be3346","first_seen":"2025-08-26T17:30:33.397237Z","last_seen":"2026-06-05T23:43:56.93477Z","times_seen":16,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 46\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":46,"data":"{\"page\":1,\"product_category_id\":1,\"is_hot\":\"\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QUBUwiZnIOsiW%2Bjgw4WKce4J1C5CDkrCRd2WUzwsDvdbZmW4UxByhygecOA63UfsRzkeJFi4G4XK29iPhuB0slfpbZDpR%2F9Aclx0cfru\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb7d2c4d0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":392,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:24.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HPu0CKi0qhsNaSswP%2FNoditx5R24kPml116KMG59ETaUFaCh5s5ELt2UGjTRzQCji8lQM0pQEVICw06vvTRmggFujDwv3eMOuNMUjHaV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fbb92b710b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:30.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:30 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nkEwEXQeWvCNxalBkHSj9UjhGtMYa5GEKShAxdrICo0ehOLvEDwgeG%2BlDYej6O%2F%2BZnNxzz%2FQqWEn9wBwuoDFIILbwRjpIR14sa2p0fhQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fbdd98850b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/iconfont-BQrkpu4W.woff2?t=1668947853265","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/iconfont-BQrkpu4W.woff2?t=1668947853265 HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/index-C2R1XfRB.css\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: font/woff2\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: \"695642bd-2eb0\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4n3vDOBfc2JCAT06skhUIJbO%2FqGhPiDTHtoJp1MRm4OmKOBcx%2B1gitDCE%2BdOyGqVotcxLajz5b1212WCSFoGfPS2DHgo2FT0zw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb7a7bcab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11952,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11952, version 1.0","md5":"9ccc2f107ff8412def4cb549ab006ec2","sha1":"17c86325a22b37017136c6ca36c1d36164a17bc0","sha256":"85e60cc2bbd7a6a41285f6e28e96a2d9cafdcd3edbb024b91a1d4a27db9e8ad7","sha512":"f0d06e94316fba28fd215279f3d48123a85a0e257f20468561a39a687b6e6769795ceed3bc5164dec86100a1305e92caf48bc7e136b372f6f82529971ffb11db","ssdeep":"192:n/31M8Q+z+R+gKmjHD+xIe2pEP7Yil9PEo/DtFmoNu4XMyn48KxKvPnQy8Fdmv9D:bQ+zc+gKmj4kilRDtFmy/Myn4MPQve9D","tlshash":"a432c09c5b485c895cac4da00b91a9b4c58e37c072157aaf8c4b56e06f8ab323383d5e","first_seen":"2025-08-26T17:30:33.435551Z","last_seen":"2026-06-05T23:43:56.903271Z","times_seen":18,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:18.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:18 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eex7UKBmW%2Bo2XZl1oXxr%2B9N1gP%2B9ynaahJ9pnCmXXGQl%2B0vF0dV3Enbj4bRiCu5AnLYM0ogI6HRvMB8D%2BgXarhsF5AmIt9TpVWIACQNq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fb927ace0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-checkbox-7UAD-_pA.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-checkbox-7UAD-_pA.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-342\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bTeJ%2BHINutKnTosjkxR%2BUdF82eeeUlsriIe8sKecDyghS%2FNh%2Bzi71Jz5bo3hKSvJV0gVrQYfxp6FLBA443rLX6QPGklBDvjAuQ%3D%3D\"}]}\r\ncf-ray: 9c73fb731aceb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (833)","md5":"1d133a333267da931a20d39afae27197","sha1":"9c1ef3abf336ec77b39598b7bca0158d9c1371d7","sha256":"3f115aead4f822dc2e19473faedf8f874eeeab803c7a8b278af6e5a394547196","sha512":"998e29f964a04a62bbefd183c08b6bdc2fcbe0ae92b362679ca01e5f70fa510ba732f25fa5bf8561dcbbb86dca3e1099b5dacb817b2e5f7a3eae44f43da2c4e6","ssdeep":"","tlshash":"fc01cc33fa882518a233c7013391decd563a8381d766061ab39069144ccf78e2ea7649","first_seen":"2025-08-26T17:30:33.400114Z","last_seen":"2026-06-05T23:43:56.921574Z","times_seen":22,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/transfer-BRg7NsZa.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/transfer-BRg7NsZa.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-568\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DnchksB%2B%2FRAriPMjpIonzCsRn0Gp555P6c3chL7LDssmZ7Ies5w9z767uzkYfqaM1mUuR4imWAHhL6TqgZSFYvBeDaFNoVhdTQ%3D%3D\"}]}\r\ncf-ray: 9c73fb732ad3b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1384,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1383)","md5":"8732b3e9351dbf0b861b02335c964d20","sha1":"6cad70740f42e02a06acdd1d47acc4397644e789","sha256":"d0fcdcfeb22f78ed82a487b1713e7102184a57059d7a278b811ba1a2a3970a8c","sha512":"ac3ad5cd570bf9a4c872df2c1f6f9ce2eafaf9cb843cadd1397e8eadadbd2d7aa77d147cae133564c8a5d68fcd8ac935340df1571fdd45966ab8da23915a8010","ssdeep":"","tlshash":"0c21475df54c2d6664b7db0a18f287cd9922b6b6c801565dbc6b3b10ccab3c3241678e","first_seen":"2025-12-31T19:20:07.098297Z","last_seen":"2026-06-05T23:43:56.951965Z","times_seen":17,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1a52a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l51%2FE5JqpR95wPfc8VcKZc9PzhxY0RHurM7%2FebU%2BGlTsXhXKK0OwnFR2%2FnkMn7u76%2FID%2Fji8f24Esb9T5squnC6ELvpndcdpOA%3D%3D\"}]}\r\ncf-ray: 9c73fb77ab53b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107818,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (64022), with no line terminators","md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-876\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vCRHrBhrozlxnAfiuZSoFXv8fKmUfo454LtwCl3r%2FGTpk7gwKrGVz2G25BZvrleZlsgsizndLceebb3d%2BeTY6TesVKOD%2B5msjQ%3D%3D\"}]}\r\ncf-ray: 9c73fb734ae0b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/home-active.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/home-active.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-365\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2FJrdiiKl0vZ%2FwUAp%2BELdd7dKWF0yu%2B64a5I9sdV2F2sHGrj32jPfaLrGl4IIpoWMXj5EX5KDyNTUvb7qxFjll%2FcuXD%2BUQJNXg%3D%3D\"}]}\r\ncf-ray: 9c73fb7adbcfb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"c6d27404fef95ef239c3280ba0a3fc62","sha1":"6a7e607fa16ac9569e551cb1568c9c96ecbbc6a0","sha256":"ff505dd65e1a13cd126bffa304da50f172050cdf9a4441e19ecf426784c9288a","sha512":"a6af8db057397cf5827f0a83f2e8d3fa7ac1efd4302dbbf4ff086e81000e3079a5149cdbd70e4fecb63ce1e27054130f77acb5a193c78a33452f508fa6672552","ssdeep":"","tlshash":"b3116385af35b672440a70efb6b17439c221100de1d012a74ab90961a9428aab086e5c","first_seen":"2025-08-26T17:30:33.35948Z","last_seen":"2026-06-05T23:43:56.965799Z","times_seen":18,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/qa.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/qa.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6de\"\r\nexpires: Fri, 27 Feb 2026 09:58:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381179\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m1wY9XUXjRXQljTXybSbNcernjvpvz8PAIy0a8NgMvqRu94L1gqxQuB9ASfWFt5kVoNTe3rP%2BBJCzU%2F6WcCAqvDE4Q4%2B%2Flakqw%3D%3D\"}]}\r\ncf-ray: 9c73fb7c9c0db51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced","md5":"4a7c2a4168178e7cee64ec6c3f50fc2f","sha1":"dd475369b3668262539099d6c50ca028c848d0a2","sha256":"2cec8d95ad061d4d1766de686f5aa726087094befa91b90391275dec59d7bf09","sha512":"cc73b8c639c9278e99cbadd03e0c02a2d358d4c6e3e32caec7ef46c75dc2e1bf49bc89d261128be8b10cfd60d1435c3b0006b9f8061b1bf1ba5929b87e01eb85","ssdeep":"","tlshash":"cd310b810b70289dec1f4d3fa01d87648da58f9c35167d280486d04bf59cf8d77a4a60","first_seen":"2025-08-26T17:30:33.426988Z","last_seen":"2026-06-05T23:43:56.926243Z","times_seen":16,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-money-DEKo3EMj.