{"report_id":"9444a9db-e169-4ecb-8c3f-6e5ab727b96b","version":6,"status":"done","tags":[],"date":"2026-04-07T14:35:51Z","url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"title":"q38.co","dom":{"size":17708,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (17708), with no line terminators","md5":"796014e4150d67c326e0ec92e3e517d6","sha1":"44c45f416ebba070764ed7dbd57e8210b00d17e5","sha256":"1b853cc4ef00a5744273df0a9a3adc1dd0f0d713568d44b3661310512c2004cc","sha512":"a20db6534921726dc817074730cf0af1f5114604f4ed5702221393e5ca4826bc47d482be36a7442aaf6f6e27d113b7ad6156d7dd737d87c21f6693956cb2c9aa","ssdeep":"192:tvxeM1uW6wME6ueGU2YA+ZudonfRZ37/1D86wME6ueGT3E5r7gnqzcpm0Lp4e0XZ:tJeM1uUf4udYfRZ33KJ2e0XY6ykDn7","tlshash":"3e829766fd05de0aac7f9c2d203e6e3980cdca37c568dc68b2cdde58169287107d59e2","dom_hash":"domhash9b178fe26d455a2bba7cf8ec1c613a76","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T14:35:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"usdt365.q38.co","ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-07T14:35:52.460733Z","last_seen":"2026-04-07T14:35:52.460733Z","alert_count":35,"request_count":35,"received_data":1963392,"sent_data":16352,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/14okdlxa51d~o.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"662a160f5da29d12b67b2583a4ed4433","sha1":"c38719553c24f78716e07b4ca60c59e0cdf355c4","sha256":"e8c00a84a67971e3d8f73e09637a2e6cf73c5648a2f6ead020a2f8a36386e41d","sha512":"0393485f7e1c7c20e026653c2fc8e9039cf7e97593009f3ccd3757c70b84437a28a878885e2ecba94b8dfc3203519453caff3d8c1e7cec8d7916d771eaacb40a","ssdeep":"384:f+FjBRxz/akqleEZQKZTd96LLf8J6otgG4uaFQW9Uiet6eIup1NqBYjYvwCHSW+D:f8j5/aZlKUd96LZcNqBq1Cz+m1/5Mt","tlshash":"15e294a971d5f4910b9354b5803f501bf23e0db6286da0a4e3e2dceab9b054dd133f9a","size":31396,"data":"","first_seen":"2026-04-07T14:24:14.767055Z","last_seen":"2026-04-07T14:36:47.246159Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/1860zsbcg5z1o.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dec75ab53cb09d845c2eaa0ca291114f","sha1":"409821758d4d374d8abc078b900732908a66ce75","sha256":"9db199f2e2fd80f1a0ab8ed4d750442386ce342d431756f45d0d76e420a46a02","sha512":"c57f9d9a796d11886efcd2596480eb8af1f38121fc35b699c5dfb717e05cc8d2cd0b22cceba7ccd566dc3cc57983b4c63ee5034780b261fa199f6f4eb0cd5d3c","ssdeep":"384:2sVWst5gWTnrYV3uXeqbkJdeUtdaVmzlhjuNf9zXYpDuYNb4x2pk81FZTDxJRiGG:vVWstOoS3HSqD95hdFQcCDFZ1dqF6rV","tlshash":"7c33da753291faa303db91d9c0370012f2780d7130ad64b4b395d8af799dd8a92faf69","size":54644,"data":"","first_seen":"2026-04-01T13:40:25.558346Z","last_seen":"2026-04-07T14:36:47.214559Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-04-07T23:35:14.978014Z","times_seen":83032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/17mxm.seeu2fn.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb5f0fd04f451541daced72ea68841f5","sha1":"e76da52a9b62950207be3018b36b8b1afff52ad0","sha256":"a251e996760e302ad2a03f7c6c5160a65969c6344175b6042a0e6c5b72e0d7d8","sha512":"b41191af43733620631b6180bafe8b5959b5bddb3007af6cdcb4c32c09a1811bca625e5e3b1c8068294dfd80fff45bd0f807ba5b5aa16ce83c763cc2a3ffc862","ssdeep":"384:ZvN3sHyol2GbLwl0v2spgFmQxziPWukLtAFWusl0s/iqLZMt7w2a2BWyHcC2D57Z:z8HLgqvKFiPF2fyE2NBZHcDXu8HR","tlshash":"b1e20be4b05295dde76a0094542fc00c713f3e68a91f4868f7f86cf62a52885f6f2f99","size":34014,"data":"","first_seen":"2026-04-07T14:24:14.771084Z","last_seen":"2026-04-07T14:36:47.22982Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0pqt~8bl3ukh4.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c621d697f789f9a625e80384da50359c","sha1":"21b6e9613cc917a5fa984be427364d03e5757cbc","sha256":"5261101892e2476e4346e19e86fd5f19cbcf7c765ff76e92eb9cefcc86b6db6a","sha512":"59a0ad4d3270e18ccc1178b7a1c8902793a70e88a518f01ce894d1d3335251953289630dcaa26b4c6d9a3b6bb5563b8845d5fabfc521878c382c7d2a56957ffa","ssdeep":"384:p7/A2dkTd93jBT0diRTRIpowbIBqjac/s+rPYjDExpCkKMny1V0U5+wQhKHAlwe4:BN8pcowkpc/s+zYXExp7ly1V0UVD","tlshash":"4513e7b132d4faa3539341e0e43f2016f2780d7520ad6470a7e89c9f754d88da6befa5","size":44414,"data":"","first_seen":"2026-03-18T18:55:57.705164Z","last_seen":"2026-04-07T23:19:44.035936Z","times_seen":588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0l9d1e.kbyagj.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d89fd4a4ad4dc774af132ae4fbc3a7cc","sha1":"e3be507df386bdd95fa418cd06468d2ef8caf4ca","sha256":"ee94deb42254ba75a8fc3b5c234bf9d8fe66c840b7c66b89603bb6b5ec85fd21","sha512":"96b572cb5ae6a9c26f0d9c5c81cd692c3b0cf5ccd9569406cb13c2162f682ee27ac22d0fea0cdcdbe277991240a8666c7faa23ee9da403dee561f262fcfe4509","ssdeep":"1536:fFhA+g9ME/bx6sgoaWZXIUIQLvOcyNjxF4pzs/psnyaYbz+RrpeI4S0D65S0W9XB:fy7bxaonZ4uvOcyNjINYbSRMIn0O5eXB","tlshash":"ccd3f6f935d1f482076b50aac03f0006f22c4d77189e6860e3e5edda756465de2b3faa","size":136653,"data":"","first_seen":"2026-04-07T14:24:14.791552Z","last_seen":"2026-04-07T14:36:47.228056Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0yb2wil16uz6h.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ddca2069e2c5530471e5a0cf0fd74ddf","sha1":"877772cd73dc2d32590471fa21b2703af249f6fb","sha256":"a46211a22ca83766afe77489b2635bc7ed6efd3da4f1c60bc94408deb352a575","sha512":"16e069b47459e2abad39db5c2a2c7ae46fcbfd1a8281da7412feafd93e9afa281c0d8b525e54d3f47548f6f8af41d8a36b2ce4442971c1f740f27742b69b927d","ssdeep":"96:4ZYwf52j45y5Iie0RES0s0QPf59GChx72aRR7KRZVg9GCa:hwMDhEBs0I+ofQZf","tlshash":"eeb1c711f241ec9ab75a008935b7b00ef224342a9b75e87277dc18f25bc05f57d6a7d8","size":5587,"data":"","first_seen":"2026-03-18T18:55:57.703395Z","last_seen":"2026-04-07T19:04:22.421183Z","times_seen":227,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/turbopack-0jtkk9reh46qd.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d9da6f8b25138d0336b032c2265320d","sha1":"e97349d54907e74f2a82e718cf4a2b9598ecc12b","sha256":"082546dea6910dbb41962419f13dcef34371c07b9d2963783976a450a5d90b2d","sha512":"d21304c8b36ac91edee8bc5266d57412297a408336c0784a199d9f7aa34536863e42e8bd10ae613a18536aedd26ad9bf835fb74ac626754247fae472bcdb61eb","ssdeep":"192:zaJ1QME9A68kEsgfo2YEM+TEkmli5yZZr8BT4FIhcXX3Kfj+yLxm:zaJ1QME9Y9xfmlO+gSIWfyLxm","tlshash":"0e32d7ea33a6f03343af90ebd06f4044f1799469145d181cd35ce8eb28394aa85e7f76","size":10980,"data":"","first_seen":"2026-04-07T14:24:14.76939Z","last_seen":"2026-04-07T14:36:47.212624Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/14xpmb112aq3c.