{"report_id":"867cf2ad-8afd-4498-b59c-38826b7eda6c","version":6,"status":"done","tags":[],"date":"2026-04-26T13:16:26Z","url":{"schema":"http","addr":"usdcsavings.icu","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"usdcsavings.icu/","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"title":"USDC Savings","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usdcsavings.icu","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-31T13:16:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-26T13:16:04Z","timestamp":1777209364,"ip_dst":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":48462,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-04-26T13:16:04.138699+0000\",\"flow_id\":985063903935396,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":48462,\"dest_ip\":\"35.223.227.195\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"usdcsavings.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"f4febc55ea12b31ae17cfb7e614afda8\",\"string\":\"771,4865,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2718,\"start\":\"2026-04-26T13:16:03.867236+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"plugin-code.salesmartly.com","ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-07-22","domain_rank":530835,"first_seen":"2024-12-12T08:03:04.74606Z","last_seen":"2026-04-21T01:47:54.003426Z","alert_count":0,"request_count":9,"received_data":965252,"sent_data":4019,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"api.salesmartly.com","ip":{"addr":"104.18.22.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-07-22","domain_rank":387428,"first_seen":"2022-11-29T17:40:50Z","last_seen":"2026-04-21T09:33:15.423324Z","alert_count":0,"request_count":2,"received_data":5372,"sent_data":1300,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"srz.salesmartly.com","ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-07-22","domain_rank":378797,"first_seen":"2024-02-20T03:50:45Z","last_seen":"2026-04-22T18:22:43.223045Z","alert_count":0,"request_count":6,"received_data":3818,"sent_data":4088,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"msg.salesmartly.com","ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-07-22","domain_rank":360322,"first_seen":"2022-11-29T17:40:54Z","last_seen":"2026-04-23T10:18:31.032761Z","alert_count":0,"request_count":3,"received_data":1994,"sent_data":2344,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"client.salesmartly.com","ip":{"addr":"52.84.50.42","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-07-22","domain_rank":491526,"first_seen":"2024-06-25T09:52:15Z","last_seen":"2026-04-23T22:06:18.188211Z","alert_count":0,"request_count":2,"received_data":84987,"sent_data":935,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"usdcsavings.icu","ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-04-26T13:16:29.681594Z","last_seen":"2026-04-26T13:16:29.681594Z","alert_count":28,"request_count":28,"received_data":5130271,"sent_data":12672,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/install.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16ca86b94884f7fcd120b7a131c4b88b","sha1":"e6dde4d214a99480bc337b0b1dfe51f8ad59102d","sha256":"19478b46ee6f0957ca4b25da349069a39e9b578247b69e08515722c07dcccdd3","sha512":"1df178bc5153415f7a3d3a322fba662625b84261633981cb2c967eb0df0f43d545d8c293420d48b804ce8862e928f722ae10a277ebfa75c8f6978d3450c8ab1b","ssdeep":"384:JPyg/NXbASoSALbGf4NwNiB0W9jyyxRyL1hKGadeBTKSwQU:Zyg/ia4NQiGWwnLadeBTGl","tlshash":"b4921a48742a7c7842ae563325fea214207f1b852931d4a0f26cdf786b78d875177ebc","size":20811,"data":"","first_seen":"2026-04-16T05:45:19.555213Z","last_seen":"2026-04-28T11:57:15.263348Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/chunk-vendors.6ef765fa.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e788461ba915adcbfcfa9b10c35f265","sha1":"bc3841eff0c3841cfdef9a2f1e1b5f1d0dd6c26e","sha256":"69ced1151fb1b32d26c8b70739681828a1d99333c4a08114c98cd8af90b3f2ca","sha512":"b20ea5f22352ee329e6982d0fbd14fa2f4607a186b2d2973a99e43975164b2c6142b8ce87f7d5f54f47cb41bd6a33329ec3d09fafcb971de6e316ce5c0c8cfe0","ssdeep":"3072:gZcGj+j4Cm4m5BJ1IWqq/1cuC+4DdC58+skrMJz+8:gG27J1Wycu+4ikrMB","tlshash":"1424f7cdbb92f06843a335a4806f150bf17b6a18f40e81d4e6a6d5d1ac78a8e5137f3d","size":214670,"data":"","first_seen":"2025-12-10T08:58:23.267899Z","last_seen":"2026-04-30T15:54:53.539387Z","times_seen":838,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/index-CXuUGjaQ.js","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"825f921d7a97d563f8e1b92ac4dbdded","sha1":"16ad394875f7e3e847a00f012de315b7483d8989","sha256":"403f89fdf9af4b4550c3109a5a3e40c7f1b2ba62eaf93a9524948bb4942d98fc","sha512":"986e3e6261ea3d16d143a9e224d6ba3d2da395b5c211b10bacd12faf6fd3bcf9c8865fae09bcb0bfa858b4c9fc8011a0ca25775f638e0130aeb1207a89327856","ssdeep":"49152:pv8nxOaQhVn9WkzXKCK2zDu5wTF2rs6uSmgjPkn5hJ4ywFiBhuCS/9cerNMCUFW5:Qmg","tlshash":"28856ae07296b42d4aa715d9106f0001f2356d52b44d88a4f2bcddef3ae688c95bbf3d","size":1738921,"data":"","first_seen":"2026-02-11T03:43:01.224742Z","last_seen":"2026-04-26T13:26:32.781709Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/js/project_617091_636768_1769708933.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1e6927011e526464f34d9892d03309c","sha1":"95e31580660ec9689f664c9453e6921b38f651a2","sha256":"fe1b4d546a267dab554e885e3d17182750ea2d1426cb4e609153c5ff1415f1e8","sha512":"58c84f8903bf4c96f23683315ec0b2081773268f95da52d36eb6ef4cd103fe8487bca6fc81fc874a443178b7dbeb63cbb16c76c3e6f26897816c315a33b0dc92","ssdeep":"","tlshash":"a721eb471c63a4797bd5727b8b3f88ad3998a2433004cc10bc4dd46c2f949e20e9eee4","size":1184,"data":"","first_seen":"2026-02-11T03:43:01.215399Z","last_seen":"2026-04-26T13:26:32.741178Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/chunk-common.1fe290ca.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c8fe2cfcacd8060938d4dbe926e1d0d","sha1":"7b23bbfe19b8a262125bf4f78989b830142898c4","sha256":"8e39535291c7206d43f2d05f8367e3ce7516119a71e12579e1c180ff7554d91c","sha512":"6845a4cb9edb12c15d9053f6719b889965df3bb33640314b9e44b0953c856a792c6f38a91ff7d65b90ccf59d326985f980904817a37fbe6ead6e3fae3ad4298b","ssdeep":"384:kF9kWEuK2U72UecAvTbDPnPuTc2YejErqSqcDRVE1eDTaR5HJrCiKMcJHI7jW:q9mZ72UecAvrPuSqSpEXIMoyW","tlshash":"c2c222ccf2dbf0650b9a38a481bf110ae63e7d99b44e9196d261e0c17c3454da273f9b","size":27007,"data":"","first_seen":"2026-04-16T05:45:19.491679Z","last_seen":"2026-04-28T11:57:15.259492Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dd10bf9e3a55d04fb02d076f8d888fd","sha1":"73fe2ade639561e0fbee753a10ab3a8f64457ba6","sha256":"9b5cc937de300ae7ed821b3c25405086cd9fc0c25be5f6afc2213b06d1981408","sha512":"768877b7f6860408251dfc60ac57ed4499ac9ff259f506f98020a848b1f8dd67378758074406603c95d98bfa621d4d451d9a941f9932c2bc9ecfe1eb9e69f9ba","ssdeep":"3072:hUj1XOH0ipFe9OY0ceCK7KtWO77yzk83UzlgE6CjnWO:2kHbDCK7gf7n85NO","tlshash":"b22408c8b295b06143a770b4407f550bf13ab915680ec5a4f226e8da7cbc98e907bf7d","size":225000,"data":"","first_seen":"2025-05-10T22:57:10.916725Z","last_seen":"2026-04-30T15:54:53.540065Z","times_seen":2053,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/plugin.451b1a0b.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5898c8823fc6293f8ab52428d37fa09c","sha1":"919c572ba4c7e9bbcaf4f9cbf3c2931f0aaf49d3","sha256":"b29599cbfe9293e3d88ea0e97e4f7439a525c124e3e692cab87206a29c9173dd","sha512":"e5c5193fc6801f8454048b8d3d208ec7a3dcc75065b52a2319adced34ba996cd076d5cc90bcb2d44792a7e7e3e6e8a4ce3f4bbe11c63430aa7706c2cfe4ecd9c","ssdeep":"6144:G0bg30bPKQQDLVQbOUvzhDetWx9a+gcmLTzrqGKAbCPfvaHcqiQUd+wa8Ar4gWDE:5bPKQQDLVQbRvzhDbMzrqGKAbCPaHcqn","tlshash":"47843a49f5c9f86b07b361b1602f6009b3ba1b48e409d8e0fe75d6e91ab4d496323f1d","size":380050,"data":"","first_seen":"2026-04-16T08:39:04.005764Z","last_seen":"2026-04-28T11:57:15.252735Z","times_seen":134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.salesmartly.com/js/marked/v14.1.2/marked.min.js","fqdn":"client.