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-money-DEKo3EMj.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1fb\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=53lNO77pxxg%2ByuvDy%2Bnuffp7ehjZyrtDtut%2Fhcu3hcMYYzM%2FJKEyi%2F3KerNkHwFpaqz59ex6DwlYQ9R7%2BdFo%2BFwgPCRUhkwg6w%3D%3D\"}]}\r\ncf-ray: 9c73fb730acbb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (506)","md5":"1ec6a4f0444037a6b44b2a56d62f8120","sha1":"affa6da1860222fe4c4dbc1835b3311775cdafdf","sha256":"c054f4bb46d90822b76fad8d952402cae3ac9c39abb03bef2091f6b0a76570bb","sha512":"2ac2092c0bb97e180253f6e958287c951ea46f464a60071737ac5fa634824d6182478ed13d74ed52686ea05b4569e71e76f3c5af7cb97224c1d9fa50849401f8","ssdeep":"","tlshash":"f6f09ee07bb41f00db3f6d18296727a2d6323e836de143b48351a3a44e5b179150e988","first_seen":"2025-08-26T17:30:33.438038Z","last_seen":"2026-06-05T23:43:56.940303Z","times_seen":22,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1640\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=65qk7vYAKUlZzn1zNiw%2BIon5TrP2TH2qL5UWTIc7csSp1rodfoOHium3GbrSAsOIe%2BCb4j9TTgwWQsQOfk%2FCbWDQT%2FS8XHmbvg%3D%3D\"}]}\r\ncf-ray: 9c73fb736af5b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1640\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yRAL7uXGrKyDJlpxWNu5sWc2IxUA8%2B5Lk3c946iZ6jYuiSdx0NM1xWbCPt2JHsNSgG99VDbXWWLEAGLroUr9dQoShcqpm30KrA%3D%3D\"}]}\r\ncf-ray: 9c73fb77db63b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/transfer-icon.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/transfer-icon.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-167e\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5VkkzoUzbuzl4eyIDxEgqnwDelnmOTEkbmKX%2F8KF4ahd98uPd9mJtqmIbYdk690O3EGL1zoiZMP8ANIlc9D3rmYwz2PpPHYWaA%3D%3D\"}]}\r\ncf-ray: 9c73fb7adbceb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"79a4540df34c1810b2c287d1eebbc341","sha1":"d7a1de42bddf1b55de67878fc4a65695b1ed035d","sha256":"c00ce1823f739b5844eb607d6e6d8cfda06177227a431136e615fd754ac2b7cd","sha512":"e0707a4643e725529e23ed6fa351cb7234554c5fadc2b701892df2352669c51bd921463183a5dd7f9d52eeeb36b31b906a54a8970a4c916ea37e19481fee152a","ssdeep":"96:7a1FgEpzZ/BtKQe3FO9HMZGx2GNXyI8ghHoR+vJIn9yOzgIP8Jj2:+FpjB1e3FM2G9yb+v6yWgq8Jj2","tlshash":"57c18ff9b10c7155fd5d4c38085502fa9a608ae2430f4715b6accdfa1667d03aac68bf","first_seen":"2026-01-04T07:38:56.390166Z","last_seen":"2026-06-05T23:43:56.955998Z","times_seen":13,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/transfer.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/transfer.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9ed\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121839\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XgxmC%2FcgD3H%2FNt4MWoFqcGAaG9Etk27ptXksf1eS2UzUlvZbHG%2F4wrbhxELtZ2ntgBomemTq1%2BVEq7t3HD3VOpv2F0LZQf3tFg%3D%3D\"}]}\r\ncf-ray: 9c73fb7c9c0fb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced","md5":"2351a17787b8fe12c8c46607290131aa","sha1":"3c3750c93598dc5ac06e061d60e4442f73ba9053","sha256":"e454f01d73229cd93c51a814c99acea6742329f10bfebd19be15940b749128be","sha512":"94dbd0d6a747edf27221cf5c30118add873b10cd047dcd85eb7f0c120077b1894e0ef06ca4bce57c484c741a7c60d500adca491a602f4749bd37040ab96738e3","ssdeep":"","tlshash":"3251091afb0c56c0e00abd9f96320504ea4e73f05d930a0d7c509bd48e334d67786bab","first_seen":"2025-08-26T17:30:33.432881Z","last_seen":"2026-06-05T23:43:56.919504Z","times_seen":16,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index-C2R1XfRB.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:11.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/index-C2R1XfRB.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:12 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-79c7\"\r\nexpires: Mon, 02 Feb 2026 07:51:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pgW%2FZrUDuTHxLZJ7PRpaTj04rkJiASd9MK5pMM4Nhe0Jd%2Fq1FgHxWO22p2grgomdFPvYn77msbSBEsF8lHUIla7rQIjvSHonLQ%3D%3D\"}]}\r\ncf-ray: 9c73fb69ea09b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31175,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (30952)","md5":"259cc08337c0694eb404585e47345440","sha1":"c3e69efe0a8ceb672d1297aef279f57533c804b0","sha256":"02814ef5acf6429c9d0c5fef7027777beb7aac3066c3bbf10c7e6863077b05a2","sha512":"1275695882a05a06f9bce5cecbc2475eae8e5e123cc2cc78e603ce6083de3724b802520c7316e81f1486fd8b3fa8b738b2b66894df156c93f9a19940a8939a95","ssdeep":"384:qeDzFzaU5couyYDdnsf0VSxa15tVjaXeCcrQUf2GWthmohI:dDpOHFVdS+SE7wfcr3f2RDI","tlshash":"80e2c5bf598d14c873abca43e75077ec2d25f52ac362489ef067294ccdc72a31a5266c","first_seen":"2026-02-01T19:51:50.474786Z","last_seen":"2026-02-01T19:51:50.474786Z","times_seen":1,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/ProjectItem--WQEwVja.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/ProjectItem--WQEwVja.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-548\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4h9UZW69mqKDDB28JO1UFG1OpBW7roR2bK85dTQW%2FSfjQ0N0Y9Lv5GLdEbpoVFa7HKDSTnL9aKE%2BHpKx68jsZs1qevoNYfvuZw%3D%3D\"}]}\r\ncf-ray: 9c73fb72fac4b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1351)","md5":"30c73a40912b2d57d2bcf3a9eaadefad","sha1":"d3313e7a5377930b330338beb0648d139c26c7db","sha256":"6de8272c94e2df8961626816b63c5b4b55e5b190670faf3826bdc18798feef9b","sha512":"a8436f768e1d29d40ec7b43a04f77026c58e6653bcccaffdb5bfb23f7baa4379466cd7dbd502c4d6c51853f8dde2fc7d9dbba70d405d55ffe47325081ca9d77a","ssdeep":"","tlshash":"a121cb21bb4c60087037c90912c98a8d1279b247a11a0afd9a7e3099df476b3303a3c9","first_seen":"2025-08-26T17:30:33.405062Z","last_seen":"2026-06-05T23:43:56.93881Z","times_seen":22,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userIndex-yvkidZCu.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/userIndex-yvkidZCu.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-1ce0\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NEhSHjEAWsauOl1ABO9vW1p6IBDWGuu4yodeiflD3Sb14GBP6mCBjRn3WL%2FXDyy9IRLJvJFsCc89NbPaCXsD3%2FMt5eNw42%2BpeA%3D%3D\"}]}\r\ncf-ray: 9c73fb730acab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7391)","md5":"be34723763a118d67d255cd364b2f45e","sha1":"9fd33f03dc8dc12add2f57b33b979ffaf4712ab0","sha256":"f9cd2efd4a2892c48cbb0d5ca111aaf3a7cfd568df9062e2aae6dfa74739fe66","sha512":"4f5420319587696d050708df9ef45d7d26a3c7659ea46307d603ff69eef6c7d3f9da0d7fec769020ba7cb35cc217bfe02ca5c089ca676cbb33f420dbd2ee1ffa","ssdeep":"96:I3+puM7NbHnDu09iTZUQXaQEInlQAr+RWoKb:IUBHTWTt","tlshash":"f3e1d834778d3a04aa3bce6884f0774ea110e38be9479a8c648375768cd70d33a795f8","first_seen":"2025-12-31T19:20:07.101137Z","last_seen":"2026-06-05T23:43:56.89998Z","times_seen":17,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-5b\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g%2BlQ5QnWxFCvhBIUGCsoHSXkNvme3ksXhWuoUd36iP1i1bzhOhKifDsxx7Ap703b4tmOpaSKEGRRLKIRVV5LQ5RtfI%2B6TG3PUQ%3D%3D\"}]}\r\ncf-ray: 9c73fb733ad9b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-08T16:32:20.977667Z","times_seen":1555,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-49a8\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oPbawyVvTh9cOw1Vrjxsnz5YhDFYDRJS08jtJgLizo42msERJPDI5qJfPIR9PgGeYwee%2FB7QT%2BoILgOLaBx0E78jcGddFuzv0g%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae4b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-69be\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bQR%2FqjrVueaZ3DN1byX8o9XlbAcYbG6vyVP%2BDhjwBY4nlYwriak%2FdFsI9D2JeRR9zXzblg6GeKVm8VeNkqKfeuYKMwVBHNjgUw%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae8b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27070,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27039)","md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"resource_available":true,"data":null}},"time_used":513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-input.uefNOExw.