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a160d356dc87e1dec8574b6aca3eeee0","sha1":"74f236b8ab847cfa76ef3e3dc377afa22a8e7c45","sha256":"8b83d64ee30dae877bd12cda47f40941cf544a5e1d63d97726d75f8569403c94","sha512":"88f0b73b95ee5d079e81a26f47ed382a263291856a867ef211f01060a06bd3eab72dd2fc03b8261ed4f7f77bfb1c006fd990f223cbfa366391bf2bc0d2a16eb7","ssdeep":"384:n2RPOJrpO0MJDgAigIRje1TVVA0uK5fxqciYs4AY5HZOeJE7fMfJ:8qdgIRy1TX7a7+J","tlshash":"8e82faf13282f165d7aa40c5852b400af27e2e74341f5458e3ed9cea3665c86f2f2fa5","size":18331,"data":"","first_seen":"2026-04-07T14:24:14.773345Z","last_seen":"2026-04-07T14:36:47.221312Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0_g48.pt8d.af.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d931212bd67aa46597fd400ad7b6f8df","sha1":"74b35d5b8e828c6ae861b0052dbd291e4459612e","sha256":"96c20d58c3dd1bb0255fb95d974eec56254af50052e1cde6860f72883aa2c33e","sha512":"51afb25d3211f4b49c845a5e95e57a0c7f3131970b89263fdd6b2a0a66c13f92567a6a2cc93827c3d923faf8dfa46d20a9a397325f7a445872c798866b7717a8","ssdeep":"384:lZ+4VQkCTT2HDj+fPIvD4Zy1shuLOuwbJd6:lZPVQvFfAvD4huLO3m","tlshash":"c4823b7131aaf8d6529b81c4987f400cf23d1d74657eb068b3f95ca95a60d84f0a3fba","size":18779,"data":"","first_seen":"2026-04-07T14:24:14.778152Z","last_seen":"2026-04-07T14:36:47.219536Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"82f3e60d9c6b2d3ff67fc3d667322549","sha1":"516dfd071776a47da37dab04649aafbb1f024819","sha256":"3221a27539c8cdecd8a454a1912044cf45b404f5a8b2a088993c866784f77d13","sha512":"fdd1e231b61217f87f1aecdfbcab75b695a01905a5f862a68f2c3cd7046937b4a1a7c0f0e921ca1affd744906333a1b9b09a63a287a10368bdd0e82b299d4aea","ssdeep":"","tlshash":"9d41d767f98bfd846c70ddaf212f0f3284d4ed3684705998b28ecbda11a247617c99c9","size":2280,"data":"","first_seen":"2026-04-07T14:24:14.814626Z","last_seen":"2026-04-07T14:36:47.249554Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0848853a7bdb9f2c3e417c473bf45e47","sha1":"b5e2b47e9d753a85bc385e364ed570b7cff504db","sha256":"6d01c25840f645407b468c9a8f08730103a986d47d607fdd291cbcaabf59e5a0","sha512":"c581b03a4fd7684e10efdc4919ce9d05366a506d06dfbe8f62b29f1d33396410b83fe6e7a17c50315010692a57ce42a7dfce24552ca1544fc15bc75401ae3577","ssdeep":"96:LTnHcD7cg1xqzc/xmWnhpf4RyOc4BQbopa5wn6k:vgnqzcpm0Lp4J","tlshash":"e6b11f2e7805de0aec6e3c29013e9d3a54ccca7b4794deb882ccde150a464793bdadc0","size":5402,"data":"","first_seen":"2026-04-07T14:24:14.815777Z","last_seen":"2026-04-07T14:36:47.250145Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6281f79eefe9dd6d93e5bb43bb307627","sha1":"662b2be80c6a5de03b97c39307b091421650622e","sha256":"1665e6ed2b4e654baa206e5ad3f3e87c352c1b8265b63f80ddad1f517ec20c30","sha512":"99f5e1bafe04ebd09a31a6bf887137d01404dc0718a98dccba3e938a5aef6dee5d1e2ab41597457feccdf5acec91c166d473b2b58fbcac1257eda34c6303fd2a","ssdeep":"","tlshash":"41d02ba1dc13dc1dc3965f29283f2c7531cdca741a466147b888c93d5dc6d340ae0dc6","size":286,"data":"","first_seen":"2026-04-07T14:24:14.816998Z","last_seen":"2026-04-07T14:36:47.250742Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0j9g_8xfbk8s3.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4deda0d10c79043b7c67fe98e47f114f","sha1":"3350371895c2d9bb0f3b4dec4c04b899bc6f74c7","sha256":"7e5f33474a4149ad185039ad46976b18b54619affe8c00da8f4361707a648d3c","sha512":"d1390c7d3c46f25df636191c946c193989abe1c034823978e0fe114df48f71204c738bbc482468f2620e065452509b8b328a80ee1e0625a2579745ce83cc96c2","ssdeep":"768:ZCeHcLh/Ah0qxI8FaVO/WHTNidFZsGeE1mBMHiFNwCPv:7idACqxIMayWHTN2FUBMHRCPv","tlshash":"f8132cf17156f8d9976b80c4846f800cf23e2e74641e5468f3fd6ca52aa1885f1f2fa6","size":44304,"data":"","first_seen":"2026-04-07T14:24:14.762119Z","last_seen":"2026-04-07T14:36:47.248052Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/08qtxy5skhuem.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"69b693ac5951874ad14d843f6f734b7e","sha1":"d3c367925a3cdace2ad3d81d4eac6717e16da621","sha256":"321c67cb78275b3d7563ca263dd05405f1996003409e498fa603f0a6f9a7b05e","sha512":"bb8d3c9b9984dba778bbad95211448c418d558a217f89e17e4f7423b7827b687d8dc121f4b57f78298058da8f23d91997c6ab40389ad313a67f413368f335cc3","ssdeep":"768:k/CIqoskikwWKx5Xwdssrxxc/asSsxIFNnqSWEXcJZGEK+jnRT:AFbiCk5Xwd3rKh9xIXn8ZGEK+jF","tlshash":"bd235c1ca27952d906609b19f8c7f919f2de8cf2c28ad4645bea073e51f3c19518e73c","size":49026,"data":"","first_seen":"2026-04-07T14:24:14.783645Z","last_seen":"2026-04-07T14:36:47.232556Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0fmdy_h4fp~gw.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b50128033fdd53c77f978b66bf0f0f07","sha1":"47419ff3ba54a3ac8e9e71781c920f7976ee62e3","sha256":"88eaf66f5204ef33ddf954786dc17993fd8e37a5cda093ed55b1a6b4c517b455","sha512":"6776870c0154df4e644633014100c2353e913957e5ba5d15b259484f17163e87e9be1ec89f24e5bf5545e5228b34e8d8cac9740f6034aa3032babfe6622182b7","ssdeep":"3072:bFLtaNMDfGWY7V70PTIt6h+8BibKNn0ZJGXjFMAL98nwd0++k:bFLtKOfGWYpyI9vGzD58nwd0++k","tlshash":"ae24fbe83995f6626ab302b710af18037338252b280d4d60a251fdddb57845fb17bf9e","size":227315,"data":"","first_seen":"2026-04-07T14:24:14.811542Z","last_seen":"2026-04-07T14:36:47.238085Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ae673a5a56b2c514a46e898b1de96515","sha1":"54f9ae4a5d35065a7092e6f9f098e62b591c4792","sha256":"68c25a799618fdf07a8f4ad9880b3abd3403f42b50b0a7ff2014da870a05aaaa","sha512":"562958795a67c049a2f331e57dcf71d515f2cef1348ce9fb7c9296c09b5aca48363f00dcd7e3b1c968752f49a1038e1ea3faa8a14e42fbc29ea9ca81fbd6face","ssdeep":"","tlshash":"d9313ba2fd19dd05c7ca9d04287e3ca510ccc7a74165a45bf2dccd2885d3e741af1662","size":1582,"data":"","first_seen":"2026-04-07T14:24:14.818205Z","last_seen":"2026-04-07T14:36:47.251271Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0pqt~8bl3ukh4.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0pqt~8bl3ukh4.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0pqt~8bl3ukh4.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"c621d697f789f9a625e80384da50359c\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0pqt~8bl3ukh4.