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.42","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4726c8d370952011c5137ee8e13eb6bb","sha1":"96c7a41fdc5d4530bb46f1a629f86ecaf068de82","sha256":"eeaba2c06a990d4602b4142cce579f4cce16fba404e6cc82c5c2f7ccb1e7bd1f","sha512":"6d7c814f6fec623660d43ef29034ba789484e0314354f247bdb4407dd7d82abe88bacac2cfbc009929b7eafcfd1bcccca1bdb946faaef74bdfb77248ef5ca071","ssdeep":"768:aH13NvoICzvRDEeJX2QLGbdpB+xJhuLPbBc5jI0sJMF2/bOCbnEytnbBOmVzFoso:aHOXo5ECPbBc5MB2A/blnEMRoaM","tlshash":"67f2094832ae3a6987d439e66cf81060e27f8e68344c545cf664f5f37c2690a61ebf70","size":36489,"data":"","first_seen":"2024-09-13T03:55:13Z","last_seen":"2026-04-30T15:54:53.506537Z","times_seen":1958,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/index-CGk-1Ye2.js","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c7a560c437b4480a956a65fa9b74536","sha1":"0e0e11a02c7b098e451322e7bad5d578f3d272af","sha256":"cf533c79a024ab76364c22be39b8a1f756e37c72161f28be494d9973fd6e115a","sha512":"7e7c6f64d4c51d30b4c2a675857159d97d2af534a88938d57c30267ed8899831f03e8b855d636ce48ef2df15c853d8b3c7e1679141e351ca0c705fcf797bf1cc","ssdeep":"","tlshash":"cb31e0258382337129ab190434e4e451d928f518a4ef8090d677cab6c78fcd5ddf7696","size":1752,"data":"","first_seen":"2026-02-11T03:43:01.212302Z","last_seen":"2026-04-26T13:26:32.751065Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"usdcsavings.icu/","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-26T13:16:03.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:04 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69821db2-24f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":591,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"c237d2ced542a8c3fad429c4c1a3cb00","sha1":"5165fc7e9bef1d7117a86b5fc64375bda21af3c5","sha256":"2d3f7232a566dbf4008a037003990b21aec9448d806a6d792267077a005cc477","sha512":"d3791eaff347ecc9893a8f0f353ea13cafbc16e14a07128710301dba7a6ba193636087c2f38fecb969e62266819412c543f00d8f0973dc4fecad6726602dbb2f","ssdeep":"","tlshash":"3df0e186dce18908422002856ca0f608198ab7478785da4979fe917d5fc57818c8f4b8","first_seen":"2026-02-11T03:43:01.216783Z","last_seen":"2026-04-26T13:26:32.740402Z","times_seen":4,"resource_available":true,"data":null}},"time_used":842,"timings":{"blocked":353,"dns":75,"connect":135,"send":0,"wait":134,"receive":1,"ssl":142},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Crypto-Df1QTyax.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Crypto-Df1QTyax.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 201697\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-313e1\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":201697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1728 x 464, 8-bit/color RGBA, non-interlaced","md5":"a1d0b7b1d640dae83eb6c2f1cd87a330","sha1":"2e78fdcaae8dc548c3116992635b5d91b5600695","sha256":"5df960857dc8e92b2d3707e6299b39cfe32ebbd9ec193495605841890e7a36f2","sha512":"8beca062c7474263026656376237a4b4b1a9b94f5a5909ed5ded3c5d1930b2896e5bb9e47a75cc0247d480a8a04213895e58736f8147ed8e78b794ac6f44ad93","ssdeep":"3072:G+SeT1A3ctOgaP4wwgIxx+jmwMbBnwEANtdtMGfdzXz2xLfjHVYY/8ysth:5SeBGcDaP4wwvSmwoZwEANlMG9IDVsj","tlshash":"27142329ba77c471d9365c72e6db96141f394bf780315203af6076c0eb31269312ebba","first_seen":"2026-02-11T03:43:01.221Z","last_seen":"2026-04-26T13:26:32.773206Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1123,"timings":{"blocked":277,"dns":1,"connect":136,"send":0,"wait":271,"receive":290,"ssl":146},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/banner-C274X58R.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/banner-C274X58R.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/assets/index-CVZuMAdA.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 897140\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-db074\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":897140,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 853 x 1280, 8-bit/color RGBA, non-interlaced","md5":"956101168c5adc266ca1c25713c8f04a","sha1":"41d0edd3a4ca0174729b8230d0b4d9efd0d63f40","sha256":"f16c98ead1114fc23eeec94119d713dc8de48af3e7a96dc6bc23832c22c6d192","sha512":"00722e1e5760adbedc313daee1ba0cc6b0ad684a2c6351e7e9633df5eff23f29755164bd3b7dac42b233b64623eac561f2753049b746068900a49098b2280a7e","ssdeep":"12288:jwkKyYVCeDfQkEZBAqzAwyTiYf7GBwYC5EpaCeKSp6c+MwvktOd66y/dA/i+:kjJ2UT7zQwYCCp4pCMwvkYZudkb","tlshash":"dd1533b413067efd1817aec472252540a8a425f745f62b857826eb77eb622c7b3c1ecc","first_seen":"2026-02-11T03:43:01.211445Z","last_seen":"2026-04-26T13:26:32.77648Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1231,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":243,"receive":626,"ssl":136},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/index-CXuUGjaQ.js","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:04.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/index-CXuUGjaQ.js HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:04 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1738921\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-1a88a9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1738921,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42342)","md5":"6f8bc5236f385985b4d5e17f41944b61","sha1":"28c07c015a7e8b6470f6bde5b4c210c8b375cc4b","sha256":"415e8fcea3ea1e4d0352d2df9ce6b2d76671768c696cccae2a6ea25452b45d39","sha512":"0abcd0157c1bfd2c7d6554e5870f2f7b6b15ffff2c6d06bea5add665e6277a85f9930859f54de6b095815b074d05cd6ce360ea8adafd3690f2b2ca72b3c2b019","ssdeep":"24576:S+v8k8xOaQhVn9WkzXKMHK2zDu5wTND2rtW6uSmgOsPn:pv8nxOaQhVn9WkzXKCK2zDu5wTF2rs6D","tlshash":"4a258da07294742942a381ea50bf4505f6362d11b41ac8e0f27cddee7af150ca5bbf7e","first_seen":"2026-02-11T03:43:01.199465Z","last_seen":"2026-04-26T13:26:32.772061Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":760,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/vendor1_b8775aab.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/js/vendor1_b8775aab.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:02 GMT\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9A8E4DB93936BE7CD4\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15305004930386263030\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: TdEL+eOlXQT7AtB2+NiI/Q==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: o-dcSBt88Q8QrfAk1W4V013hNK5EHM5XrG4dFw_PhTqZ4tCL52fghA==\r\nage: 295803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":225000,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (49155)","md5":"4dd10bf9e3a55d04fb02d076f8d888fd","sha1":"73fe2ade639561e0fbee753a10ab3a8f64457ba6","sha256":"9b5cc937de300ae7ed821b3c25405086cd9fc0c25be5f6afc2213b06d1981408","sha512":"768877b7f6860408251dfc60ac57ed4499ac9ff259f506f98020a848b1f8dd67378758074406603c95d98bfa621d4d451d9a941f9932c2bc9ecfe1eb9e69f9ba","ssdeep":"3072:hUj1XOH0ipFe9OY0ceCK7KtWO77yzk83UzlgE6CjnWO:2kHbDCK7gf7n85NO","tlshash":"b22408c8b295b06143a770b4407f550bf13ab915680ec5a4f226e8da7cbc98e907bf7d","first_seen":"2025-05-10T22:57:10.916725Z","last_seen":"2026-04-30T15:54:53.540065Z","times_seen":2053,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/chunk-vendors.6ef765fa.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/js/chunk-vendors.6ef765fa.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:01 GMT\r\nx-oss-server-time: 5\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9958FFB53134441F05\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16184782789754269720\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: jniEYbqRWty/z6mxDDXyZQ==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: gD7bUNbnM1ScojGUGMyqxN2CNyEE2Iw3RAFOeDdYBKL4dl77obalFQ==\r\nage: 295804\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":214670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators","md5":"8e788461ba915adcbfcfa9b10c35f265","sha1":"bc3841eff0c3841cfdef9a2f1e1b5f1d0dd6c26e","sha256":"69ced1151fb1b32d26c8b70739681828a1d99333c4a08114c98cd8af90b3f2ca","sha512":"b20ea5f22352ee329e6982d0fbd14fa2f4607a186b2d2973a99e43975164b2c6142b8ce87f7d5f54f47cb41bd6a33329ec3d09fafcb971de6e316ce5c0c8cfe0","ssdeep":"3072:gZcGj+j4Cm4m5BJ1IWqq/1cuC+4DdC58+skrMJz+8:gG27J1Wycu+4ikrMB","tlshash":"1424f7cdbb92f06843a335a4806f150bf17b6a18f40e81d4e6a6d5d1ac78a8e5137f3d","first_seen":"2025-12-10T08:58:23.267899Z","last_seen":"2026-04-30T15:54:53.539387Z","times_seen":838,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=c251487fb46c63eebd32d5c252f4025a\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365313\u0026_lt=\u0026_u=\u0026_xma_=","fqdn":"api.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.22.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 07:17:51 GMT","end":"Tue, 23 Jun 2026 08:17:48 GMT"},"fingerprint":{"sha1":"E4:6E:E8:0F:49:09:BA:FA:14:45:D9:04:38:62:26:F3:C5:BE:96:E3","sha256":"28:5D:C7:8F:3A:50:61:E5:67:F4:07:89:5A:0B:3A:FA:8A:41:33:8D:CF:D0:28:9C:DA:29:17:3D:CC:02:DD:1A"}}},"request":{"raw":"GET /sys/company/plugin/get-plugin-info?plugin_sign=c251487fb46c63eebd32d5c252f4025a\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365313\u0026_lt=\u0026_u=\u0026_xma_= HTTP/1.1\r\nHost: api.