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1642\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oVI1HFT%2BFhntAr6%2Bdpfp5HyOZI1DM8eW%2BYkJ53an90mo2l1k6XOAJ2Mrp%2Fs1EknVxp36UYc5MTNq6gBOCi32Aja%2F8rIyQ0Qr%2Bg%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb5ab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-75f0\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fdb%2FIxBWE0EFdwS90MewmU3xOV5WCDoBsRkDnCQVnd4L8%2BKR21vNzClLaOcsczERFW4WwoRHRB%2FaOWfRMNkwdIUeEvgApHppTg%3D%3D\"}]}\r\ncf-ray: 9c73fb733ad8b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-37f7\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UkWscgliEK42claghb0vUncVDSJZp9fjro9CT80gpqYp7AGCu1eQROdnTiCORsfBb%2BomBgHH62XNwbwdK3JqkmzCzOkkcv21iA%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae5b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-49a8\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BMf%2BJWcboIVXiAeXXYdByWzKlTCA4jEJleEYPkFnabnlf0s3zzC%2BIJxYTRU0DrmqlAHWL9pE11oxjYrK3pM47V%2Bz1RG9O4u46Q%3D%3D\"}]}\r\ncf-ray: 9c73fb77bb55b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gvn923NWUSeK8HyVNUPBJluZTCeD6Jeo6gLNEPAw8RLoM%2BM3Qp4v9z3p0%2BwTDMGTzl1hHbVS1afUPb%2BRXBvUttd0RSgwKtZVJEfYt28u\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb7c1c8d56bf-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:24.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:24 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0AIOqrq%2FYjlXntXpswza8%2FG53oHE5g04eyraw%2B2zcGqAiSXz7NwkmdGU1%2B5BCm6IHfyKpVYd7FEX8Cs1JuJEIKzAiWZxWXDW12Oi2lAk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fbb80ac50b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:28.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:28 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDiu6shtULUWdh6uHCgwBpI7JqyMq0fuKw5syK8y3Gy4%2BZKo8WGVa851Mm4Nj1zbE5fG8O%2BjauW4pC8OZv36Uh6A5ljK0ROl%2FuOrPA8I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fbd229fe0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-999\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9y%2FlCPFU9klpUtQk9WTylR%2B3rP2LqRT7mt9PMLnrZWSvD4eooa9CKz6PtfUMpHYbPt8cqM5CiwUGzAdC5d4ttWrd6seA760ipA%3D%3D\"}]}\r\ncf-ray: 9c73fb736af1b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1a52a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PVe6dlArPmBwrc1g92pC7076bysyhANkwstpduw4gtpekIUKGlLSQJdpWDIToPkq5x4o5tG9sZWSBZ%2FNzplrAuTzjgegZx1Vow%3D%3D\"}]}\r\ncf-ray: 9c73fb734ae1b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107818,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (64022), with no line terminators","md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-stat-DueXHMM-.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-stat-DueXHMM-.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-385\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WDRbIH7FQGZqgHNvnqf3fvlCowJ1tOzfGlvTJ%2BQD1WF7ouMpLkGOlSDzSWKEHds5grswUEE91zlDjce%2BxuTB8tuS4XR4SwVWJg%3D%3D\"}]}\r\ncf-ray: 9c73fb730accb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":901,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (900)","md5":"64b30841961e87a65747d84305f9aaad","sha1":"51d82963ba5f45331d3b5f72c4179286e5e7a547","sha256":"530e0ce2b3c9c76d652a1900d5aa26c3f33ce153582006f8fabccdc61da9f7d7","sha512":"a7a32cb7493e2a50b887a5d266318c22cc42db510d9c7f2e2fb66ecb976ec0582fbaced07fac83d1a86abeeebe8a92902a4a14586e48cd48d516331600a7c8c2","ssdeep":"","tlshash":"8611593a36c4fe54fab7d96029613b8f0110e6748963518d86a3e5bec5f71021e983ed","first_seen":"2025-08-26T17:30:33.403051Z","last_seen":"2026-06-05T23:43:56.964335Z","times_seen":21,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/notice.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:15.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/notice.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:15 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-113a\"\r\nexpires: Fri, 27 Feb 2026 09:58:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381180\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v4OSM47YHk6fOfwerxf8aoq0M8dAf9K9M3bFGs8wrL1GQova2wdwhL6jnIgc%2FNzu0ipv57u088tOLoHOmyURJ1kRyE1TWdSnPA%3D%3D\"}]}\r\ncf-ray: 9c73fb822c6bb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4410,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 52, 8-bit/color RGBA, non-interlaced","md5":"e6e538dbdcd0b78c187113d176c766a0","sha1":"64fa3eb7b441d398729f1ff6c2ae00f8d013745c","sha256":"2692a3e296fd0b79b395702deae839c908b45c1209c8791c75ffc6901e809bb1","sha512":"865d6c9cb1b4effe1caba57abd8cec15b8b0c564bd3465574773335ba4567c171c09d2369ec0e0bd4f7d4d6a6a5d4efacec0740cbd47055c8f9d2c2df5eb3674","ssdeep":"96:b3QfbyWoYuM7n+wv5fzwwjoulxn2/SkajtyZ5iXiw:b3UyWoU+cxfcuvOSkajAZ5ix","tlshash":"5391ae71c3d484685c7ae27d1937556b61b60378ff8e3c0a88a39e08c843b8824d549f","first_seen":"2025-08-26T17:30:33.367064Z","last_seen":"2026-06-05T23:43:56.903947Z","times_seen":16,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-stat._gfGVicY.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-b39\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2pW1s5fR45phgDJGgFug2lUbShu%2FC4gSB7xKWdIpaw47nLX30onElkvwXFBjL4ZVVehoT%2Fbtg76DEfFkz5fee4n6FotQFGFi9w%3D%3D\"}]}\r\ncf-ray: 9c73fb735aedb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1285\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D4D1blgxqoegUOtVHFjgjHFIvufkvZBgqbjq6JAVswhQAsHoI79sZRypBlyQDCYJ2BbDKzGHUr03LA0v%2Frh%2BgwKe6SMNk29AwQ%3D%3D\"}]}\r\ncf-ray: 9c73fb77ab52b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/mine.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/mine.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-510\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CVAeEdmDXMNJVfW5Pa6G2X0YU0V0IfH%2BntKJ0%2B%2B4GoM%2BnDwLOOATawXibJ54fM8RSkiZF%2BuJ6t3M%2BSBX24HopcEhFO%2FW5z7DOA%3D%3D\"}]}\r\ncf-ray: 9c73fb7adbd2b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"dace18712982fa15d863e5f23e80d72f","sha1":"f2f3980d479b44fa5bf3301a27a5c2620a1e7129","sha256":"dc574a5baae2bd1a496a09ba25877a936abeaef569db6612f772f507c7dd025e","sha512":"32b25f6e54e4b478ed228af3af83be9eb7c9ee436ceffc9a72f9143c0b8b4af0b693660554faf0ffc4b0707b52b13fc41c5d604885450241d30530822c381abe","ssdeep":"","tlshash":"2e21c8c7f65574f2535c4c2f336909429d2313de9b2954738cd166a4ac487285985b47","first_seen":"2025-08-26T17:30:33.374175Z","last_seen":"2026-06-05T23:43:56.915691Z","times_seen":18,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/withdrawal.