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz2wk-1775572529585-240b777e63ce\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44414,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24405)","md5":"c621d697f789f9a625e80384da50359c","sha1":"21b6e9613cc917a5fa984be427364d03e5757cbc","sha256":"5261101892e2476e4346e19e86fd5f19cbcf7c765ff76e92eb9cefcc86b6db6a","sha512":"59a0ad4d3270e18ccc1178b7a1c8902793a70e88a518f01ce894d1d3335251953289630dcaa26b4c6d9a3b6bb5563b8845d5fabfc521878c382c7d2a56957ffa","ssdeep":"384:p7/A2dkTd93jBT0diRTRIpowbIBqjac/s+rPYjDExpCkKMny1V0U5+wQhKHAlwe4:BN8pcowkpc/s+zYXExp7ly1V0UVD","tlshash":"4513e7b132d4faa3539341e0e43f2016f2780d7520ad6470a7e89c9f754d88da6befa5","first_seen":"2026-03-18T18:55:57.705164Z","last_seen":"2026-04-07T23:19:44.035936Z","times_seen":588,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/image?url=https%3A%2F%2Fhebbkx1anhila5yf.public.blob.vercel-storage.com%2FIMG_6943%25202.PNG-wdfexpdFaQDnxQKavObyP07pEbjHVW.png\u0026w=384\u0026q=75","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fhebbkx1anhila5yf.public.blob.vercel-storage.com%2FIMG_6943%25202.PNG-wdfexpdFaQDnxQKavObyP07pEbjHVW.png\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nage: 2022\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: attachment; filename=\"IMG_6943202.webp\"\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 07 Apr 2026 14:01:46 GMT\r\nlast-modified: Tue, 07 Apr 2026 13:53:29 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: Accept\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz2wk-1775572529604-10977c98ca07\r\ncontent-length: 42756\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":42756,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"487cd2b1ec65e17c0cfad5bf51890633","sha1":"4c602213fb1a58a77e99848bb6fdd81f40aecd43","sha256":"4d104c089f525fbcd57a6257b7bde9fadacaf105933ac1f2ce92390d0109e847","sha512":"b74d176a81e455f8a5ece3490c1fef14d82c38643ed23f085cab16f6b1be15777a8e46543ad8c19de0bf09e69e06a280d4d414d5b2d5713109a2c50dc3c44a6e","ssdeep":"768:nvxLDvr4oRoXNx/+hBVz2Qcbk2dmY1ZT7qf62RvpiwoRN0CRl6B15kSNA7d16PMy:vxLn4koX3TBbFdDLqf/xiwoblwB1CS2+","tlshash":"f6130218284c14ace7dd636686de95ec0388689ac15dffb3c5e07afa7285cb21cd4917","first_seen":"2026-04-07T14:24:14.779452Z","last_seen":"2026-04-07T14:36:47.22657Z","times_seen":4,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/api/notifications","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:40.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /api/notifications HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/plain\r\ndate: Tue, 07 Apr 2026 14:35:40 GMT\r\nlocation: /login\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::frqzw-1775572540184-0e2a69b4be63\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":15939,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T23:38:13.132432Z","times_seen":13480024,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T14:35:28.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181817\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"d58beed559b9097b67375c294397aff8\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::dlfzt-1775572529006-d47b0ad2c1e7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17557,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (17557), with no line terminators","md5":"545977cbc77b7993327490b397073ebe","sha1":"9aea1bd959dff926d0e0449f1b35c48a2cc4fb37","sha256":"47f08515127192fd6134b9b93e6fddc9683709285ff6d9c34b289bd0b591e585","sha512":"f8ac4d0740c766587d667f2ca85310026177f8b219b597bfb2dd5b4604f8bbe65a4052b7b4e78a1618e9dcbd42e63eb146a347d7501dea9d20f5e60530f06056","ssdeep":"192:b/VquV6wME6ueGUHYB+UOucnvZ37/1jt6wME6ueGTnHE5r7gnqzcpm0Lp4e0XY6L:b/VquuAjOucvZ3qKJ2e0XY6ykDn9","tlshash":"87729566fd05de0aacbf9c2d203e6e3980cdca37c558dc68b2cddd58558287207d59e2","first_seen":"2026-04-07T14:24:14.790216Z","last_seen":"2026-04-07T14:36:47.242067Z","times_seen":4,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":114,"dns":88,"connect":1,"send":0,"wait":10,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0l9d1e.kbyagj.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0l9d1e.kbyagj.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0l9d1e.kbyagj.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"d89fd4a4ad4dc774af132ae4fbc3a7cc\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0l9d1e.kbyagj.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xxtxj-1775572529583-4259fd441ff8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":136653,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d89fd4a4ad4dc774af132ae4fbc3a7cc","sha1":"e3be507df386bdd95fa418cd06468d2ef8caf4ca","sha256":"ee94deb42254ba75a8fc3b5c234bf9d8fe66c840b7c66b89603bb6b5ec85fd21","sha512":"96b572cb5ae6a9c26f0d9c5c81cd692c3b0cf5ccd9569406cb13c2162f682ee27ac22d0fea0cdcdbe277991240a8666c7faa23ee9da403dee561f262fcfe4509","ssdeep":"1536:fFhA+g9ME/bx6sgoaWZXIUIQLvOcyNjxF4pzs/psnyaYbz+RrpeI4S0D65S0W9XB:fy7bxaonZ4uvOcyNjINYbSRMIn0O5eXB","tlshash":"ccd3f6f935d1f482076b50aac03f0006f22c4d77189e6860e3e5edda756465de2b3faa","first_seen":"2026-04-07T14:24:14.791552Z","last_seen":"2026-04-07T14:36:47.228056Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/api/notifications","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /api/notifications HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/plain\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\nlocation: /login\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::wz4b2-1775572529804-8803eaf5f869\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":15939,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T23:38:13.132432Z","times_seen":13480024,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181801\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"1196ce01029f28fc5d7066bc15cbb471\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz2wk-1775572529940-f4dce082764b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15939,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (15939), with no line terminators","md5":"e3ba4bdf78136c261c9c05b43fbe2bb6","sha1":"47dd86cba801fd883c416eec4da25f7c235ca0f4","sha256":"8e07d1cfdcc1e7628f524c6c7816f867c4b34967280c98ca6ea58b26de4b3e23","sha512":"da0b80eff1b5e6918e106be7a6bfaf7c2b04a789fbb4a107c7a236ab24b936c4d162f4352593b2da656902256312baefab083f4d20a6e9c3d304f3c224c28e55","ssdeep":"384:b/VqurQAjOuWIvZdARBIMH98G/58CY0XY6ykDnsM:b/VqurQAjOuZBcBI8F/S0o6y4nv","tlshash":"1362a626f805de0b9c7a9d2c513e6d3910cdc977c62489ace2ddce690a82db51be6dc0","first_seen":"2026-04-07T14:24:14.765581Z","last_seen":"2026-04-07T14:36:47.247147Z","times_seen":4,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/register?_rsc=rjhjl","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /register?