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\ncf-ray: 9f25dc25aaed56c0-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: https://usdcsavings.icu\r\nserver: cloudflare\r\nvary: accept-encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\nx-request-id: 5896bac4-80f0-4080-bb6e-8191c8ad8184\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3843,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"62d5448f8a1998ed829707dce0a0ff3e","sha1":"6c976966541e072acb6ccc2b572ef2c9e69b66d3","sha256":"476420491d0c69d3ef9a5ec0dfd8dff08621fd907a881e75a9a2a0b12115065c","sha512":"387ad884ad289c9d35442025e3d475a919a9736b662c58100a0e4bc9157b3676822158f427ced4d717438460f04c2c7817686a982a85680b397de1a80f4ff86c","ssdeep":"","tlshash":"cd814331911bcc62a19348a861fcad616e8e8774c1cc8e55ddacce1e89fc8f69b0650f","first_seen":"2026-04-26T13:16:36.121142Z","last_seen":"2026-04-26T13:26:32.778544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":43,"dns":16,"connect":1,"send":0,"wait":229,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/log/log?plugin_sign=e657cb9c1a771963e1cb4ec75b4c8639\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365333\u0026_lt=\u0026_u=\u0026_xma_=","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/log/log?plugin_sign=e657cb9c1a771963e1cb4ec75b4c8639\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365333\u0026_lt=\u0026_u=\u0026_xma_= HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 749\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":749,"data":"log_type=CHAT_MSG\u0026data=0qH8PTXG1nmb1nohMhHGlnR9fnzWyh8htTV8rCyiyQV%2F1Ncb1nmvrN%2BvsVzVfGHWfhypyGcW19X%2FyAKhyh8hrQjWtazErdyiyhypyQrpPStbfQXQyAKhyh8hfQzWPXz40NYVyAK9BdH9rNH51nz%2FyAKhtAO%2FlAv%2FIqkjN5OSI5s5l26qMeoqI56hBdHpsnmGtnuGrCyiyQX%2FBXX2yh8htNHpyAKh1Tc4fTliBqzaf9cAf9u91nmGfqmEsSDWyh8htnOhMhHIPSEEP3j%2BB5D%2Fld6KX9V%2Fr3zSfqYMXd6jldk8MqYN1nk9IepR0es4MqYqtAKjl5o%2FldvRc9XA19FWlA6jle6jleORcQVqrnrW0dFjl5o%2Fld6hBdHpP9tbr3u4sCyi0qHvsVrVfGIEP9khMAOpyQXk1NI41nmGXQXqf9VWPhyiyhypyQXqfQzqyAKh0a8hPnX5f9uGrX8hMV8hoCYwtNc%2Bt3VWPhYWf3XqsNcEP9kRt9u5y3u4t3XwfTcVrdYWPhY%2By3c%2Bt3uhsNIVyTcKsNoRr3Vvy3mWtdY%2BP3jWtqYwtNc%2Bt3VWPGl%2FNdHzyh8hfScWfQXMsnaVfqyinSphPQuwrCyiyGI%2BP3X5Pnuqt3jmNSYbr5uKIGuWPazp1NI4yh8h19XmD3u41dyiyQVvyGatbN4%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc25accc8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"77e652f404f47086bb49598b43b92d9a","sha1":"9b4981aa40e98879d7f2efda3261e0f0c76a0d78","sha256":"052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5","sha512":"70e55dcdfca4754735386a3074c028d1047fce9b9d946cc84c2ea59d57799ffdc8071abc4c62142e2a1c319a948ad71eb696e0892bcaf1ce41f4616026a6bb63","ssdeep":"","tlshash":"bf900433341cc3470d05504f50053715d0f410500f104751ccfc0314430c4d57143410","first_seen":"2023-08-03T19:40:41Z","last_seen":"2026-04-30T15:54:53.482847Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":37,"dns":3,"connect":5,"send":0,"wait":191,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Trust-BXfqQr9U.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Trust-BXfqQr9U.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 276318\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-4375e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":276318,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"2af2df5bff9732ad0b4cb4d58762b8a5","sha1":"01d1897fc38ad755a9b9956afa8aeefbb22415ef","sha256":"b64abee7ab5e4a44c87e35fb154b5f8b04c061d7ed3a7a2056fb6da32b37f894","sha512":"c81c03a6f5a985c39b6eee7cc76bea7f1ef44bd687b6cf23577c6025302bcc3f806cee9234bc3a03c55472145be6169c9fe964e705a6a5123a6514c86ced45d1","ssdeep":"6144:OJ5C5dKaASh4PnFAHdr4/jAf5Q1U9F6tE2PY7yTPGIwtRHbVbB0q:OJ5YLASyPSXfcU9F6A7yTPG5d","tlshash":"d14423edf4ee9765d08478fb20c897810933d503f40f5a9c759b266a688e17f2181b97","first_seen":"2026-02-11T03:43:01.208059Z","last_seen":"2026-04-26T13:26:32.735652Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1245,"timings":{"blocked":277,"dns":1,"connect":136,"send":0,"wait":271,"receive":413,"ssl":145},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Sec-bMwMGbMr.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Sec-bMwMGbMr.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 86598\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-15246\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 776 x 206, 8-bit/color RGBA, non-interlaced","md5":"b99312e5f45f58c60660f17eb11bc5d7","sha1":"20495b7b32e4a59f90046c5a8ddbf8ccc47f4661","sha256":"9c9e7f82045047dda20cb52d6ef14e7db86751641dc7a5bf9085de40df2beb35","sha512":"83ae4f2717d3da10e18458804768bed2ec1bbf080c097ab5d35af30c268f4aab8aa0acc247154533764bc9d5a6525ae7a2d1a8f642543fe1986becbc16c266f7","ssdeep":"1536:Sq0qyJhx+u2tuD3vJ3U1pEhS7lieGFK7XbeNAY0dvifK126wP5i/TcB8DPCQNABs:SqRyJhx+A4u87lVOsBdafKofU7cuFNAG","tlshash":"3c8302cf2e7ad590ed64f172a9bc8a321335606cc87ed328f500db1d6af4a167ec54a4","first_seen":"2026-02-11T03:43:01.193342Z","last_seen":"2026-04-26T13:26:32.757851Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1120,"timings":{"blocked":956,"dns":0,"connect":0,"send":0,"wait":136,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Fincen-DdpYly6j.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Fincen-DdpYly6j.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 104073\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-19689\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 760 x 204, 8-bit/color RGBA, non-interlaced","md5":"91c1ed48039d379dd3b9870a0e8b392a","sha1":"5c8a3fbb813fed8ed4c8b066f00efba4fd1872cf","sha256":"e2aa7070bcc0edd3257b38dd0acc0e8330e9481a4529953dadad2f03ce1127f1","sha512":"4aa4bf0f6f70278d2b1eb9deff170acec77009c37c71d6d19a01904e0423a147304c797d7fce87b823d3afdd887365c02944f45b7e5e64e7f13ca9aac4076cb1","ssdeep":"1536:hgN+WKFhZtUe8ZiE+DM6lkBzI2MSwMpyQ4TMQBDxlQpOKSjoe6KNVwM13IChzxum:hgN+BgfZv+DvlIwQ4MQBDxlQwlVbdhkm","tlshash":"70a30257f1e2cac8ea97e431e6ba5e264dbfa07017d94980ecd50278b369ed04438fd0","first_seen":"2026-02-11T03:43:01.194324Z","last_seen":"2026-04-26T13:26:32.771036Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1134,"timings":{"blocked":1005,"dns":0,"connect":0,"send":0,"wait":127,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/chunk-common.1fe290ca.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/js/chunk-common.1fe290ca.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:02 GMT\r\nx-oss-server-time: 5\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9A34AB6E3530D2F845\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5578543489120064230\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: PI/iz8rNgGCTjU2+km4dDQ==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: aIFsVMzZsAwXN-tiqd4nOjOdiAO3mUjD8HUWv_CsUXqKhU7L_9pcEQ==\r\nage: 295803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":27007,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (26864), with no line terminators","md5":"3c8fe2cfcacd8060938d4dbe926e1d0d","sha1":"7b23bbfe19b8a262125bf4f78989b830142898c4","sha256":"8e39535291c7206d43f2d05f8367e3ce7516119a71e12579e1c180ff7554d91c","sha512":"6845a4cb9edb12c15d9053f6719b889965df3bb33640314b9e44b0953c856a792c6f38a91ff7d65b90ccf59d326985f980904817a37fbe6ead6e3fae3ad4298b","ssdeep":"384:kF9kWEuK2U72UecAvTbDPnPuTc2YejErqSqcDRVE1eDTaR5HJrCiKMcJHI7jW:q9mZ72UecAvrPuSqSpEXIMoyW","tlshash":"c2c222ccf2dbf0650b9a38a481bf110ae63e7d99b44e9196d261e0c17c3454da273f9b","first_seen":"2026-04-16T05:45:19.491679Z","last_seen":"2026-04-28T11:57:15.259492Z","times_seen":148,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Okx-DCuESfQ4.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Okx-DCuESfQ4.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 49211\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-c03b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":49211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"73af846ae60c8175bc297e0d0da005c0","sha1":"a90e92232d22dc1f8b14e1a77aa21afddcc1a3f6","sha256":"7ad4b9e361d8429f36a90f22896efa2b8c3f99d859c3c023ebdf131dbf54a897","sha512":"f6f3ebdcf9a31391e3c0e83e5bc93002a4b42f9e50dc7bb9bc8670b61abac4f98a1acccd98f4532389fa44024e2a271835cf0d08f66ad9c1a35d2695dd2c2cde","ssdeep":"1536:o7kE8IplIbBJNauQVlsXwTpb/xNXo9CZAz:o7kE/pqbvaYsZAz","tlshash":"7123f1b37cb2cd09e9613cb1ee78f7dab078d7ceb11607a6c8a1398216e154d2414d76","first_seen":"2026-02-11T03:43:01.198534Z","last_seen":"2026-04-26T13:26:32.72979Z","times_seen":4,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":355,"dns":0,"connect":0,"send":0,"wait":244,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/uphold-CD9KdTTY.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/uphold-CD9KdTTY.