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/withdrawal.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-e3b\"\r\nexpires: Fri, 27 Feb 2026 09:58:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381179\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IPfBm8D6L1fK%2FjHZxsSrRGgWikmEN6Hnrc8waVR5f8IKpdHyz6B0%2Beg14XOnvAojJMOoHlqA42Jo6QfMIgDpzrhjfnaFPd0t3w%3D%3D\"}]}\r\ncf-ray: 9c73fb7cac11b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3643,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"81650cf5a60e4d3b7b11bd67e8b654f2","sha1":"2064205c7f1f25b6c6946a6332d62a2bbda4f6fd","sha256":"f77eaf76a0bea7a25280a55558e85f24f5f449522d90b4b8d2dc57104d2ed7b7","sha512":"fb037a6fc4289ac03fb40587a062d1f60ea4a01239bb5b1d2e31fc449c7564bfbeae58dd5496745f80d57fd211cdd5630cac851caec4a858013e18f884be3a8e","ssdeep":"","tlshash":"f4718de7c36864a0cc40aa00052b19a337b6d78b1d567081fa4d4a53bfb8933c0f1bb3","first_seen":"2025-08-26T17:30:33.432Z","last_seen":"2026-06-05T23:43:56.906621Z","times_seen":16,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-129a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z7xyzsujmi%2BkXZLOYhGjmp6tbYq0szKjmGdE73mTUp3wtDxWpMv2hRXC1EWBee7VlIkN3zFaGAlfWiKkpIDeiTWsgpJXtAHmJA%3D%3D\"}]}\r\ncf-ray: 9c73fb734adeb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-69be\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=teCXRbPRj6rPKayxbWEokDOq3Yn1qszxl%2FH9dMiuZakpk%2BnUPjbmECy36dfc39s83UhC%2F5jCujMaZ0Z019bLB1LemKNk0oKgtA%3D%3D\"}]}\r\ncf-ray: 9c73fb77eb67b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27070,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27039)","md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/investment.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/investment.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-739\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BExN7aF0737h1%2FpFxEoSMMCNgCHox5v%2F4bsgHOLZ2msNZls8jPBVdtoTky37zT%2FsSdbPnoAUAF0SLLYygv3hw0m%2BiYKFO9t6FA%3D%3D\"}]}\r\ncf-ray: 9c73fb7adbd0b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"9490e4bc3ebc85b5e2dc4708e2f56808","sha1":"9abebe68c6df85bdaed853aaa347cde80763330c","sha256":"e2302dd0233206ccdca07f8bafd9afbba39037d12f19d9f18c88bc50c331ba46","sha512":"b8b5742ffdab2e82f571854147a613b5ceab68ce68dd5f753af23095e70ef1abec6ac642942c79d18edfddd2bf2d4d95e0539c4c2e8414e608c924f858c53443","ssdeep":"","tlshash":"7a31f979cd34a184d8f581b7dadb7dd488a84a832a4ab696c18957bd6ef000430f23cc","first_seen":"2025-08-26T17:30:33.417883Z","last_seen":"2026-06-05T23:43:56.960559Z","times_seen":18,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/sign-icon.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/sign-icon.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1e36c\"\r\nexpires: Fri, 27 Feb 2026 09:58:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381179\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9gP49jWvJjRuUyrkzSBfYeesmnI4dIvI3NZqwyfHigVMidoSSQri%2FfemORMfX3Rqi0lhrkv5m2dHkNkmQCDmKb1E6RBgkpgqpg%3D%3D\"}]}\r\ncf-ray: 9c73fb7cac13b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":123756,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 378 x 370, 8-bit/color RGBA, non-interlaced","md5":"17721091aaf118d6cd6abc16d2aeba11","sha1":"97bdf3e117ac6d61d646712c8d8e8e4e51198285","sha256":"4dda0b6c1c108a5fa0efebdd996a869e3dea1ad2b747dd0c9749a5bcfb4b57c3","sha512":"ff36aff822a6a3d8d5d25aeb108ee010d9b573eaa87a32c34c65292abcf58de4cd4a1dcf71522744071878652eab110954472b8efd1f26b03511c84804efb215","ssdeep":"3072:7Ut+EYbRGwcF59XAtmaIBxO3unW+QV1d9cYuUM2+:nEYtGx/QEauO3aTQV1ruX2+","tlshash":"93c31218a091f4e8aaa713254ff17314425689bc4fbbf6fdb36c429f70d645807d13aa","first_seen":"2025-08-26T17:30:33.392612Z","last_seen":"2026-06-05T23:43:56.936255Z","times_seen":16,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:16.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=de10DSSwHwgldZv3iU24vCBqDK9p%2F7dxjuWtcZIeLPCCUBjoiOca7cRYQ%2FeTrKPByyvVFO5QpkzZOBz007YRJrG1U4ZGrMi8e039HZMs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb870b420b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rtfsq.top/1.1","fqdn":"rtfsq.top","domain":"rtfsq.top","tld":"top"},"ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:11.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rtfsq.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 23:23:46 GMT","end":"Mon, 02 Mar 2026 23:23:45 GMT"},"fingerprint":{"sha1":"44:D8:A2:09:D5:CE:EA:C9:55:12:2A:B8:78:4E:92:E7:12:AD:51:91","sha256":"41:C7:8B:8F:B7:71:56:D1:BF:C6:13:70:EE:EB:69:23:19:45:C5:56:EE:AC:6B:E0:51:B8:C7:AA:FB:FE:C2:28"}}},"request":{"raw":"GET /1.1 HTTP/1.1\r\nHost: rtfsq.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Feb 2026 19:51:12 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":2244,"timings":{"blocked":958,"dns":325,"connect":317,"send":0,"wait":319,"receive":0,"ssl":322},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/medal.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/medal.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-f92\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FmXb0CxTBBcXAzBvFXNiqG5Iz6tAwYraKsDFnGCe%2BlrT7BzLA7%2BCHQjTYbJAlgYoprcxjviKAmAHeX3eC4k5Rdwl%2BGjKZv305g%3D%3D\"}]}\r\ncf-ray: 9c73fb7adbd1b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3986,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 104 x 104, 8-bit/color RGBA, non-interlaced","md5":"fa001c1299a945ee1d3de0650c3341fb","sha1":"be83462007c10263c255b9b2e35d73d0e1ae3c7d","sha256":"56856e5041077dd63e48a42e29e7cb063fe25960cb324bce740ccd329c2e21a4","sha512":"fa822003aa8a5199c3ae2f0c3913dda1f534bf43496f40fea804d311973340741088223a645f0891a857a82355f30a32ea02bc0c14c815e2b8def8f0a9a6ccce","ssdeep":"","tlshash":"a7816b5db85781ed49bd673f0480e9dd9bfb07c9810ac11e0827832aa01e735b883c67","first_seen":"2025-08-26T17:30:33.441802Z","last_seen":"2026-06-05T23:43:56.918812Z","times_seen":18,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/tabbar/customer.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/tabbar/customer.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-188f\"\r\nexpires: Fri, 27 Feb 2026 09:58:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 381179\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E3IwFNH%2FTmwEfstnbX1cUantm37Zup0Lw7y31kFMJTZyZXkv23rsdLu6f9305%2FBtZdCcc%2FPRLPfXlV649xfrCh6g3%2B6ZkQa7vw%3D%3D\"}]}\r\ncf-ray: 9c73fb7c9c0cb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced","md5":"d3ebc8acc94fa485045049aadf40a45e","sha1":"7da056e27d5657d96c3b8d9d714f6625ec87917c","sha256":"1efb8c5097407b7f24b202e04d22b91bcd111fa335df306f6e72aa463104572b","sha512":"576568733bfb87420a44a70bd3ada580fbf3335b09c902d89d9faf2f4c915075229ad96d2a5f9cfccaef14a04ca30ab0de300789b4c3ff654b2b53dc1d7cd86c","ssdeep":"192:EAxt3ZnM1dA8sFpeC5voUdlWenVgzKffHNsJl:Pz3dcd5sFkCGegzMNyl","tlshash":"20d18ee11dbd2a5a586959377c158474ebb6b1ad879373cc2e8bd1d8303021a68409b9","first_seen":"2025-08-26T17:30:33.424681Z","last_seen":"2026-06-05T23:43:56.910266Z","times_seen":16,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/static/images/home/recharge.png","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:14.