_rsc=rjhjl HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /register\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181786\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: \"d9b3a76b372453897de1f6b085b2d807\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /register.segments/register.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ghjp2-1775572530189-113f3d8c53fe\r\ncontent-length: 445\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":445,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"8cd44bc0576827d49927651a9afcf0aa","sha1":"cf77d6c99e3f94eb2e874196714d2e50a1024d59","sha256":"996b8f7549500897bc6573a4175bb502867897a20108aa46079b4d61a8e0caa7","sha512":"7ac84c1bf180c38823c15f45f3c93d9c4eab894f6684eda4032c43b3d67a0449c538fc5f98f174cff7d6954035d6d8facce08839d2f634a19f49d3ebc2f30ed3","ssdeep":"","tlshash":"19f02b66a74aee6a1cf9cc5c145e431e026d4c7b563119f0a29c8d2843824361bd66c0","first_seen":"2026-04-07T14:24:14.792839Z","last_seen":"2026-04-07T14:36:47.216642Z","times_seen":4,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/media/3206eb66b875a5b3-s.p.0newl065t398d.woff2","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/media/3206eb66b875a5b3-s.p.0newl065t398d.woff2 HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181705\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"3206eb66b875a5b3-s.p.0newl065t398d.woff2\"\r\ncontent-type: font/woff2\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"83636f24aacb72640d76120c7037457c\"\r\nlast-modified: Sun, 05 Apr 2026 12:07:04 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/3206eb66b875a5b3-s.p.0newl065t398d.woff2\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz2wk-1775572529567-4d47cd3979c4\r\ncontent-length: 9304\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":9304,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 9304, version 1.0","md5":"83636f24aacb72640d76120c7037457c","sha1":"518e92dca296900885729242847650a2daf14bb4","sha256":"7597c31a957ae3d2e1ebc786238752d883c15ce2e6b5da617dc3453a9fd86335","sha512":"f2c06849a33485a56c527f5b3bfb82dd340e83260e19155fa37d2710499232cfba849b0608238a7d97a9981fe58e0c69520fdc42b6dbd5b342ae3c4110398ca4","ssdeep":"192:M4w6e0uKh9Urb42SGzRRvcsetxqoQQFfmz2qsMHKibVLeQ:M4ZuKh9EM2SGd9Ktxqo1FfmyqsMqGkQ","tlshash":"9412ae1408ae9b90cb80b9f43abd829b0544ad79ab04ed95011f79fb683d11b8910f4f","first_seen":"2024-12-17T21:13:25.263735Z","last_seen":"2026-04-07T14:36:47.234308Z","times_seen":106,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/register?_rsc=su3ji","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /register?_rsc=su3ji HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /register/__PAGE__\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181786\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: \"3614089156581a0bc2ba2411cf5f0835\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /register.segments/register/__PAGE__.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lwjrp-1775572530194-a7e788eb3daf\r\ncontent-length: 904\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":904,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (424)","md5":"457a870764fe9fcfb0a310438f0fad1a","sha1":"fb9a2fe33d4827934ec87683fef338c6d46daeb6","sha256":"90b313fbc01fee6f1d2069214515db73af70740ac20ee88f7f472f43867ae5ed","sha512":"24473355b75ff823f0aedc4e844a118a7ed613bd44ac3d9da953f90168c32803ef957d7ef64546d9088a3b51dcf7b96e7b6468d57b85b5df82d7781a709bb3af","ssdeep":"","tlshash":"8e11af7aeb0aee5f2ce4cc58386f9b3712ad283795354da8b2ddcd78024ac3617450c0","first_seen":"2026-04-07T14:24:14.788759Z","last_seen":"2026-04-07T14:36:47.231463Z","times_seen":4,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/media/a079e02bba5bf7ab-s.p.0.s85e2kacc1m.woff2","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/media/a079e02bba5bf7ab-s.p.0.s85e2kacc1m.woff2 HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"a079e02bba5bf7ab-s.p.0.s85e2kacc1m.woff2\"\r\ncontent-type: font/woff2\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"4883a1f599375473dfd43469e77b92d3\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/a079e02bba5bf7ab-s.p.0.s85e2kacc1m.woff2\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lwjrp-1775572529570-ad55f257749b\r\ncontent-length: 8964\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":8964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8964, version 1.0","md5":"4883a1f599375473dfd43469e77b92d3","sha1":"c6dd2c160a141f5e71f748d963012c07d1a9dddc","sha256":"4745b75b6e92d917e2402925dc1a6c1c6300e6e0f607a1ce286da54b33d80d3b","sha512":"a4b6226740eb2328d8b9ddbd02eab25dec490e2a7e049a9188ffa5c023d59fadb4218556c083cba501da25f1ea44fa39e0c29178fcc9062dc63ed329a45ae301","ssdeep":"192:1+1V5+dmM4exdKteqkrJLlpWOaxj4GkDhn0sqaaV9O6:1+kmM4ex8v6plpT24JDh+aQ9X","tlshash":"d702a022840a6600d7493a378df8631fe96afb9020f6c101cd12f79379b21cb9d6358b","first_seen":"2024-12-17T21:13:25.256509Z","last_seen":"2026-04-07T14:36:47.243449Z","times_seen":89,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0fmdy_h4fp~gw.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0fmdy_h4fp~gw.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0fmdy_h4fp~gw.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"b50128033fdd53c77f978b66bf0f0f07\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0fmdy_h4fp~gw.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wz4b2-1775572529582-b597c588c952\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":227315,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b50128033fdd53c77f978b66bf0f0f07","sha1":"47419ff3ba54a3ac8e9e71781c920f7976ee62e3","sha256":"88eaf66f5204ef33ddf954786dc17993fd8e37a5cda093ed55b1a6b4c517b455","sha512":"6776870c0154df4e644633014100c2353e913957e5ba5d15b259484f17163e87e9be1ec89f24e5bf5545e5228b34e8d8cac9740f6034aa3032babfe6622182b7","ssdeep":"3072:bFLtaNMDfGWY7V70PTIt6h+8BibKNn0ZJGXjFMAL98nwd0++k:bFLtKOfGWYpyI9vGzD58nwd0++k","tlshash":"ae24fbe83995f6626ab302b710af18037338252b280d4d60a251fdddb57845fb17bf9e","first_seen":"2026-04-07T14:24:14.811542Z","last_seen":"2026-04-07T14:36:47.238085Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/08qtxy5skhuem.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/08qtxy5skhuem.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"08qtxy5skhuem.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"69b693ac5951874ad14d843f6f734b7e\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/08qtxy5skhuem.