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 311106\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-4bf42\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311106,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"24312b40ada3aad665734207a877d37d","sha1":"bd32cf86e5fdaaa75480f4271d32733fa0dac4e7","sha256":"6e76ac3c84221c76cb891848dd0ed41f7ea422c306f7b86c6afcddd12418fba9","sha512":"a1021bb6f4c63c4475e312122790198a42c41b664720483ea434f773c4f72428bc5f60c68143fa2e7b80119177d85c7d676cd0883b0b51f1b0c4ecdf5add18cc","ssdeep":"6144:gBVokX6UjfAGkajQZGZtbHsufSzwjPPB984xZZq0R8nvimYpUUhKq6:gBVzX6WfAGt0cZtg0PBDBAviiUhKq6","tlshash":"176423cc4fcbd27ccefc1d3a5816e806196c054345683a381a3a149ee8567beb2ca56f","first_seen":"2026-02-11T03:43:01.218605Z","last_seen":"2026-04-26T13:26:32.768941Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1007,"timings":{"blocked":736,"dns":0,"connect":0,"send":0,"wait":122,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Defibox-BHGNj9Eu.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Defibox-BHGNj9Eu.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 279715\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-444a3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":279715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"56aea5ea38ef6c66bffd796717d64c62","sha1":"3399f06bb5e9641e4c6dd5ee015249d8b90491ce","sha256":"ea1c65992920f5d32b62b8c7a5a4a8fa810a5f6abf0b29204426c7d6746650c0","sha512":"b686c5bce1c7a267321a9578c8d722a8ca216e93d7e9325b0a09aaaed826e8798a27eff7948bc1c459d2d72fb4ce94f3cdba287623b9aa0046a06aa2f9d646a0","ssdeep":"6144:t2cF9l8HvOzn3KnxZefgoOrgFEgjDPa7pViADtTjf:ocF9iH0n6nrn/sbD4icf","tlshash":"835422950d319ba2d72d1b38ddeb8faeb4720c28876eab842c3d982cd470755716612e","first_seen":"2026-02-11T03:43:01.210235Z","last_seen":"2026-04-26T13:26:32.749512Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1128,"timings":{"blocked":833,"dns":0,"connect":0,"send":0,"wait":137,"receive":158,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msg.salesmartly.com/chat/chat-auto/user/trigger?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366567\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091","fqdn":"msg.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msg.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 03:56:18 GMT","end":"Fri, 19 Jun 2026 04:56:14 GMT"},"fingerprint":{"sha1":"3D:A2:6B:19:97:82:23:11:10:B1:04:28:BC:92:55:73:D4:24:D7:6B","sha256":"FD:D5:E1:0F:63:14:4C:3D:C6:7A:C3:2C:AB:8E:7D:73:CA:F4:E3:D8:7B:E6:08:8D:E9:3C:FD:57:04:B0:51:A6"}}},"request":{"raw":"POST /chat/chat-auto/user/trigger?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026plugin_sign=6a09294cfad91aadb48bdfcbed47b1f4\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366567\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: msg.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 13\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":13,"data":"is_new_user=1"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:06 GMT\r\ncontent-type: application/json\r\ncf-ray: 9f25dc2d5d1bb512-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: https://usdcsavings.icu\r\nserver: cloudflare\r\nvary: accept-encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT, Keep-Alive, User-Agent, Cache-Control, Content-Type, Authorization, Origin, Cpl, Client-Type, X-Requested-With, Accept, External-Sign\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\nx-request-id: bfe34dc8-aeef-40ab-8ff8-5116cf4d6fb8\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b210154a96c28a41ffbe341a228c02a","sha1":"2e5751bde9f2323a79989d165f22ba111624ab76","sha256":"57109c9877bb6690c6284c7b2b98088071ee4762449b6b5659dd908bf9d703e3","sha512":"16fc9ff07ff4e167be6b24dad448fe7479cb1e5b50d5e7f251c84852e4c67d8caff68a1eae5be69b8f4561d97bc6d41be026597033718181025b3a97c7e292fe","ssdeep":"","tlshash":"89800023282c2c830e0238cc880e8b8820e820808e200330cc8ca228cb080a8ba82830","first_seen":"2023-06-30T01:11:08Z","last_seen":"2026-04-30T15:54:53.533777Z","times_seen":1622,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":32,"dns":2,"connect":3,"send":0,"wait":242,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/station/log?plugin_sign=faf59674fd357aa74808cf1492446d00\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209367072\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:07.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/station/log?plugin_sign=faf59674fd357aa74808cf1492446d00\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209367072\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 463\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":463,"data":"data=0qHafQ8hMhHKtTc8f5KWBSX5r3I5sNrEPQt5BQVAtCFhBdHvP9a%2B1nkhMhHaf9cAf9u91nmGfqmEsSDhBdHasCyiyvaW0QVpP3OWICk8yd%2BN1nmvPSt5yOmDyeO8BA6gyutEPAs4MqYkIAogyTH9MAO5Idk8xCYTrnIZPqFqleO8leO8lCY31NHVrQzkB5O5Idk8yh8hfQXQyAKhyh8hP3u%2FrqyiyQX%2FBXX2yh8hs9%2B%2Btuzaf9XqN9VvyAKhs2o5I5sas2rVl9uArel5s9y4lQo4leDmI9DjI5uVl2fhBdH8PTXG1nmb1nohMhHGlnR9fnzWyh8hsnI41nz%2FyAKhf3uGrXrErNfhBdH4P9wVPhyiyQOmlAomI56qInr%2Bs9D5rAY%2Br3cVsAVQrncQs2cvrnOSyh8htnVvyAKhyG4%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:07 GMT\r\ncontent-type: application/json; charset=UTF-8\r\npriority: u=3,i=?0\r\nset-cookie: ss_uid=f2fad4e2b397ec3f4e8a37011d0c568c; expires=Mon, 26-Apr-2027 13:16:07 GMT; Max-Age=31535999; path=/; domain=salesmartly.com; HttpOnly; SameSite=None; Secure\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc303891b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"e3664c91d7575cc4bde4a57ca00817e6","sha1":"76a05936bf812c3cbdb04a401a36c1ab67cfde44","sha256":"09b6c3c4314a03c697ad1e796356bf4626d2342bed732164784623d49674e450","sha512":"37c8b1d3c26f1cc919323424de64db21ae8063065069e09b5aad7c56dd7f99b3119e7476c42ead4017eaca4c8d006f0ca0ed997158ab43c359e7dede035c35d4","ssdeep":"","tlshash":"afb01271181402470e08500f64042320805814b4da501351ce7803144388854e461091","first_seen":"2026-04-26T13:16:36.129724Z","last_seen":"2026-04-26T13:16:36.129724Z","times_seen":1,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/install.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/install.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:00 GMT\r\nx-oss-server-time: 5\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9858FFB53134D31305\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8387773107854653388\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=600\r\ncontent-md5: FsqGuUiE9/zRILehMcS4iw==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ji70pj_BQJLJjYFT9tlqptBRQ7BGHPdlWfgHGABRUNh4BaCgyQBdTA==\r\nage: 295805\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":20811,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20811), with no line terminators","md5":"16ca86b94884f7fcd120b7a131c4b88b","sha1":"e6dde4d214a99480bc337b0b1dfe51f8ad59102d","sha256":"19478b46ee6f0957ca4b25da349069a39e9b578247b69e08515722c07dcccdd3","sha512":"1df178bc5153415f7a3d3a322fba662625b84261633981cb2c967eb0df0f43d545d8c293420d48b804ce8862e928f722ae10a277ebfa75c8f6978d3450c8ab1b","ssdeep":"384:JPyg/NXbASoSALbGf4NwNiB0W9jyyxRyL1hKGadeBTKSwQU:Zyg/ia4NQiGWwnLadeBTGl","tlshash":"b4921a48742a7c7842ae563325fea214207f1b852931d4a0f26cdf786b78d875177ebc","first_seen":"2026-04-16T05:45:19.555213Z","last_seen":"2026-04-28T11:57:15.263348Z","times_seen":148,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/js/plugin.451b1a0b.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/js/plugin.451b1a0b.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:03 GMT\r\nx-oss-server-time: 4\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9BAA0DCC3031064BF5\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3187455923437955973\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: WJjIgj/GKT+KtSQo03+gnA==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: QMp-WI5p7gXY2wYev14vrfFMUajhBDDhySkPbVIEJ75DF7HXc3PpfA==\r\nage: 295802\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":380050,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62398), with no line terminators","md5":"5898c8823fc6293f8ab52428d37fa09c","sha1":"919c572ba4c7e9bbcaf4f9cbf3c2931f0aaf49d3","sha256":"b29599cbfe9293e3d88ea0e97e4f7439a525c124e3e692cab87206a29c9173dd","sha512":"e5c5193fc6801f8454048b8d3d208ec7a3dcc75065b52a2319adced34ba996cd076d5cc90bcb2d44792a7e7e3e6e8a4ce3f4bbe11c63430aa7706c2cfe4ecd9c","ssdeep":"6144:G0bg30bPKQQDLVQbOUvzhDetWx9a+gcmLTzrqGKAbCPfvaHcqiQUd+wa8Ar4gWDE:5bPKQQDLVQbRvzhDbMzrqGKAbCPaHcqn","tlshash":"47843a49f5c9f86b07b361b1602f6009b3ba1b48e409d8e0fe75d6e91ab4d496323f1d","first_seen":"2026-04-16T08:39:04.005764Z","last_seen":"2026-04-28T11:57:15.252735Z","times_seen":134,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Okx-DCuESfQ4.