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /static/images/home/recharge.png HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:14 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-ff5\"\r\nexpires: Mon, 02 Mar 2026 10:00:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 121838\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bhoN%2F%2FbhzK80UY1y%2Fp4VHmbYDgx%2B4gFPkC3ltqmAoMLv8yWBdKhS2PZWNNbUuBagKeptfShIBApYE7y%2BsUQME3zAAmbQHFwJ%2BA%3D%3D\"}]}\r\ncf-ray: 9c73fb7c7c0ab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4085,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"05317ce08755ee6ff5f6ad591e2f93c4","sha1":"dfe3ef60a32cc18efae83dc8f9662d3fff48ecab","sha256":"b64b6514f61f995aa214c8230bf336ec3d042c80c51bcf05d440ab17c638aedb","sha512":"0dbb9ba8d3c8d006708fd8fa741892a7ccfa7a6174dc36509863a523e6e5ce939520ae0bfd348b0692707198e525dd646aed577d5316adfca93aadb3898bd5f0","ssdeep":"","tlshash":"cd816d8dcf761e45cab7969c268375a0bfc0467c93891d52bd9d403aa287f9d3233848","first_seen":"2025-08-26T17:30:33.391711Z","last_seen":"2026-06-05T23:43:56.949039Z","times_seen":16,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:20.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:20 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MSinho%2BUfK1iRQF%2BhikIKEAybdiZdZATD8bPBorENQ42fnXd%2FRpR6RE%2BT07JZDRVta%2BSPV8WujBWlCz59ztMAvjwWSiGtYlehJaF62f4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fb9f0aef0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-105b\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=14aIrV%2FYLrxHAPA2d3GZVvDVeVEZsCuNR2ljWjBH3cJyiQISfpAr6HXFr39xlGsNrSMl2QEZPAlt6a9F1qhbqNQ6gsY9p7mi5A%3D%3D\"}]}\r\ncf-ray: 9c73fb734ae3b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-input.uefNOExw.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-1642\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bc2Tv8uhTmpGb%2FtHyTGrz2uMQcx3IPg%2F09ocQMaYdzaBzXi854KM2beEQFo8KX8ycILER1Atkn429BIZ3apDhVjOf8VaYZVK5g%3D%3D\"}]}\r\ncf-ray: 9c73fb735aecb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-stat._gfGVicY.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-b39\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IQvvX48Wz64Y7hu4NicCM8I5M196nwMkCtCdvsOqiMOC0XtYCIscrvIEvEovjtNYUaAt7Du%2FGy4tgfU8S1WawfqPFKs8vbaPnA%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb56b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni.734051d8.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:11.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni.734051d8.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:12 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-8019\"\r\nexpires: Mon, 02 Feb 2026 07:51:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pEY2H5sG8Dl%2FPnUx2pfPVifPOZRK5s8EJKDVZCuP0raNh52laewhk8L9wYpgJJWYNw%2BNLtdc3yJ55Ww36Y0CoZa65UMhUGIySQ%3D%3D\"}]}\r\ncf-ray: 9c73fb69da07b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (32792)","md5":"dd5eb10f1e082900e8fc9f5294a20ea7","sha1":"0cb5185449f798d94746d77f3d50592cef306b81","sha256":"734051d81039fde90b77b4172ad966afe58f19ccca555fd849fd990d5cf327b1","sha512":"a7bc4f19c6eff7dedcae0d639d4f3ed9aa54fb0abbd517c4503b1b75693ceeddc1cb8e9c9813e373b81f4e0e4c7b735c4d8ce02cd16f296a1140519488bcda4c","ssdeep":"768:UoL4zei+XH7eryHDAtrEW1xBiM5TiDMBNXpriBdG54mZr9YnDcwpH:UoL4qxHHaISCmZrirt","tlshash":"dee2d6325e012939f8b7ca2668d1db8f2331c173d5531b6deb7975288b8e8c9167b384","first_seen":"2024-12-20T22:15:00.546241Z","last_seen":"2026-06-07T17:27:39.176975Z","times_seen":26,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-586e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VWZZYopfDxLQBnRDS5du%2BFXd%2BnCC5fRDQ70HhCNwPZRt8Wry%2BmJu9o2ngjvVNCTeinBNiAlhTF5s0E%2FuIE1w00Sm9RZFA%2F7X4Q%3D%3D\"}]}\r\ncf-ray: 9c73fb77ab51b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/CurrencyList-DB3FY5Nt.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/CurrencyList-DB3FY5Nt.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-d28\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DyKWMLkEN4NR%2B4vBAOZ0nNsiBHmKMadP7GC3uYPJ290yFVH2ALvWYyre6phND0O%2Bu1RhTGg7YBqAQXbgLSJSotXCdP%2F%2BAjwiHw%3D%3D\"}]}\r\ncf-ray: 9c73fb72fac3b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3368,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3367)","md5":"ab4d4be3845fee6ddae159b928238d55","sha1":"aecb5477019c06f5ccade269a9809ad5d72e1382","sha256":"066336f842b881e4d5caef0d4e7e4b32d5d9b11b73c9ed167156a79528051eaa","sha512":"1f367e2773a96df74a43d53040eebf39882b832b85690b00f984e682d73829c9b9fc1fd832fdace7762518b4e4e2fd6b545213ec9ac1564cab17b1ddf12ae107","ssdeep":"","tlshash":"dc613e6d764c322e457ff6096dd55bcf1230e31ac36215cda9833b34ad8ba432e224d8","first_seen":"2025-12-31T19:20:06.986084Z","last_seen":"2026-06-05T23:43:56.966556Z","times_seen":16,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/mp-html-0ul9zqPJ.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/mp-html-0ul9zqPJ.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-896\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=paCZzQKapfTWoaps9vxXqe6ASSwOWI4KuSjK0BVTsM4csPPi0ztOspzTnVkd3iTunyBvaVUw7wEep9mtH88ih28yZwQXUJTaBw%3D%3D\"}]}\r\ncf-ray: 9c73fb72fac5b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2197)","md5":"39bf250660e96521f3a35e1ac976e1a2","sha1":"cc7d930bddc88105f7c3d6bbbe74db8f78c7cf50","sha256":"6ddc23e5714d16e58c5fa537109e04b7f45abf79ac4aa1b8f371631ea3520d75","sha512":"4dae98925cc55685a79033199037b61e7370685091480bb4e9c92c5f5a15176a092f868b8a531c1dbc5fa00b41c298d60dab95b8656f89c33954bc319f6a28b9","ssdeep":"","tlshash":"3d41412231fd68b052bfc83a2b84ae9555d77317a0b383f06d1009572d9b86666ca18c","first_seen":"2025-08-26T17:30:33.430307Z","last_seen":"2026-06-05T23:43:56.920278Z","times_seen":22,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/LoginRegisterModal-C0MgRRGF.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/LoginRegisterModal-C0MgRRGF.