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xxtxj-1775572529592-79f2a1fa8545\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49026,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (42895), with no line terminators","md5":"69b693ac5951874ad14d843f6f734b7e","sha1":"d3c367925a3cdace2ad3d81d4eac6717e16da621","sha256":"321c67cb78275b3d7563ca263dd05405f1996003409e498fa603f0a6f9a7b05e","sha512":"bb8d3c9b9984dba778bbad95211448c418d558a217f89e17e4f7423b7827b687d8dc121f4b57f78298058da8f23d91997c6ab40389ad313a67f413368f335cc3","ssdeep":"768:k/CIqoskikwWKx5Xwdssrxxc/asSsxIFNnqSWEXcJZGEK+jnRT:AFbiCk5Xwd3rKh9xIXn8ZGEK+jF","tlshash":"bd235c1ca27952d906609b19f8c7f919f2de8cf2c28ad4645bea073e51f3c19518e73c","first_seen":"2026-04-07T14:24:14.783645Z","last_seen":"2026-04-07T14:36:47.232556Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0_g48.pt8d.af.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0_g48.pt8d.af.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0_g48.pt8d.af.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"d931212bd67aa46597fd400ad7b6f8df\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0_g48.pt8d.af.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xxtxj-1775572529598-dcb0e652c90c\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18779,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7807)","md5":"d931212bd67aa46597fd400ad7b6f8df","sha1":"74b35d5b8e828c6ae861b0052dbd291e4459612e","sha256":"96c20d58c3dd1bb0255fb95d974eec56254af50052e1cde6860f72883aa2c33e","sha512":"51afb25d3211f4b49c845a5e95e57a0c7f3131970b89263fdd6b2a0a66c13f92567a6a2cc93827c3d923faf8dfa46d20a9a397325f7a445872c798866b7717a8","ssdeep":"384:lZ+4VQkCTT2HDj+fPIvD4Zy1shuLOuwbJd6:lZPVQvFfAvD4huLO3m","tlshash":"c4823b7131aaf8d6529b81c4987f400cf23d1d74657eb068b3f95ca95a60d84f0a3fba","first_seen":"2026-04-07T14:24:14.778152Z","last_seen":"2026-04-07T14:36:47.219536Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/register?_rsc=1r34m","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /register?_rsc=1r34m HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"45faf3170fd8d6d2f4656f1649ac866e\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /register.segments/_tree.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mw82g-1775572529815-934806f55a78\r\ncontent-length: 826\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":826,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"07f69e7291399d3aa3e2249c52a39f1f","sha1":"66e35b5717d0b62ea03ff7949b3b146a34828f4d","sha256":"ddefd2d4d2cb02e93f413830792b31fb63e9c2e07ddfdea89ad88a93aae53a05","sha512":"c36036c7ff2b6199143dfaacee48fa668053361ce6a2850a902ceb043450ced5d81e9d25d0fabc776f4d32a667b7862463efd99c6d875b6cf6a7f02326a48ad3","ssdeep":"","tlshash":"fb016b2298097dd51cf1e89822ead71a50682f33b4b50cd8c4cf8ce007a113a1fcbb87","first_seen":"2026-04-07T14:24:14.775412Z","last_seen":"2026-04-07T14:36:47.244787Z","times_seen":4,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login?_rsc=1tdii","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login?_rsc=1tdii HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /login\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: \"63eeec1c34c0ad9e7b677d29ce752bd6\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login.segments/login.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ntzn8-1775572530420-9a359bb20ed9\r\ncontent-length: 445\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":445,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"8cd44bc0576827d49927651a9afcf0aa","sha1":"cf77d6c99e3f94eb2e874196714d2e50a1024d59","sha256":"996b8f7549500897bc6573a4175bb502867897a20108aa46079b4d61a8e0caa7","sha512":"7ac84c1bf180c38823c15f45f3c93d9c4eab894f6684eda4032c43b3d67a0449c538fc5f98f174cff7d6954035d6d8facce08839d2f634a19f49d3ebc2f30ed3","ssdeep":"","tlshash":"19f02b66a74aee6a1cf9cc5c145e431e026d4c7b563119f0a29c8d2843824361bd66c0","first_seen":"2026-04-07T14:24:14.792839Z","last_seen":"2026-04-07T14:36:47.216642Z","times_seen":4,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/08.ghb9jxxujk.css","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/08.ghb9jxxujk.css HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"08.ghb9jxxujk.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"59f19381cf6363a6b6f6fe124d89f199\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/08.ghb9jxxujk.css\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mw82g-1775572529574-03456c394e48\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5188,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (3076)","md5":"59f19381cf6363a6b6f6fe124d89f199","sha1":"9e0ac06ed1f9cd3fd704521ab8a7bf049d4ee136","sha256":"4f707bab4b3cfe380628fbfcc1731f2df4968965a2f96293b8b3c0e6610c4b97","sha512":"06b077e39d0f77478f01b71e0ac30198a90bed6350f19a3a12384dd326fda478e9fe205cdb97539d29fc0e44026bffd121fa1baafeb6c1db3ca8863af558b979","ssdeep":"48:s14Te8Dshyu2U9RPTlMqw0jODR3FoT0wQVMqwUwODo6iOMqw5MODsxxMqwQODsd:O4ipX96qhjO9sqIOOTq0MOQMqjOod","tlshash":"c1b1de34541fb809c6e7cd6234ce6e137c1914310bea7623992d1ea89def43b13e1b28","first_seen":"2026-04-07T14:24:14.785631Z","last_seen":"2026-04-07T14:36:47.236618Z","times_seen":4,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0~qtyatpn6_.d.css","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0~qtyatpn6_.d.css HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181705\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0~qtyatpn6_.d.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"84da6895f789f75d5401c7fa541cb34e\"\r\nlast-modified: Sun, 05 Apr 2026 12:07:04 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0~qtyatpn6_.d.css\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ghjp2-1775572529587-691ee4ab1849\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":123647,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"84da6895f789f75d5401c7fa541cb34e","sha1":"273e2fe405f8e80eebd81f7c6252d2b29bb73f24","sha256":"fc9cb15f5cc5dfd5297fde6282414af89af6d6569ea182346f9fdee20e1d350f","sha512":"2d71ca3e66abb959976f1d263f18c74b3202540a29f51a0e2e4c5941d804135f8d53702a420609c0c17ffb953d83d47e7acfe111615d83fe9de699631e5d41bb","ssdeep":"3072:B+UPg+hwkgXRqhWDbE4uoaxWUFFkAEtBMno+WDAm+ADUGyGBL:B+UPg+hwkgXRqhWDbEtoaxWUFFkAEtBV","tlshash":"56c3d690b22de93f7d3354f6938cb8cc91197080dd6946e9fe56722207c7bf5ae66208","first_seen":"2026-04-07T14:24:14.808591Z","last_seen":"2026-04-07T14:36:47.2179Z","times_seen":4,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/14okdlxa51d~o.