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.967Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Okx-DCuESfQ4.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Etherscan-DWsTYNuU.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Etherscan-DWsTYNuU.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 315611\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-4d0db\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":315611,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"7f95849b548330bcca9853a0d76bd1aa","sha1":"82df3f95d869300aa391ac981ab9d7be2b33a4e3","sha256":"db8ba203f94157e4a077777f847df00a8135cd6eb242e5334e5fd640c3ddc8c0","sha512":"4e80b07259fd2f4c257362c51de9878282e6d78f3c1590b26e00e1994b6776df3635338ac171c96096bd6dcc621ee7e659d76a5c8367c90fb4ccb5d8d66edb52","ssdeep":"6144:B5mECJq0JQgUQ8v9+imlhDUp9SHF+V36dO8cS6Z1AP2dytNdTv7r:B5mvc0Bu0XD3HO3wcLZxy7Jr","tlshash":"e0642363eef77980dbdd1a3ade1284872872e907d714e43481bb22e13d11dba4f63958","first_seen":"2026-02-11T03:43:01.214631Z","last_seen":"2026-04-26T13:26:32.763405Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1140,"timings":{"blocked":257,"dns":0,"connect":121,"send":0,"wait":243,"receive":381,"ssl":133},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Coinbase-qpUn7Nen.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Coinbase-qpUn7Nen.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 350179\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-557e3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":350179,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"af4c5b8aa430bf282df845d9d7d915bf","sha1":"28715606abf983e718d795a9352fde55f4c8b207","sha256":"332d2398eaac44e6d6eb30d4207c7af0928ca74bf8397bb5b4f12811b2ea9826","sha512":"7c80e382269b796beb5845fb82947323c6ce8279452c5f7f7fadfd63d8658ae15886aa9b3b5b43673a57d5c303211b68476d1b8ece9043927ef6351620de590c","ssdeep":"6144:Qw8OScoaUyrTfM8ZVAAi/c9dItFXvRXKkTdb5lCJ+JZCif51DeDFES:oVaUmfLVACwFXvRvTdbXtS","tlshash":"f87423e483aba3a2efdb913dd96e75704a1018cb94d10f39f0b75a0bd898435658b42f","first_seen":"2026-02-11T03:43:01.221787Z","last_seen":"2026-04-26T13:26:32.73829Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1132,"timings":{"blocked":873,"dns":0,"connect":0,"send":0,"wait":121,"receive":138,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/index-CGk-1Ye2.js","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/index-CGk-1Ye2.js HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/assets/index-CXuUGjaQ.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1752\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-6d8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1752,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1751)","md5":"4c7a560c437b4480a956a65fa9b74536","sha1":"0e0e11a02c7b098e451322e7bad5d578f3d272af","sha256":"cf533c79a024ab76364c22be39b8a1f756e37c72161f28be494d9973fd6e115a","sha512":"7e7c6f64d4c51d30b4c2a675857159d97d2af534a88938d57c30267ed8899831f03e8b855d636ce48ef2df15c853d8b3c7e1679141e351ca0c705fcf797bf1cc","ssdeep":"","tlshash":"cb31e0258382337129ab190434e4e451d928f518a4ef8090d677cab6c78fcd5ddf7696","first_seen":"2026-02-11T03:43:01.212302Z","last_seen":"2026-04-26T13:26:32.751065Z","times_seen":4,"resource_available":true,"data":null}},"time_used":433,"timings":{"blocked":180,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":131},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"client.salesmartly.com/setting/sounds/ling.mp3","fqdn":"client.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.42","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /setting/sounds/ling.mp3 HTTP/1.1\r\nHost: client.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: audio/mp3\r\ncontent-length: 47223\r\ndate: Fri, 17 Apr 2026 02:30:39 GMT\r\nx-amz-replication-status: REPLICA\r\nlast-modified: Tue, 02 Jul 2024 06:29:42 GMT\r\netag: \"1065fe976ff9e98d69772fe0f0d7b808\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=15552000\r\nx-amz-version-id: J6b7RzocQsVXwTzS3QxevgOr1gKTyblY\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ncontent-range: bytes 0-47222/47223\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d229ccc15dd984a81023d1b57fa0adbc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: IMqy3r6H0AfXVUTqCC3xCHcUvqUe9aAmE-sgXVrxmNd33W0XKcDj9w==\r\nage: 816327\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":47223,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo","md5":"1065fe976ff9e98d69772fe0f0d7b808","sha1":"122193fafe8453db01635cf4502524eb93264fdc","sha256":"35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983","sha512":"7d0de1b98c66aaa939f56253d100f5efc36128c2b8420fc8c932f68873a643a1179411a9410125aa3ff5512f74dad1209f2e19c5a0734d4582c5b94280e242a7","ssdeep":"384:ju+iqqxhBRBJ2zjBQRB57Nsyf+/C6ufaPkm5NyxGo5Vtll9rFd1ft7FDehm:junhJdlac","tlshash":"00239434b6a108d0e14eaaffb0deb2121e771ec3cd56a84075ef78044fb1179255b8b6","first_seen":"2023-04-19T11:38:49Z","last_seen":"2026-04-30T15:54:53.490033Z","times_seen":2445,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":72,"dns":65,"connect":1,"send":0,"wait":3,"receive":2,"ssl":5},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/log/log?plugin_sign=48b5c8d56a9304a521e59d268a1948e1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365323\u0026_lt=\u0026_u=\u0026_xma_=","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/log/log?plugin_sign=48b5c8d56a9304a521e59d268a1948e1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365323\u0026_lt=\u0026_u=\u0026_xma_= HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 588\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":588,"data":"log_type=CHAT_LOAD\u0026data=0qH8PTXG1nmb1nohMhHGlnR9fnzWyh8htTV8rCyiyGtEPVzpP9uvyh8ht3zZrnkhMhyhBdHQP3zSN9VvyAKhyh8hrQjWtazqrnshMhyhBdHqP9zwNScmf3DhMAspyGrVfGIEP9khMhH9lCkqMCkSBAubl2fSIAljleykIeySldypyQj%2BPQtasntVyAKhrnkwXXlhBdHafQ8hMhHKtTc8f5KWBSX5r3I5sNrEPQt5BQVAtCFhBdHasCyiyvaW0QVpP3OWICk8yd%2BN1nmvPSt5yOmDyeO8BA6gyutEPAs4MqYkIAogyTH9MAO5Idk8xCYTrnIZPqFqleO8leO8lCY31NHVrQzkB5O5Idk8ydypyGX5rXz41naVyAK5leRpyQjWrazvsNc%2ByAEgyQHqPSt5rNHbfSX8f3zqtdyi0qHAP9zZ1nX5yAKjBdHpP9I%2BPuI4PSH%2Br9DhMAuzBdHAtNHqrnm4D9Iq1NY4yAKh1Tc4fTliBqz8PTXG1nkws9zvrCm5snjVf9a%2BfGcp0CmAP94hbN4%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc25acc58deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"77e652f404f47086bb49598b43b92d9a","sha1":"9b4981aa40e98879d7f2efda3261e0f0c76a0d78","sha256":"052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5","sha512":"70e55dcdfca4754735386a3074c028d1047fce9b9d946cc84c2ea59d57799ffdc8071abc4c62142e2a1c319a948ad71eb696e0892bcaf1ce41f4616026a6bb63","ssdeep":"","tlshash":"bf900433341cc3470d05504f50053715d0f410500f104751ccfc0314430c4d57143410","first_seen":"2023-08-03T19:40:41Z","last_seen":"2026-04-30T15:54:53.482847Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":40,"dns":12,"connect":3,"send":0,"wait":191,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Etherscan-DWsTYNuU.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/Etherscan-DWsTYNuU.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Defibox-BHGNj9Eu.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.972Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Defibox-BHGNj9Eu.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/logo-CYTjccDg.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/logo-CYTjccDg.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 103454\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-1941e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103454,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 281 x 281, 8-bit/color RGBA, non-interlaced","md5":"cfe4e8ce262978821e360c3252baf42a","sha1":"40e19206539e1fe984b64b7f7029cfdc4d87ccac","sha256":"73cc11f450f411d66609fa34a9c1602725d4ae309da76ea141ed68a378b8375a","sha512":"d47a2d4ece20c9c15b42b127d935f1e6dabb53252183192906b84de4ac5a697d3d8188613aa424307b9ecc07296734bb8f07496502149d875f9917affe6a0fb1","ssdeep":"1536:eApHNTNeywK80nT3wUcViMd1pF+VUx9ui2bF6UN29SriD7DC5tz4DfRgJEI:eEHNTNFpXT3w9J7x72EUZiPutznj","tlshash":"bfa312a03f913802edf9690845f571ca0fde1b5eafd513c0a609bb0bb95c54de0e96d4","first_seen":"2026-02-11T03:43:01.203118Z","last_seen":"2026-04-26T13:26:32.74302Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1024,"timings":{"blocked":271,"dns":8,"connect":122,"send":0,"wait":243,"receive":244,"ssl":134},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/index-CVZuMAdA.css","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:04.