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-801\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PZM7ZVk%2FRy0aEsjkvKfepXXnPpPfmyC%2B5e4lCduXJBAUqffG9p%2BFmVzItFe6AtyeF4MrEHzmMMoEcbqTz%2FWMWjpoOBpL0ii3rw%3D%3D\"}]}\r\ncf-ray: 9c73fb730ac8b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2049,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2048)","md5":"eee85bae3cd742e5e7b74f0883e85942","sha1":"1c2f3bc7dc76ba102bbd309157c435c4942e3a53","sha256":"150da1f7dcbee84fb90720ef16ead3130001ad4936917a2982e1f39c9eb98263","sha512":"a9998ba400d872f30018580a288af850c0807dc103c5b8ba129bf107652604618668db597a6fe1c6eff62937c096f76d8f4b0cb94b5a73456e56c3fa4b44ec46","ssdeep":"","tlshash":"d141b85cf9ec1899107bcf2658f18dde1522a3fe921117bea5f3a0348c4b2832d3e198","first_seen":"2026-01-04T07:38:56.361717Z","last_seen":"2026-06-05T23:43:56.959813Z","times_seen":16,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-c5d\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b7QhnCeo1Dcp8AnSEwtWQqnCE0q9L9MmFGgLFjLxULZe8u%2BJAjT4SiE27NUgxkKtlrJDDTSmR8d2Y8l8TWjw%2FcZbYCf0h%2BjZ9Q%3D%3D\"}]}\r\ncf-ray: 9c73fb734adcb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-3bd9\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eYlqLCZMBx%2FLKofUf1nv8ffUXqMqMABAeBq%2Fpb%2BmmQ%2FTXhOvRrGB8VyfvmwqYdFck1s9MMaUlk1sP8HOj8%2FZjbc7V7d6qkwniQ%3D%3D\"}]}\r\ncf-ray: 9c73fb735ae9b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-520\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NdhclezG%2BmlK2HfyqSdBxUwsOmz7dtGUQHU9NYlw4LMCweaj3VovzEYUMLvev85M8U7vfzDH8qQQFwl5WVFwxRkgy5JWSWMThA%3D%3D\"}]}\r\ncf-ray: 9c73fb735aebb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-54\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2shxXJkebPsUSqUIcCSGRWu%2BDsCqtYUtZ8dh%2BVWNeJP9GVjuTk7UsUmSDf9jeOlfpBOqmlDiyOCgmWty0j%2FsCcfAj%2Fv3qAzTDg%3D%3D\"}]}\r\ncf-ray: 9c73fb779b4eb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-9e2\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c5n%2Ba9%2BnPBzt5NcrBp8cL1bLfplRB0DFdMw4HzcIR9IMgcXNq%2BkKmjTIGD4xzCee%2FCIQbXAM2b5OQX3OfyNdRSpThUmVKO7%2FsA%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb59b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-01T19:51:10.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:11 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tpsmbAfsiiBJU9mMaDCYVEGMPua7hxtneMR2ICYk%2FMkEsSRwFri40WRs8TwFoLNgyFJNTKKzDFAnMXaXhMiDpbKeVMPeR8KBdg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c73fb65c94656b4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3636,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (464), with CRLF, CR, LF line terminators","md5":"efec4c8da83baa08db9905502dd346cf","sha1":"7e0b95553d0c03a0858094e5e9428027edee01cd","sha256":"a4c95ee00df462dcf4609e1d93cc408b38bf78b5c711bfbe76ddafb0d8f45530","sha512":"ad79362a3f516c6d022851ad16320fd77cdc3818bbb466770293d28a23885c46e9ed1046136d6b0f47b58ecbaa2bb85bf5fd272c4476124e2bdc0c64d0f8db20","ssdeep":"","tlshash":"be71b515bd90942402318a287fb3e60def3284735200eda478cc971b9ff4a46ccabdd9","first_seen":"2026-01-04T07:38:56.432781Z","last_seen":"2026-03-08T15:12:25.587595Z","times_seen":12,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":69,"dns":52,"connect":1,"send":0,"wait":512,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-c5d\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zpaI0V1%2F6s%2FKsOBWMO7fryVJX%2FV1IcotQeLt1xGmEh0YXW2zxLObgMpvNqGBzcRVIW2E5uzX65InlLms4pHUmGyFQ7z1zbw3%2BA%3D%3D\"}]}\r\ncf-ray: 9c73fb77ab50b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:22.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:22 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xphj95m9yPP1tZQZp7zFfOnQtBbo2PMKYMZcuGSC%2FC7HFEpbFz50RnXmqdErmnm5cUJQbUgrmZpIvZ7NMh04F5JcjXBMUEGQgAcUhmr1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fbac9b610b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-18f0\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I3GcYTfHJNJ%2BZHkaGHsGvKGg%2BMsHyTYZDCPBR2rSbXbhCFrxCkCXprWqKo6%2F7W3pUmU4euwUkIrM19x8SNsb%2F2jdbCdfM6kGpA%3D%3D\"}]}\r\ncf-ray: 9c73fb736af7b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.220.205.65","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:15.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Feb 2026 19:51:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Mon, 02 Feb 2026 15:51:16 GMT\r\ncache-control: max-age=72000\r\nset-cookie: __uni__uid=rBEQRWl/rrReL1zgA2PNAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-08T18:13:47.365785Z","times_seen":16229,"resource_available":false,"data":null}},"time_used":1684,"timings":{"blocked":715,"dns":43,"connect":256,"send":0,"wait":255,"receive":0,"ssl":412},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:16.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:16 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EtLXxG7t424rZ25E6Sq%2BLNTFnpFG78UbjqccUFtrA%2F%2Btx6kQSkGn%2FcYLfCzb6GItyM33qDTOZ8LyonJbF3%2F3qv1v0yPgBtT0Jl6yAT2v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fb85fa920b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:12.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 379\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdt935.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Sun, 01 Feb 2026 19:51:12 GMT\r\neo-log-uuid: 17843412157313740143\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":461,"timings":{"blocked":184,"dns":0,"connect":0,"send":0,"wait":268,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-banner-B1KD8OCE.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-banner-B1KD8OCE.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-81b\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fCGe8osx%2FC0%2BCfedDKrJmTQh%2BbsK94tscDG5kbMMIv6gj9gdLnrhq5mEwW8A1SD2JtlkL7prvPxngWkuMG9N90GpI9ttwv6fug%3D%3D\"}]}\r\ncf-ray: 9c73fb72cab9b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2075,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2074)","md5":"12c9420c9ee1805a5a956e6b5f1f5c18","sha1":"ba25371146382376916a6195037fdfba8ae361bf","sha256":"73e4d379d8db798beafdd7dbaa4215ef0b9bfed3fa37057ce464b3072b699023","sha512":"facc5735d2b1329eb247c38cb34659843203756dad339dc9c1e92ccc99511a9f7f4b461fd0debbb236a8cf1ff9d791bfa7026b86803baf8d0246a1cda6ff322f","ssdeep":"","tlshash":"b841892cbc4d3f14957bc72615fa49cc0229b6beb723053d21e3b565aa0be822e02074","first_seen":"2025-08-26T17:30:33.376377Z","last_seen":"2026-06-05T23:43:56.95343Z","times_seen":21,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-b36\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ie3NFWBW5Xl6ojVaZ3fcxBZlRIF96uxvK3mVclJT4mmkMHU9%2BVwK9q1SoP0SySc9fWzO48xFgPVuoDMO5YHrZYXhy1IRC15PGA%3D%3D\"}]}\r\ncf-ray: 9c73fb734ae2b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-37d36\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vq2uFji3hJQFMC0Tls4QGuYeSOSyR%2FWgDNvZa8pNx43Pblnjbbdy73xWOmYz%2FaMmkz5dnM1KiwH1r8ww%2F7D%2Fs03iHfdXSLg%2FiA%3D%3D\"}]}\r\ncf-ray: 9c73fb77db60b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":228662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-input-CrT96B3I.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-input-CrT96B3I.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-6dd\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XT8OEfNQ9z0ai7GL0zaYMxjThMssAqLM6%2FtqxMAKIHC9Wd5JgkoauoPBFkJIhaoQ%2Fac5W7Ojn5tDTOaiPgm835N9DUEF6EPxFw%3D%3D\"}]}\r\ncf-ray: 9c73fb730ac6b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1756)","md5":"0b886cf1a1bdf47ff7dc92d7d99331a2","sha1":"8aa130ace09d333c7817ed114f2161247c6e9681","sha256":"11e33fcbf5534a186ed16416f1b65b27bfcd069cd373f2541e3a100acce43809","sha512":"020bd3e989b492df1bbf6b8eb66f6dc870f32853b481ecf40aea027369efadcd1d5b85d4752e5ed69f32f228e15fd6d77229301681437564d56e755a8b3c6f18","ssdeep":"","tlshash":"323111327d491855392be60efbc0be9d456462a2d393008df6d05b3a0847982fc6dcdc","first_seen":"2025-08-26T17:30:33.401018Z","last_seen":"2026-06-05T23:43:56.920964Z","times_seen":22,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-4aa\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yPbGJywYl%2BRk1XGmXN8qIjk3S26%2BQJ2Yqroqqp9dO%2BPqZFDWm6mcVn4Ll21HqJypCEixm2YJyLx80MKVAf6P7zvzHkZtj20EzA%3D%3D\"}]}\r\ncf-ray: 9c73fb736af3b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":494,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-money.Df21XDR-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-bc9\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GjYQaD2lb6hMOypDESgyD5CK73r3oM6bkUsFBO%2FPJ3t16UrEoCKJdfMCWkTfY3PtYRCevk29fhMNv7TLxV%2B%2FtTwOuk%2B1Jz2pzA%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb58b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-105b\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ok2lizZoj4aGr%2B%2Biw9jZrAue3fQJDylMTXSXUYhjsMIyiCQVAJ4QrulAkjqP0%2Fyf8uA26h8M6YMhv5Tsds0G5mdqFmGJUkriRA%3D%3D\"}]}\r\ncf-ray: 9c73fb77db5eb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-18f0\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yg6yrMcfYVLLkRbHfmuBWdIaeTXUK9UvZxdXVOz%2FUUV81BTaHCvfcGB8WYVJY8AhsZWNkjpp9OAVKa7Z1X2DRQgcTAk3rafBCA%3D%3D\"}]}\r\ncf-ray: 9c73fb77fb6ab51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:18.