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/14okdlxa51d~o.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"14okdlxa51d~o.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"662a160f5da29d12b67b2583a4ed4433\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/14okdlxa51d~o.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::lz2wk-1775572529580-9d9603299c19\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":31396,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31396), with no line terminators","md5":"662a160f5da29d12b67b2583a4ed4433","sha1":"c38719553c24f78716e07b4ca60c59e0cdf355c4","sha256":"e8c00a84a67971e3d8f73e09637a2e6cf73c5648a2f6ead020a2f8a36386e41d","sha512":"0393485f7e1c7c20e026653c2fc8e9039cf7e97593009f3ccd3757c70b84437a28a878885e2ecba94b8dfc3203519453caff3d8c1e7cec8d7916d771eaacb40a","ssdeep":"384:f+FjBRxz/akqleEZQKZTd96LLf8J6otgG4uaFQW9Uiet6eIup1NqBYjYvwCHSW+D:f8j5/aZlKUd96LZcNqBq1Cz+m1/5Mt","tlshash":"15e294a971d5f4910b9354b5803f501bf23e0db6286da0a4e3e2dceab9b054dd133f9a","first_seen":"2026-04-07T14:24:14.767055Z","last_seen":"2026-04-07T14:36:47.246159Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/turbopack-0jtkk9reh46qd.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/turbopack-0jtkk9reh46qd.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"turbopack-0jtkk9reh46qd.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"8d9da6f8b25138d0336b032c2265320d\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/turbopack-0jtkk9reh46qd.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wz4b2-1775572529589-d4415a51b508\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":10980,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10541)","md5":"8d9da6f8b25138d0336b032c2265320d","sha1":"e97349d54907e74f2a82e718cf4a2b9598ecc12b","sha256":"082546dea6910dbb41962419f13dcef34371c07b9d2963783976a450a5d90b2d","sha512":"d21304c8b36ac91edee8bc5266d57412297a408336c0784a199d9f7aa34536863e42e8bd10ae613a18536aedd26ad9bf835fb74ac626754247fae472bcdb61eb","ssdeep":"192:zaJ1QME9A68kEsgfo2YEM+TEkmli5yZZr8BT4FIhcXX3Kfj+yLxm:zaJ1QME9Y9xfmlO+gSIWfyLxm","tlshash":"0e32d7ea33a6f03343af90ebd06f4044f1799469145d181cd35ce8eb28394aa85e7f76","first_seen":"2026-04-07T14:24:14.76939Z","last_seen":"2026-04-07T14:36:47.212624Z","times_seen":4,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/1860zsbcg5z1o.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/1860zsbcg5z1o.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"1860zsbcg5z1o.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"dec75ab53cb09d845c2eaa0ca291114f\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/1860zsbcg5z1o.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wz4b2-1775572529605-242757d34113\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54644,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54642), with no line terminators","md5":"dec75ab53cb09d845c2eaa0ca291114f","sha1":"409821758d4d374d8abc078b900732908a66ce75","sha256":"9db199f2e2fd80f1a0ab8ed4d750442386ce342d431756f45d0d76e420a46a02","sha512":"c57f9d9a796d11886efcd2596480eb8af1f38121fc35b699c5dfb717e05cc8d2cd0b22cceba7ccd566dc3cc57983b4c63ee5034780b261fa199f6f4eb0cd5d3c","ssdeep":"384:2sVWst5gWTnrYV3uXeqbkJdeUtdaVmzlhjuNf9zXYpDuYNb4x2pk81FZTDxJRiGG:vVWstOoS3HSqD95hdFQcCDFZ1dqF6rV","tlshash":"7c33da753291faa303db91d9c0370012f2780d7130ad64b4b395d8af799dd8a92faf69","first_seen":"2026-04-01T13:40:25.558346Z","last_seen":"2026-04-07T14:36:47.214559Z","times_seen":5,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/icon.png","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /icon.png HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"icon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"955390adc46ea41f88783e4df31ece53\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mw82g-1775572529757-2575578e0088\r\ncontent-length: 463713\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":463713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 723 x 703, 8-bit/color RGBA, non-interlaced","md5":"955390adc46ea41f88783e4df31ece53","sha1":"d01f49325eae8d8b141a0e91e3b6e5eed6d566a4","sha256":"7b4ee8591ad25f627b90f64689bc1c8d8a53ff82f8e7ced57b53edcefc762f2e","sha512":"ad541fd513ae69061c64099fceaf399655b1dd814a9b2052f3048a682b741944ae546a46acaafbdad67363ff63027a180f9c38822ef8a6de4f13a80e6fa81883","ssdeep":"6144:WSvpBdCnSlIpF8sTJ3xU0qKSTnYCflilicU1+ULoG5dX27KewOuWB0Uy8LhsIx3Q:W2QFBUlVf8YcXvxuWBFTLhsqtbCsY","tlshash":"03a423b8b619f7e1576172a18192fe36fed99028863f03f2cde11480d84bca55b49fe4","first_seen":"2026-04-07T14:24:14.786753Z","last_seen":"2026-04-07T14:36:47.215592Z","times_seen":4,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/register?_rsc=nn07o","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /register?_rsc=nn07o HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_index\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: W/\"f4751026bb4adb6749f3548aee290379\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /register.segments/_index.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mw82g-1775572530189-0aa8864d1b9f\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2408,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (1960)","md5":"cf225bdc92cd31294709e0cbb5634537","sha1":"1d04c98f9f95a5e69d03d72db21f96ada75a3f99","sha256":"3693aa03368ed43617a29d48bf283bfa70741af98b9f832a8dbd7caba498d05a","sha512":"3f3da0bc86a24e30d5a2a153cd51112701d6584111c8ac0d6150fda8783de572231de57e4673b2a90d0bf440d565c3e40ef87aaa8ddcd2a6dcd58749deb07e5d","ssdeep":"","tlshash":"1241043a9a49ff7d7c6a85a8105fd71a915c043b57304eb8e3adde34028113a3f867d0","first_seen":"2026-04-07T14:24:14.803514Z","last_seen":"2026-04-07T14:36:47.241005Z","times_seen":4,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/14xpmb112aq3c.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/14xpmb112aq3c.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"14xpmb112aq3c.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"a160d356dc87e1dec8574b6aca3eeee0\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/14xpmb112aq3c.