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/index-CVZuMAdA.css HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:04 GMT\r\nContent-Type: text/css\r\nContent-Length: 12759\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-31d7\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12758)","md5":"46e707fefced964c70c03fe896f5d231","sha1":"9970e4b820871f9e87c69f723638c32a42d5f4c0","sha256":"a40f4d1e2346921aef9a589175f68a4de163153e12244b5efcb32aaae4847657","sha512":"25a0b5e011939d34e2982eccd5d9dcb7f5cdaa369d90001aff97fc2638a7960ae2ab4ec4a26d96b7a25f22d682ce9f6f8e830fbc417fcd816a3c1337a1a7372e","ssdeep":"96:6dfikvy0hdTD1QnOb4re1EKHf9jpGqeAbzmjkTo71yOkz4ey2blnLfgLIwvR4E:6dff60bqnOkCzn5y11y7433neE","tlshash":"2542b7116601303ef6bfd6e0b4e0b6eab014d651d16787bee662702ac6c72f707b1b19","first_seen":"2026-02-11T03:43:01.222714Z","last_seen":"2026-04-26T13:26:32.756915Z","times_seen":4,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":251,"dns":1,"connect":122,"send":0,"wait":244,"receive":1,"ssl":129},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/css/chunk-common.047ebad9.css","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/css/chunk-common.047ebad9.css HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:02 GMT\r\nx-oss-server-time: 4\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9A4E81D53637FCA076\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15301035701198459371\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: kuhLBjVJMHRRHJR6J/nD0w==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: YCovKFJjg0P_Y060Ys347SkAofYjQj9zytSmgZxTZcX3_YWqVWRXzg==\r\nage: 295803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3567,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3567), with no line terminators","md5":"92e84b0635493074511c947a27f9c3d3","sha1":"1063727a5ae72bb23c46dad693b4b45828e2a74a","sha256":"85172738795fe7c2d724963c00cddb49256a70767071cea32d1729b809702ffe","sha512":"9ee606d5139307b4a204d111caf4297943a1894038526b59e9c0a4bd5a034fd328cdfc85edc24dd76732407f80e93aafa317fa53d85471a7dc45c23f4a72a854","ssdeep":"","tlshash":"e2710de5d50814ed7333c902a385b298ad92f5b2d8e04e67f01f562c8ff2655a291f39","first_seen":"2025-08-28T20:02:37.799245Z","last_seen":"2026-04-30T15:54:53.54795Z","times_seen":1764,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/log/log?plugin_sign=61f34a2f15db6a7caa6829a09f5df6ed\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365320\u0026_lt=\u0026_u=\u0026_xma_=","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/log/log?plugin_sign=61f34a2f15db6a7caa6829a09f5df6ed\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365320\u0026_lt=\u0026_u=\u0026_xma_= HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 490\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":490,"data":"log_type=CHAT_LOAD\u0026data=0qH8PTXG1nmb1nohMhHGlnR9fnzWyh8htTV8rCyiyGI%2BPnXbr3umN9jWsnohBdH4P9wVPhyiyhypyQrpPStb1nohMhyhBdHQP3zSNSHVrhyiyhypyGHWP9abtTV8rCyiIh8htQXqf9VWPhyiyGsjBAymBAf%2FlXFjI5f9l5O8lAR4lAf8yh8hP3u%2FrSX%2Br9DhMhHVPhaXDqypyGXqPdyiyQ%2B4tTY5MhFWtNIvsSI%2BtQV%2FrSl%2F1nIaBqypyGX%2ByAKh2nzi1njpsCFaBA6RxutEPQcWtSlR2VoRl26%2FlepRX9V%2FIAogyTR9IepRfGsil2l4BA6EyOtVs9wWB5y8l268l26jyOrEfQXQPSRWl2l4BA6Ryh8hP3zGN9c%2Bt3OhMGpht3VwrNI4sna8yAKhl2fSI5y8M2l9I2ljMCHzbo%3D%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc25acc28deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"77e652f404f47086bb49598b43b92d9a","sha1":"9b4981aa40e98879d7f2efda3261e0f0c76a0d78","sha256":"052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5","sha512":"70e55dcdfca4754735386a3074c028d1047fce9b9d946cc84c2ea59d57799ffdc8071abc4c62142e2a1c319a948ad71eb696e0892bcaf1ce41f4616026a6bb63","ssdeep":"","tlshash":"bf900433341cc3470d05504f50053715d0f410500f104751ccfc0314430c4d57143410","first_seen":"2023-08-03T19:40:41Z","last_seen":"2026-04-30T15:54:53.482847Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":43,"dns":15,"connect":1,"send":0,"wait":190,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/log/log?plugin_sign=e657cb9c1a771963e1cb4ec75b4c8639\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365731\u0026_lt=\u0026_u=\u0026_xma_=617091","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/log/log?plugin_sign=e657cb9c1a771963e1cb4ec75b4c8639\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365731\u0026_lt=\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 749\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":749,"data":"log_type=CHAT_MSG\u0026data=0qH8PTXG1nmb1nohMhHGlnR9fnzWyh8htTV8rCyiyQV%2F1Ncb1nmvrN%2BvsVzVfGHWfhypyGcW19X%2FyAKhyh8hrQjWtazErdyiyhypyQrpPStbfQXQyAKhyh8hfQzWPXz40NYVyAK9BdH9rNH51nz%2FyAKhtAO%2FlAv%2FIqkjN5OSI5s5l26qMeoqI56hBdHpsnmGtnuGrCyiyQX%2FBXX2yh8htNHpyAKh1Tc4fTliBqzaf9cAf9u91nmGfqmEsSDWyh8htnOhMhHIPSEEP3j%2BB5D%2Fld6KX9V%2Fr3zSfqYMXd6jldk8MqYN1nk9IepR0es4MqYqtAKjl5o%2FldvRc9XA19FWlA6jle6jleORcQVqrnrW0dFjl5o%2Fld6hBdHpP9tbr3u4sCyi0qHvsVrVfGIEP9khMAOpyQXk1NI41nmGXQXqf9VWPhyiyhypyQXqfQzqyAKh0a8hPnX5f9uGrX8hMV8hoCYwtNc%2Bt3VWPhYWf3XqsNcEP9kRt9u5y3u4t3XwfTcVrdYWPhY%2By3c%2Bt3uhsNIVyTcKsNoRr3Vvy3mWtdY%2BP3jWtqYwtNc%2Bt3VWPGl%2FNdHzyh8hfScWfQXMsnaVfqyinSphPQuwrCyiyGI%2BP3X5Pnuqt3jmNSYbr5uKIGuWPazp1NI4yh8h19XmD3u41dyiyQVvyGatbN4%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc27de97b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"77e652f404f47086bb49598b43b92d9a","sha1":"9b4981aa40e98879d7f2efda3261e0f0c76a0d78","sha256":"052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5","sha512":"70e55dcdfca4754735386a3074c028d1047fce9b9d946cc84c2ea59d57799ffdc8071abc4c62142e2a1c319a948ad71eb696e0892bcaf1ce41f4616026a6bb63","ssdeep":"","tlshash":"bf900433341cc3470d05504f50053715d0f410500f104751ccfc0314430c4d57143410","first_seen":"2023-08-03T19:40:41Z","last_seen":"2026-04-30T15:54:53.482847Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/uphold-CD9KdTTY.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.971Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/uphold-CD9KdTTY.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Coinbase-qpUn7Nen.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.973Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Coinbase-qpUn7Nen.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/MetaMask2-Bg53YWf4.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/MetaMask2-Bg53YWf4.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 293384\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-47a08\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":293384,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1727 x 575, 8-bit/color RGBA, non-interlaced","md5":"053512adb7991eb606f48ea20cd1bc4e","sha1":"698972a3b2b610f435e606541646edceb1f1c1bc","sha256":"de162dd78cfd222c02669d3dcff17dab0169e79344cbbf31bf6d84cc98400985","sha512":"ea1871d7db5837b9ab3254e99aa2157bf14be560313281552b38a5dd48efe43ef5c7128291b9e23c8ff650a65f4e1622d80b6f004adc384ec812626c4b1f2415","ssdeep":"6144:ePQYTJ7NZEDKuURj2UgopRWAc2ubDu1o6HP1LdaUm:ePt1ht20p0AcXbeP1LdaUm","tlshash":"8454238ca241df58d317b2775491008da73e56b3f8833e7450b378a896db9bc349a9a3","first_seen":"2026-02-11T03:43:01.200949Z","last_seen":"2026-04-26T13:26:32.744483Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1100,"timings":{"blocked":722,"dns":0,"connect":0,"send":0,"wait":123,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/fonts/iconfont.2ed03d2d.woff2","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/fonts/iconfont.2ed03d2d.woff2 HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://plugin-code.salesmartly.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 8716\r\nserver: AliyunOSS\r\ndate: Sun, 26 Apr 2026 13:16:06 GMT\r\nx-oss-server-time: 2\r\nx-oss-request-id: 69EE1016C9BFCE38305687AA\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, PUT, POST\r\naccess-control-expose-headers: x-oss-request-id, ETag\r\naccess-control-max-age: 600\r\naccept-ranges: bytes\r\netag: \"2ED03D2D50DB630E6DB43AF0AB7754D0\"\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18312883229832275330\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: LtA9LVDbYw5ttDrwq3dU0A==\r\nvary: Origin\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: fqfVv-0etBBwGjhSPgF-ef6WrzikMWfpB6SLmoBjAyswIqyYaW-kpA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":8716,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8716, version 1.0","md5":"2ed03d2d50db630e6db43af0ab7754d0","sha1":"be76b52aae516e3c80f4e0648e9706ffbf3be214","sha256":"a193d84760e849b95a98318e0e925d8f8449f4b36606a94900a6b5fc173b1f98","sha512":"f3ef820f7347e9965c737da31127c58686d8027aa04ddcb26f6ac8d47c98a49a5dde8544e3abf4084a194cf8c47e9d639c5d8cacebfaff10a3898be7df322054","ssdeep":"192:MxEayh1xopHESFdJwCa2gJyU2VnQi0eoyyn+hgd:5ay/qRESFdJ4uUWnuP9nx","tlshash":"1f02aea0d59becf2dd573efc9e08627e409c2c5a4e91b2547baf8336124b39801e09e4","first_seen":"2025-08-29T00:00:23.805044Z","last_seen":"2026-04-30T15:42:50.943235Z","times_seen":1002,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":808,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/js/project_617091_636768_1769708933.js","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:04.