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 01 Feb 2026 19:51:18 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1TG16fY7YCyi8a5l3bvPRh%2BNMc4mSNWEKI1M06iXUrfojA4xERzRL1yxa2bbIRoDX1r4MW4J6rsjoRNZ4%2Fi%2FEFgmcnwLGjaq8AeqcomI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c73fb939bd80b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5d04a54141ec506570c1da44a909c939","sha1":"ac5a8eb4aae6ed12faf7a172c3c81603732d7a07","sha256":"cb871d35b90452a131fe3131b147ae2a74ebbe75ee297b3ee2b5e4b3b559bb9b","sha512":"29a754a1866c09926b8c2ca3a0be4a64f9ccdf8e475758ca44e68f77de981cc0704a2ec867479e3c94ea3021f7ee01aef27cb592a87d76a8cd29ab7616221ef4","ssdeep":"96:3VLl51kd/QIrQLaVI2DJmqIeIWvcxIR+a3IM9oI5M+jI+jMIuxFI47hIxFWIE8/m:lLf1KmLGJlchaH9/M+H0x/4Fn/m","tlshash":"09b1c15227cc7c35aa733587918b78ea95c9b147bdcd7fb54b8edfbd0866a18300a804","first_seen":"2026-02-01T02:07:20.029391Z","last_seen":"2026-03-08T15:12:25.530854Z","times_seen":4,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:26.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt935.com/\r\nOrigin: https://usdt935.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Feb 2026 19:51:26 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt935.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r57eW3ICzFo7Vu%2B%2BwIBe279G%2Fu7ahG9eNpfgWBjGtkLA9YLC5dt6eOL60jgreHc32bVUtJKzNf3J9lYO6c52me4a5f4V2xDqqI7Pxh8%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9c73fbc48a910b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T18:34:25.971921Z","times_seen":16246822,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/uni-popup-Fqn9N-Zi.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/uni-popup-Fqn9N-Zi.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-6ea\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sjAo6DprtF7N%2FfZP4ZTa%2FZnC49CH94fZLI8P4s1qUREGZCKWXJlwoYKtnpVUiT7l5%2FsvBS3PCVEtFdXhVMztKuAAhVel3er7%2FQ%3D%3D\"}]}\r\ncf-ray: 9c73fb72eac2b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1769)","md5":"d082db8500b272c2e43675d8c52d8fdd","sha1":"b6a165928e6ca58ee847e1b9316b0954a0a7b126","sha256":"2567b7b7dff7c1b3092ef67294d1adf734c4a26d1e6ba21ba15fa4ab2404ea01","sha512":"ec6a79cd5137ebe2eb07f48e22b5c1bf70afabb63a1685e49aac0b7b73479b1e9994369488db30971644dffc33bae8310432891df182d4cba8c0d735d7f7f4e2","ssdeep":"","tlshash":"9f3170723c1d351984afc0e6689aef46432c72339553b6946678f4180cdf9e23e5b6bc","first_seen":"2025-08-26T17:30:33.414771Z","last_seen":"2026-06-05T23:43:56.904585Z","times_seen":22,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/InputPayPwdModal-CwjLcKcJ.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/InputPayPwdModal-CwjLcKcJ.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-10e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Frpv8FqrEx0oCYALrzpOv452G902wjoz0pBcc9roOWERHvPRqqsZhj7iBC%2Bif1C%2FpVLUl0nCa%2FzOW5VS5biLkckrJI8%2Fym%2Bi5g%3D%3D\"}]}\r\ncf-ray: 9c73fb731acfb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ef857145a2387fa7f0b696d9c04e7309","sha1":"e720751d4d447040d3d1c52ccad4e080be11828a","sha256":"9c5c2bca02b37dc58e30ab5662894d521eb4d8f1c6b509e9b7a0f7a26cb9e67a","sha512":"481f8aafaaed51b3a6c35f90eec289047c3b99c94ecc569f7d430243581db234fb8654f63922025ccbba7b6b50928a94082ccda6553169a76f50556f8233d148","ssdeep":"","tlshash":"56d0c22fb8cd8050dd7fce222498edd98833336b6788148e2cb619a2c9533062221888","first_seen":"2025-08-26T17:30:33.409471Z","last_seen":"2026-06-05T23:43:56.965058Z","times_seen":22,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-drawer-joDNLxy7.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-drawer-joDNLxy7.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-67e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3lKehrisMdhvNR%2F0RPLCBSdLwg5VpbwFhb0lwQG6cxH9Ai0Tdi9W1XqZLOOItmmjmBLbbwm9PX01DeOvzi5mj1UBpgh2wLOpLg%3D%3D\"}]}\r\ncf-ray: 9c73fb732ad0b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1662,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1661)","md5":"c459d8c22b13969efd179467452eb13b","sha1":"0c10dad7104de3185801252919cd93876687f9f0","sha256":"da10cabef00245f7c0337951d5ff5cbc9a8a1f6c83efce5dc26b6230c2edaf1b","sha512":"1d8d798bd83557544abb5df3e3251afd3bc7834f2f24521fccfa19be96e04d5a1c6844f28658fdd5e33d7316796e66cb5e0496a6fab13ebef553a676865a80f1","ssdeep":"","tlshash":"53318a325d553c18767fd316d4e1d9a80f3cd2d3daf2acce6209652b0a4b9b9205b582","first_seen":"2025-08-26T17:30:33.419712Z","last_seen":"2026-06-05T23:43:56.941652Z","times_seen":22,"resource_available":false,"data":null}},"time_used":497,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-520\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E4rkzNkBWxF9duMNjQmw6jtyZMZ%2B960pj0DYQm5gJbtbF3KfiTxui%2F1KAhBSt6WNIc5t0w8hWkpSTK6uQl2L4Rl2fdxjuMcccA%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb5cb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index.DuhDaPHN.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-65e\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f9mpbBW18x4YuSr1ZVBh47A%2Bm3IlsEeUmYQyNF5KbuveewDGe952OACBDCHbwAgcIFAtXWSLqZVLsUtHNlb1acdoRIZsC8BWfg%3D%3D\"}]}\r\ncf-ray: 9c73fb77db5db51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1539)","md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-129a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nUoAlsx5VZ6VQPwTKtmDS6V%2BJuaTg1YT1cDImE%2B2T4Vi2yzYVDXtoyWs1ZLKKhA%2FAPphCki1Va6BtfjVO%2BcpYztpNrQvCdYvAA%3D%3D\"}]}\r\ncf-ray: 9c73fb77eb65b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-20a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oLRPixeq%2F%2FwXb7xgLbtimevzufzBmxwjgO8ZBPNFWSacj1Gx7n%2BOxOAym809NyTRy5u7U4K55v8GSuyOB0o%2FIKH8vrAuTvqtig%3D%3D\"}]}\r\ncf-ray: 9c73fb77fb69b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/index-DcZrAb-o.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:11.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/index-DcZrAb-o.