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xxtxj-1775572529603-a8dae321483e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":18331,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (18331), with no line terminators","md5":"a160d356dc87e1dec8574b6aca3eeee0","sha1":"74f236b8ab847cfa76ef3e3dc377afa22a8e7c45","sha256":"8b83d64ee30dae877bd12cda47f40941cf544a5e1d63d97726d75f8569403c94","sha512":"88f0b73b95ee5d079e81a26f47ed382a263291856a867ef211f01060a06bd3eab72dd2fc03b8261ed4f7f77bfb1c006fd990f223cbfa366391bf2bc0d2a16eb7","ssdeep":"384:n2RPOJrpO0MJDgAigIRje1TVVA0uK5fxqciYs4AY5HZOeJE7fMfJ:8qdgIRy1TX7a7+J","tlshash":"8e82faf13282f165d7aa40c5852b400af27e2e74341f5458e3ed9cea3665c86f2f2fa5","first_seen":"2026-04-07T14:24:14.773345Z","last_seen":"2026-04-07T14:36:47.221312Z","times_seen":4,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/register?_rsc=1pn8p","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /register?_rsc=1pn8p HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_head\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: W/\"c8caaea48b2363a40b4eb1f25725a5bf\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /register.segments/_head.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::78fz6-1775572530187-97b2890ab54d\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":2127,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (1756)","md5":"0b4ae3d90819341a44c46711e45079dd","sha1":"45fa0d22ab7675aa31b58b369d88ab9cd6053744","sha256":"aacf255078c7b37b1f68d997410e9d198208488ae3274fa9c58c7ccaec224dd0","sha512":"65fce6ff9c0e53fe7b21b1005650a59bfed3f0bb1044158fb7c660d124a5c4310ba44923be163ced85fa7adbaf6131188c3a5d3ba8f348182e0c387aa0d42758","ssdeep":"","tlshash":"5f41ce7eeb00dc2eabdb8945145f620a635c433bcb305c7bd18c8d180ac67ad2e913e5","first_seen":"2026-04-07T14:24:14.781297Z","last_seen":"2026-04-07T14:36:47.229069Z","times_seen":4,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login?_rsc=1pn8p","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login?_rsc=1pn8p HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_head\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: W/\"964707e313e15535fd4b9d008dd21078\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login.segments/_head.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::78fz6-1775572530405-23fe4696e85f\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2127,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (1756)","md5":"0b4ae3d90819341a44c46711e45079dd","sha1":"45fa0d22ab7675aa31b58b369d88ab9cd6053744","sha256":"aacf255078c7b37b1f68d997410e9d198208488ae3274fa9c58c7ccaec224dd0","sha512":"65fce6ff9c0e53fe7b21b1005650a59bfed3f0bb1044158fb7c660d124a5c4310ba44923be163ced85fa7adbaf6131188c3a5d3ba8f348182e0c387aa0d42758","ssdeep":"","tlshash":"5f41ce7eeb00dc2eabdb8945145f620a635c433bcb305c7bd18c8d180ac67ad2e913e5","first_seen":"2026-04-07T14:24:14.781297Z","last_seen":"2026-04-07T14:36:47.229069Z","times_seen":4,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login?_rsc=9gbhl","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login?_rsc=9gbhl HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /login/__PAGE__\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: \"2e6e857f4c71a56ff18bcd0d45cd56b9\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login.segments/login/__PAGE__.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::qhp2z-1775572530427-f942adec31b3\r\ncontent-length: 904\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":904,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (424)","md5":"440158bc30e15406d92b6897e776ec4c","sha1":"b4bb5478c29f557ca5c595fc6bc62b22e079b56e","sha256":"d0b5809787243426e4e6fcbaf382ff25b85e87e44266111da5858f959ade66b1","sha512":"88e396b29bde636327132db914af7f08d619367838ce19d1c1d9d9bd31d286b44348948aa564b3498af81ab74ca614cde08a4b667b6823163fdafd64f06a771f","ssdeep":"","tlshash":"e111c226db0dfe5f1ce4cc58346f9b2752ad1c3784354da8e2bdcc78028687617851c0","first_seen":"2026-04-07T14:24:14.763959Z","last_seen":"2026-04-07T14:36:47.245532Z","times_seen":4,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2 HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181705\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2\"\r\ncontent-type: font/woff2\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"65850a373e258f1c897a2b3d75eb74de\"\r\nlast-modified: Sun, 05 Apr 2026 12:07:04 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::xxtxj-1775572529569-948ca95ce1ab\r\ncontent-length: 48432\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-04-07T23:43:12.987762Z","times_seen":35521,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/icon.png","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /icon.png HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"icon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"955390adc46ea41f88783e4df31ece53\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /icon.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::78fz6-1775572529756-6a548b7f1c45\r\ncontent-length: 463713\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":463713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 723 x 703, 8-bit/color RGBA, non-interlaced","md5":"955390adc46ea41f88783e4df31ece53","sha1":"d01f49325eae8d8b141a0e91e3b6e5eed6d566a4","sha256":"7b4ee8591ad25f627b90f64689bc1c8d8a53ff82f8e7ced57b53edcefc762f2e","sha512":"ad541fd513ae69061c64099fceaf399655b1dd814a9b2052f3048a682b741944ae546a46acaafbdad67363ff63027a180f9c38822ef8a6de4f13a80e6fa81883","ssdeep":"6144:WSvpBdCnSlIpF8sTJ3xU0qKSTnYCflilicU1+ULoG5dX27KewOuWB0Uy8LhsIx3Q:W2QFBUlVf8YcXvxuWBFTLhsqtbCsY","tlshash":"03a423b8b619f7e1576172a18192fe36fed99028863f03f2cde11480d84bca55b49fe4","first_seen":"2026-04-07T14:24:14.786753Z","last_seen":"2026-04-07T14:36:47.215592Z","times_seen":4,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/17mxm.seeu2fn.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/17mxm.seeu2fn.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 700\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"17mxm.seeu2fn.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: W/\"bb5f0fd04f451541daced72ea68841f5\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:50 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/17mxm.seeu2fn.