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /js/project_617091_636768_1769708933.js HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 07:03:37 GMT\r\nx-oss-server-time: 34\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E9C449EEA19D3339752C47\r\nlast-modified: Thu, 29 Jan 2026 17:48:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13878884606722287822\r\nx-oss-storage-class: Standard\r\ncontent-md5: 8eaScBHlJkZPNNmJLQMwnA==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: zADS-ayvk91o1-H1TTvpR9eWWjiTfDdJ3K9eAgjAgw3xZAw1ARCPQw==\r\nage: 281547\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1184,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"f1e6927011e526464f34d9892d03309c","sha1":"95e31580660ec9689f664c9453e6921b38f651a2","sha256":"fe1b4d546a267dab554e885e3d17182750ea2d1426cb4e609153c5ff1415f1e8","sha512":"58c84f8903bf4c96f23683315ec0b2081773268f95da52d36eb6ef4cd103fe8487bca6fc81fc874a443178b7dbeb63cbb16c76c3e6f26897816c315a33b0dc92","ssdeep":"","tlshash":"a721eb471c63a4797bd5727b8b3f88ad3998a2433004cc10bc4dd46c2f949e20e9eee4","first_seen":"2026-02-11T03:43:01.215399Z","last_seen":"2026-04-26T13:26:32.741178Z","times_seen":4,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":76,"dns":68,"connect":1,"send":0,"wait":24,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"plugin-code.salesmartly.com/chat/widget/code/css/plugin.ca8811dc.css","fqdn":"plugin-code.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /chat/widget/code/css/plugin.ca8811dc.css HTTP/1.1\r\nHost: plugin-code.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: AliyunOSS\r\ndate: Thu, 23 Apr 2026 03:06:02 GMT\r\nx-oss-server-time: 5\r\ncontent-encoding: gzip\r\nx-oss-request-id: 69E98C9A48E95B38392E41F5\r\nlast-modified: Thu, 16 Apr 2026 03:31:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4711444634510545221\r\nx-oss-storage-class: Standard\r\ncache-control: public, max-age=15552000\r\ncontent-md5: GJkBkDDNMX5T+a6ZYreZHQ==\r\nvary: Accept-Encoding,Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ed0b1ae4224d4a858ec43080e17ab00c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ijCawFT3Eu1DZjhHv1J1cX1ZleSIsfEPjIfO_WY_5lD79QbDLKOzzA==\r\nage: 295803\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":77948,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1899019030cd317e53f9ae9962b7991d","sha1":"b9d94d577b4c079d5fa4823f82896df59f4d9b5e","sha256":"2d16333363ea5a097558bc8675e8fd989e71e6144b89c0ff537bfb5ca3a087b9","sha512":"152a11565d2e8f381451c197d63daadc1cc14baa9c2113361549949b0a2db1b1c5ad535a152b80eea4728caa8dae9ee32b26e15d42886dae45df70b97f9506d5","ssdeep":"1536:B+1IfcryTXKrMV4wU3k1rz0JUjMBwrjlvOb/E0/qPxE7aWSlsgTu1dQq5qsLxHig:g1Ifc6KYVh0JUjMBwrj6qxE7aWSlsgTg","tlshash":"5a73a832ca15312da177e125f5c0f9d930b5c207fa230aadfda47939c2f298527b668d","first_seen":"2025-11-10T12:55:36.307776Z","last_seen":"2026-04-30T15:54:53.486385Z","times_seen":1210,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"client.salesmartly.com/js/marked/v14.1.2/marked.min.js","fqdn":"client.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"52.84.50.42","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.salesmartly.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"21:16:EC:FB:98:9D:64:FD:1E:C8:5C:02:6A:93:88:4B:65:15:09:07","sha256":"26:1B:3A:72:0D:8B:91:C8:40:3E:89:B3:CC:5C:13:07:99:A8:EB:AB:72:A0:AC:58:2B:0F:C1:C8:C7:85:2F:3A"}}},"request":{"raw":"GET /js/marked/v14.1.2/marked.min.js HTTP/1.1\r\nHost: client.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ndate: Fri, 17 Apr 2026 02:30:39 GMT\r\nx-amz-replication-status: REPLICA\r\nlast-modified: Fri, 20 Sep 2024 06:38:39 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: JFBntxsrfZ64VoXBE8CHtNjr4.xFrBV4\r\ncontent-encoding: gzip\r\netag: W/\"4726c8d370952011c5137ee8e13eb6bb\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d229ccc15dd984a81023d1b57fa0adbc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: geVnkt3_rkA570R84EfmTxCsA9dxbq-8ti-qeCIgFTz1OH1tz54itA==\r\nage: 816327\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":36489,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (36340)","md5":"4726c8d370952011c5137ee8e13eb6bb","sha1":"96c7a41fdc5d4530bb46f1a629f86ecaf068de82","sha256":"eeaba2c06a990d4602b4142cce579f4cce16fba404e6cc82c5c2f7ccb1e7bd1f","sha512":"6d7c814f6fec623660d43ef29034ba789484e0314354f247bdb4407dd7d82abe88bacac2cfbc009929b7eafcfd1bcccca1bdb946faaef74bdfb77248ef5ca071","ssdeep":"768:aH13NvoICzvRDEeJX2QLGbdpB+xJhuLPbBc5jI0sJMF2/bOCbnEytnbBOmVzFoso:aHOXo5ECPbBc5MB2A/blnEMRoaM","tlshash":"67f2094832ae3a6987d439e66cf81060e27f8e68344c545cf664f5f37c2690a61ebf70","first_seen":"2024-09-13T03:55:13Z","last_seen":"2026-04-30T15:54:53.506537Z","times_seen":1958,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.salesmartly.com/chat/msg-user/create-user?plugin_sign=ae230d754b854559ba73e62521fd59e8\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365727\u0026_lt=\u0026_u=\u0026_xma_=617091","fqdn":"api.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.22.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Mar 2026 07:17:51 GMT","end":"Tue, 23 Jun 2026 08:17:48 GMT"},"fingerprint":{"sha1":"E4:6E:E8:0F:49:09:BA:FA:14:45:D9:04:38:62:26:F3:C5:BE:96:E3","sha256":"28:5D:C7:8F:3A:50:61:E5:67:F4:07:89:5A:0B:3A:FA:8A:41:33:8D:CF:D0:28:9C:DA:29:17:3D:CC:02:DD:1A"}}},"request":{"raw":"POST /chat/msg-user/create-user?plugin_sign=ae230d754b854559ba73e62521fd59e8\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209365727\u0026_lt=\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: api.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 368\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":368,"data":"source_url=https%3A%2F%2Fusdcsavings.icu%2F\u0026language=en-US\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026user_id=b9513f3e6d7bf0250e7dafbb6e6019e2\u0026data=eyJwaG9uZSI6IiIsImVtYWlsIjoiIiwiZGVzY3JpcHRpb24iOiIifQ%3D%3D\u0026is_sandbox=0\u0026before_source_url=\u0026label_names=\u0026custom_fields_ext=\u0026update_label_type=update"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:05 GMT\r\ncontent-type: application/json; charset=UTF-8\r\ncf-ray: 9f25dc27db948be6-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: https://usdcsavings.icu\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nvary: accept-encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token, External-Token\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\nx-request-id: 2e138b3b-f4d2-43ac-ba78-8bede2363eb8\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":157,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c5ceef16fc89dd91cbb429021c241664","sha1":"b37cea50644f464b87554be419d9afcbfc50967f","sha256":"79b8b9316cdc5116a40a6e1ae58449527c1d99baa37cfafd97e9f5b74623c827","sha512":"c1f1ef827719a502595471c3a1af2be09f76726d0d4c4c67ec8a30f68e0552cd4b8802dcd298ff5699c49dc2392f6ae8d013b8939ae7e1d42152a54ab54b392e","ssdeep":"","tlshash":"e6c08c27d0886aaa8a8610890510990e71d618182aa2723ed8f802240a8c288aa9383a","first_seen":"2026-04-26T13:16:36.141596Z","last_seen":"2026-04-26T13:16:36.141596Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/logo-CYTjccDg.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/logo-CYTjccDg.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/MetaMask2-Bg53YWf4.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.970Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/MetaMask2-Bg53YWf4.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Fincen-DdpYly6j.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.974Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Fincen-DdpYly6j.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026direction_type=1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366568\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091","fqdn":"msg.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msg.