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:12 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-d5507\"\r\nexpires: Mon, 02 Feb 2026 07:51:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oGVNPIaKjmZ7XIhOmTUxpciWww4QaYFZ6Ax1K4z9X7SlrQtf0JXikkbVXzrv%2BkqXnjfCc9RKXrW4zapQt20MQqfbkMn79v2n0w%3D%3D\"}]}\r\ncf-ray: 9c73fb69ea08b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":873735,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (26861)","md5":"28ee8c25bbc5545a74782a7951b9a6fd","sha1":"2194b6108264af7ded37b7e0eee6387f4093b775","sha256":"4639c812ad55aa7e23890138b4f979c821075b2d3a17607044b736f3fb373be9","sha512":"4e2851f1fac247d5cb7ec79db7e1c856bb7b4577609301bb10b73d10b2fe00eee81302d0d206b2bb017ce53e33b2033a050957874065936881c9bf45a2ac223a","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+50ROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKE","tlshash":"1a05af9a338a702106f536d2306e3631a3745e65f84ac0c876dcdeea25fbc056297f79","first_seen":"2026-01-04T07:38:56.489286Z","last_seen":"2026-03-08T15:12:25.595754Z","times_seen":12,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-fab-D2Ib7dhh.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-fab-D2Ib7dhh.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-c0f\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=joub6GKfVrLAAsX9L6HDlN5WNc4yyllZaM5FLdFVmrV3TNYQPGFJZbztUGstkA74xq3UglgXGPpIFEUapl3D%2Bywf9QIh5TGxcA%3D%3D\"}]}\r\ncf-ray: 9c73fb72bab7b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3087,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (3084)","md5":"1c85c6659c80c6d97d956a08a1be24f6","sha1":"6eb58b78742743606df302b9d1252b6b05970205","sha256":"62e879df98a95ea3c4c4afc1721abb54717a04f954886b352e4db25fd11c3226","sha512":"08e2714d05a5b244f3e9a2bfbd5d739bc0d2d47c9e28c65fec46657dd016ce985197c8bae38d16c5c3d8f1f96f6e1bc71999ccb420ad9a0903e4239438bbd548","ssdeep":"","tlshash":"4d51b83e29192572383fca87c590a9a44c15fd53d6a304cef01f0b1d4d9798b6598f7d","first_seen":"2025-08-26T17:30:33.369834Z","last_seen":"2026-06-05T23:43:56.931948Z","times_seen":21,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-popup-D2Okk1oU.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-popup-D2Okk1oU.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642bd-10a3\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jye7UPdW%2Fv%2BtCdEeBbLdOzXNMoAtudCFjpLd6Su4OeZPUwOTbFrMiwlbCa4zSb2DANt%2BITZZpxpmXIC1nr6QOM3oHaEIPRDvyA%3D%3D\"}]}\r\ncf-ray: 9c73fb72dabfb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4258)","md5":"06fcd30ff5c377c4a2f9f9f3ebfe3adb","sha1":"de7ecd01b1875701a718f6a23b13b42098eedcbe","sha256":"0afd9914f132bf3d55d12ad6b79db6a7759c03ca76fc0cf5721e027ac1b1f31d","sha512":"ddf5528973b5af2bd222c1c70f559eeb4e03950c583846b024d74695801159b855d3e250196077c0efa68283579470f0f8c62461d881caab4c2fb43f5751702c","ssdeep":"96:u/l9Nh+ecD+wB9u/BifBAoBESBOojkbHIDD2GA:iNMTD+wB9u/BifBAoBESBOojkbHIDD2p","tlshash":"c791c134abcd202cc0bfd37165d05e8a4276e79ebb660f2f61a50d134aa354d316afe4","first_seen":"2025-08-26T17:30:33.439943Z","last_seen":"2026-06-05T23:43:56.963607Z","times_seen":22,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-section-CDcYCXgd.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-section-CDcYCXgd.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-174\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CJj7SdDbU3NQwW3CwyxrNHwJjS4me5JeSJ2BBoyJv%2FTlJcSI52l4USLpLufJVGhjGjVdGhx9quo%2B7ApNG5gha29vzCQ7Plrvpw%3D%3D\"}]}\r\ncf-ray: 9c73fb731acdb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":372,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (371)","md5":"006a7f142fdc4795801553a74c5f0ccf","sha1":"c2889babfcb0370ab068512f13e74f12fdb00094","sha256":"7225c3b57051f107a8e638cb536668f1ca88fa9925544670a7f44050adcd535f","sha512":"ed7cca52ec98758a50462be334b7891e70aa95301a74c308bc171395a674418e646e20ac865eda6848f12fe81972e650b794ba6a806c856c2bbde59d2b502c4f","ssdeep":"","tlshash":"b1e09b16778eb54c642bd73b34a2bdc80124d621c277c10d6671a3584da734711026fd","first_seen":"2025-08-26T17:30:33.40408Z","last_seen":"2026-06-05T23:43:56.967297Z","times_seen":22,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-title-CVAcbwdi.css","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-title-CVAcbwdi.css HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-c6c\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DsQyQZwOpRWUbNXqd%2Fthf8G80ARZBWC4PbTd5upaaQA66%2FHESMz5LQJi7KQUhsA%2BoSNWaSgtLu7sqhz7W1mIm%2FGw0HGnuRlOHQ%3D%3D\"}]}\r\ncf-ray: 9c73fb732ad2b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3179)","md5":"5177a0864313a3a5c4e35c97a88cc6dd","sha1":"0a600582603bc21aa49ea90db47c1f8fe75c0128","sha256":"0e3b38377ba563f6800ce39abb9bff953b64f949e0dd9f290bbbadff2da62356","sha512":"899a86a4d2e07cfb5ffabe2906b3a8403e720483e9b0099222a6c4d6ed79a1af784822b8f141943d6408d4693d93eb7a11c4e48d0fd6f56ed957d76ebc2c9a0c","ssdeep":"","tlshash":"1c6131316919121c8e33e7222ca037c99534f1a9f7d7116d53a7283e9dc764714faaec","first_seen":"2025-11-22T10:34:45.560659Z","last_seen":"2026-06-05T23:43:56.913407Z","times_seen":19,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt935.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-20a\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZqFwO6XSupnpKqMS3A9b5mNx2FK4RHWftCMVez3rM4qrGglr%2B3DYmMYQ9ZCz0nGCv0en%2FperDDe%2BLBPVZRNN7qtcKV5SE36acg%3D%3D\"}]}\r\ncf-ray: 9c73fb736af6b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-d69\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=urz7viaBAfaBE4C33%2B%2Bu0QDtuqW5lvo8cII36dlqhYxwlHWKYGxYNkXlKpD5Z1qAHj%2BH1tsLDQzkM5hbyi9ijtmFAe2z0eOzXw%3D%3D\"}]}\r\ncf-ray: 9c73fb77ab4fb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-89f\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nT9Pw1KM1rMYi5BkAys3KqOh5QJzg0XY0IG5LYx5opOfZEJ0r4oIMmW3vybIXHlsllStx1PK2mVKNfjnvuPylgWASmYr8u2iRQ%3D%3D\"}]}\r\ncf-ray: 9c73fb77cb57b51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt935.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt935.com","domain":"usdt935.com","tld":"com"},"ip":{"addr":"104.21.93.56","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt935.com/","date":"2026-02-01T19:51:13.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt935.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 15:32:39 GMT","end":"Sun, 05 Apr 2026 16:31:34 GMT"},"fingerprint":{"sha1":"6C:0C:59:60:CC:E5:14:3D:60:51:B5:7E:1A:43:26:78:17:22:09:55","sha256":"E2:73:8E:12:49:13:74:78:35:A1:96:20:46:33:2A:DC:85:37:8C:C0:E4:5B:67:11:0E:44:2D:0D:A7:5D:E7:C2"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt935.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt935.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22a46fc745-d379-5b0e-8e6b-29f0188ca535%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201769977272315%2C%20%22ct%22%3A%201769975472315%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=69cd9dda-bfd7-5268-ac20-195f07d0ccd9; __51vuft__3JnRFYkERItiZhCQ=1769975472321\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 01 Feb 2026 19:51:13 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: \"695642be-999\"\r\nexpires: Mon, 02 Feb 2026 07:51:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sLcFzEcc%2Fhovcs8FQFxJgiMIfPtdthWaDF%2BLdDVdc2ZE%2BtqI8Eqg%2BVl0EyLDrsupWBAYnlehDn%2BNX7MmzLPWz9QSuV6kM35x8A%3D%3D\"}]}\r\ncf-ray: 9c73fb77db5fb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-01","alert":"Sinkholed","trigger":"usdt935.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}