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 03:56:18 GMT","end":"Fri, 19 Jun 2026 04:56:14 GMT"},"fingerprint":{"sha1":"3D:A2:6B:19:97:82:23:11:10:B1:04:28:BC:92:55:73:D4:24:D7:6B","sha256":"FD:D5:E1:0F:63:14:4C:3D:C6:7A:C3:2C:AB:8E:7D:73:CA:F4:E3:D8:7B:E6:08:8D:E9:3C:FD:57:04:B0:51:A6"}}},"request":{"raw":"OPTIONS /chat/chat-msg/unread-msg-list-v2?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026direction_type=1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366568\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: msg.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: external-sign\r\nReferer: https://usdcsavings.icu/\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:06 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT, Keep-Alive, User-Agent, Cache-Control, Content-Type, Authorization, Origin, Cpl, Client-Type, X-Requested-With, Accept, External-Sign\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\nvary: accept-encoding\r\nserver: cloudflare\r\ncf-ray: 9f25dc2d58dd5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":27,"dns":0,"connect":3,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Crypto-Df1QTyax.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.962Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Crypto-Df1QTyax.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Trust-BXfqQr9U.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.964Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Trust-BXfqQr9U.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/Sec-bMwMGbMr.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:05.974Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/Sec-bMwMGbMr.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T17:35:16.918797Z","times_seen":14433302,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"srz.salesmartly.com/client/log/log?plugin_sign=e7c52f6e77ac20ce49a3c0c2235555a5\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366580\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091","fqdn":"srz.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srz.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 12:46:38 GMT","end":"Sun, 14 Jun 2026 13:46:34 GMT"},"fingerprint":{"sha1":"4C:14:A3:50:BC:B3:C2:AC:E9:F6:88:D4:36:B2:E6:AE:E0:D4:64:D3","sha256":"C9:AF:D2:80:FE:11:04:07:0D:92:35:3A:19:79:9F:31:89:4A:2E:34:36:0F:DC:BD:33:1A:A8:E2:82:15:41:42"}}},"request":{"raw":"POST /client/log/log?plugin_sign=e7c52f6e77ac20ce49a3c0c2235555a5\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366580\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: srz.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 857\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":857,"data":"log_type=CHAT_MSG\u0026data=0qH8PTXG1nmb1nohMhHGlnR9fnzWyh8htTV8rCyiyQV%2F1Ncb1nmvrN%2BvsVzVfGHWfhypyGcW19X%2FyAKhs2vqIevSleyarQuAr2IQl3uvr3XhMnrVr3r%2BI3cVs2fhBdHQP3zSN9VvyAKhyh8hrQjWtazqrnshMhyhBdHqP9zwNScmf3DhMAspyGrVfGIEP9khMhH9lCkqMCkSBAubl2fSIAljleykIeySldypyQj%2BPQtasntVyAKhrnkwXXlhBdHafQ8hMhHKtTc8f5KWBSX5r3I5sNrEPQt5BQVAtCFhBdHasCyiyvaW0QVpP3OWICk8yd%2BN1nmvPSt5yOmDyeO8BA6gyutEPAs4MqYkIAogyTH9MAO5Idk8xCYTrnIZPqFqleO8leO8lCY31NHVrQzkB5O5Idk8ydypyGX5rNHb1nohMhH%2BIelSIAX%2BIQD5snIvl5IAsAoqreo8I2vSr2OSlnDjIqypyQjWrazvsNc%2ByAEgyQchXQXqf9VWPhyilC8hrN%2BEfScEPQtnrNH51nz%2FyAKhyh8hrNHqPSyhMhHgNdHwrNI5sntVNdyiNdHYy3aat3u41nz%2Fy3z8rNH%2Bt3VWPhYSsNlRsNc4rna8t3Xvy3z%2Fy3ORr3u4snH%2Bf9DRt3%2B%2BtdYv1noRPQz4y3upP3zSy3aat3u41nz%2FfqmfyG4hBdH5t3zqrDm%2BPnX5yAEP0qH%2FsnaVyAKhf9uprNIwsNH4PTVbfuzGlnR9fnzWN9jEfSohBdHZrNVosNcKyAKh1nohbXazbo%3D%3D\u0026base_encode=1"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:06 GMT\r\ncontent-type: application/json; charset=UTF-8\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: https://usdcsavings.icu\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f25dc2d3d2cb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"77e652f404f47086bb49598b43b92d9a","sha1":"9b4981aa40e98879d7f2efda3261e0f0c76a0d78","sha256":"052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5","sha512":"70e55dcdfca4754735386a3074c028d1047fce9b9d946cc84c2ea59d57799ffdc8071abc4c62142e2a1c319a948ad71eb696e0892bcaf1ce41f4616026a6bb63","ssdeep":"","tlshash":"bf900433341cc3470d05504f50053715d0f410500f104751ccfc0314430c4d57143410","first_seen":"2023-08-03T19:40:41Z","last_seen":"2026-04-30T15:54:53.482847Z","times_seen":1867,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"msg.salesmartly.com/chat/chat-msg/unread-msg-list-v2?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026direction_type=1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366568\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091","fqdn":"msg.salesmartly.com","domain":"salesmartly.com","tld":"com"},"ip":{"addr":"104.18.23.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:06.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"msg.salesmartly.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 03:56:18 GMT","end":"Fri, 19 Jun 2026 04:56:14 GMT"},"fingerprint":{"sha1":"3D:A2:6B:19:97:82:23:11:10:B1:04:28:BC:92:55:73:D4:24:D7:6B","sha256":"FD:D5:E1:0F:63:14:4C:3D:C6:7A:C3:2C:AB:8E:7D:73:CA:F4:E3:D8:7B:E6:08:8D:E9:3C:FD:57:04:B0:51:A6"}}},"request":{"raw":"GET /chat/chat-msg/unread-msg-list-v2?login_token=a92497025face3f0addeb9fedfa4dea7\u0026chat_user_id=a43765a6e3acd33cb42d40597e171e17\u0026direction_type=1\u0026plugin_id=g1h6qoo\u0026over_time=\u0026env=chat\u0026_=1777209366568\u0026_lt=a92497025face3f0addeb9fedfa4dea7\u0026_u=\u0026_xma_=617091 HTTP/1.1\r\nHost: msg.salesmartly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nexternal-sign: 6055b775146d194db67e6b2c38983a07\r\nOrigin: https://usdcsavings.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 26 Apr 2026 13:16:06 GMT\r\ncontent-type: application/json\r\ncf-ray: 9f25dc2d6d2ab512-OSL\r\ncf-cache-status: DYNAMIC\r\naccess-control-allow-origin: https://usdcsavings.icu\r\nserver: cloudflare\r\nvary: accept-encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT, Keep-Alive, User-Agent, Cache-Control, Content-Type, Authorization, Origin, Cpl, Client-Type, X-Requested-With, Accept, External-Sign\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\nx-request-id: db71a598-5569-4455-9843-0c3c8362196a\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"48016efe262190df0ad5b1d7340a60c4","sha1":"1cd9c973630bf59e2c479cada9105bbfad39dec3","sha256":"6e59b9f826a2a9b503fb05fd33448a0583d30552aed790dfea6cb19e74bb409c","sha512":"274e846e9ad5c7fdbff3fb665809347f229260b2b2eb491f386a5d1084a7fd7526a4e0eb331c71c4eeb14a98143925c29e2702869c11883176eb14ffbba9993b","ssdeep":"","tlshash":"4ca002562c2c1e4b0f0fe489780d1b17d6e911445a252712cdcc915c870da5eb5c7521","first_seen":"2023-04-19T11:38:49Z","last_seen":"2026-04-30T15:54:53.491946Z","times_seen":1459,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdcsavings.icu/assets/logo-CYTjccDg.png","fqdn":"usdcsavings.icu","domain":"usdcsavings.icu","tld":"icu"},"ip":{"addr":"35.223.227.195","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdcsavings.icu/","date":"2026-04-26T13:16:07.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdcsavings.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:49:49 GMT","end":"Sat, 27 Jun 2026 00:49:48 GMT"},"fingerprint":{"sha1":"35:B1:0E:30:0B:39:86:67:EB:14:DC:40:32:9C:FE:EF:55:05:6B:C6","sha256":"7C:09:20:36:0E:22:2C:60:F4:8B:E8:2C:AB:10:94:94:51:BE:8E:4E:49:1D:DF:68:DC:77:3C:75:85:03:1B:72"}}},"request":{"raw":"GET /assets/logo-CYTjccDg.png HTTP/1.1\r\nHost: usdcsavings.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdcsavings.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 26 Apr 2026 13:16:07 GMT\r\nContent-Type: image/png\r\nContent-Length: 103454\r\nLast-Modified: Tue, 03 Feb 2026 16:09:22 GMT\r\nConnection: keep-alive\r\nETag: \"69821db2-1941e\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103454,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 281 x 281, 8-bit/color RGBA, non-interlaced","md5":"cfe4e8ce262978821e360c3252baf42a","sha1":"40e19206539e1fe984b64b7f7029cfdc4d87ccac","sha256":"73cc11f450f411d66609fa34a9c1602725d4ae309da76ea141ed68a378b8375a","sha512":"d47a2d4ece20c9c15b42b127d935f1e6dabb53252183192906b84de4ac5a697d3d8188613aa424307b9ecc07296734bb8f07496502149d875f9917affe6a0fb1","ssdeep":"1536:eApHNTNeywK80nT3wUcViMd1pF+VUx9ui2bF6UN29SriD7DC5tz4DfRgJEI:eEHNTNFpXT3w9J7x72EUZiPutznj","tlshash":"bfa312a03f913802edf9690845f571ca0fde1b5eafd513c0a609bb0bb95c54de0e96d4","first_seen":"2026-02-11T03:43:01.203118Z","last_seen":"2026-04-26T13:26:32.74302Z","times_seen":4,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"usdcsavings.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}