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ghjp2-1775572530456-a8df9e6036e2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":34014,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (34012), with no line terminators","md5":"bb5f0fd04f451541daced72ea68841f5","sha1":"e76da52a9b62950207be3018b36b8b1afff52ad0","sha256":"a251e996760e302ad2a03f7c6c5160a65969c6344175b6042a0e6c5b72e0d7d8","sha512":"b41191af43733620631b6180bafe8b5959b5bddb3007af6cdcb4c32c09a1811bca625e5e3b1c8068294dfd80fff45bd0f807ba5b5aa16ce83c763cc2a3ffc862","ssdeep":"384:ZvN3sHyol2GbLwl0v2spgFmQxziPWukLtAFWusl0s/iqLZMt7w2a2BWyHcC2D57Z:z8HLgqvKFiPF2fyE2NBZHcDXu8HR","tlshash":"b1e20be4b05295dde76a0094542fc00c713f3e68a91f4868f7f86cf62a52885f6f2f99","first_seen":"2026-04-07T14:24:14.771084Z","last_seen":"2026-04-07T14:36:47.22982Z","times_seen":4,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0j9g_8xfbk8s3.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:30.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0j9g_8xfbk8s3.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 700\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0j9g_8xfbk8s3.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:30 GMT\r\netag: W/\"4deda0d10c79043b7c67fe98e47f114f\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:50 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0j9g_8xfbk8s3.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ghjp2-1775572530683-3ca09c04134e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44304,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (24416)","md5":"4deda0d10c79043b7c67fe98e47f114f","sha1":"3350371895c2d9bb0f3b4dec4c04b899bc6f74c7","sha256":"7e5f33474a4149ad185039ad46976b18b54619affe8c00da8f4361707a648d3c","sha512":"d1390c7d3c46f25df636191c946c193989abe1c034823978e0fe114df48f71204c738bbc482468f2620e065452509b8b328a80ee1e0625a2579745ce83cc96c2","ssdeep":"768:ZCeHcLh/Ah0qxI8FaVO/WHTNidFZsGeE1mBMHiFNwCPv:7idACqxIMayWHTN2FUBMHRCPv","tlshash":"f8132cf17156f8d9976b80c4846f800cf23e2e74641e5468f3fd6ca52aa1885f1f2fa6","first_seen":"2026-04-07T14:24:14.762119Z","last_seen":"2026-04-07T14:36:47.248052Z","times_seen":4,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:40.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 181811\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:40 GMT\r\netag: W/\"1196ce01029f28fc5d7066bc15cbb471\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::4t25d-1775572540274-bbcf5302bf62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":15939,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (15939), with no line terminators","md5":"e3ba4bdf78136c261c9c05b43fbe2bb6","sha1":"47dd86cba801fd883c416eec4da25f7c235ca0f4","sha256":"8e07d1cfdcc1e7628f524c6c7816f867c4b34967280c98ca6ea58b26de4b3e23","sha512":"da0b80eff1b5e6918e106be7a6bfaf7c2b04a789fbb4a107c7a236ab24b936c4d162f4352593b2da656902256312baefab083f4d20a6e9c3d304f3c224c28e55","ssdeep":"384:b/VqurQAjOuWIvZdARBIMH98G/58CY0XY6ykDnsM:b/VqurQAjOuZBcBI8F/S0o6y4nv","tlshash":"1362a626f805de0b9c7a9d2c513e6d3910cdc977c62489ace2ddce690a82db51be6dc0","first_seen":"2026-04-07T14:24:14.765581Z","last_seen":"2026-04-07T14:36:47.247147Z","times_seen":4,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/media/d23f31b94ad01e54-s.p.091biwio0g5wn.woff2","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/media/d23f31b94ad01e54-s.p.091biwio0g5wn.woff2 HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181705\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"d23f31b94ad01e54-s.p.091biwio0g5wn.woff2\"\r\ncontent-type: font/woff2\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"989e746dc103c42fd5ef7c5cd861d1b2\"\r\nlast-modified: Sun, 05 Apr 2026 12:07:04 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/media/d23f31b94ad01e54-s.p.091biwio0g5wn.woff2\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wz4b2-1775572529572-fa0e94866727\r\ncontent-length: 9400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9400,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 9400, version 1.0","md5":"989e746dc103c42fd5ef7c5cd861d1b2","sha1":"525a3afc6ab18de10f9ea2e38dbf82fe98320d3d","sha256":"35f7e628ec8e7dd3bf434e95ce28289803401f12d8605c56ca83db2b4b301d33","sha512":"3b6c65421944caba4e7a5377fe60dd9e0b70dd8c7e500150bb8bd229fc80fc5caec261d8224c6c7a4b788b3e0db18b5bf806a109615b83286b8b18c9363a9eb3","ssdeep":"192:SgBED8cFnp3NSNR7+8TA0liw5wzBBPKb83sA7fdLf:qD8cFpG68FiPznPKb/Oj","tlshash":"1812af332956cdbacaf1ee71e563edd419026c4675d6f670f420c0e48b0270de1ae6b1","first_seen":"2024-12-17T21:13:25.253772Z","last_seen":"2026-04-07T14:36:47.213585Z","times_seen":98,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/_next/static/chunks/0yb2wil16uz6h.js","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /_next/static/chunks/0yb2wil16uz6h.js HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt365.q38.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 701\r\ncache-control: public,max-age=31536000,immutable\r\ncontent-disposition: inline; filename=\"0yb2wil16uz6h.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: W/\"ddca2069e2c5530471e5a0cf0fd74ddf\"\r\nlast-modified: Tue, 07 Apr 2026 14:23:48 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-matched-path: /_next/static/chunks/0yb2wil16uz6h.js\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::wz4b2-1775572529578-d816b603f84b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":5587,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2444)","md5":"ddca2069e2c5530471e5a0cf0fd74ddf","sha1":"877772cd73dc2d32590471fa21b2703af249f6fb","sha256":"a46211a22ca83766afe77489b2635bc7ed6efd3da4f1c60bc94408deb352a575","sha512":"16e069b47459e2abad39db5c2a2c7ae46fcbfd1a8281da7412feafd93e9afa281c0d8b525e54d3f47548f6f8af41d8a36b2ce4442971c1f740f27742b69b927d","ssdeep":"96:4ZYwf52j45y5Iie0RES0s0QPf59GChx72aRR7KRZVg9GCa:hwMDhEBs0I+ofQZf","tlshash":"eeb1c711f241ec9ab75a008935b7b00ef224342a9b75e87277dc18f25bc05f57d6a7d8","first_seen":"2026-03-18T18:55:57.703395Z","last_seen":"2026-04-07T19:04:22.421183Z","times_seen":227,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt365.q38.co/login?_rsc=1r34m","fqdn":"usdt365.q38.co","domain":"q38.co","tld":"co"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt365.q38.co/","date":"2026-04-07T14:35:29.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt365.q38.co","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 11:05:27 GMT","end":"Sat, 04 Jul 2026 11:05:26 GMT"},"fingerprint":{"sha1":"B2:F8:36:70:66:7C:51:0F:88:AB:75:03:23:CA:06:40:4F:0F:45:B0","sha256":"6D:FB:08:0B:72:62:14:2D:6D:5C:A6:79:0C:0C:FC:EA:08:1F:BC:41:F1:14:2E:5A:EC:B5:20:09:EC:AD:F4:10"}}},"request":{"raw":"GET /login?_rsc=1r34m HTTP/1.1\r\nHost: usdt365.q38.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt365.q38.co/\r\nrsc: 1\r\nnext-router-prefetch: 1\r\nnext-router-segment-prefetch: /_tree\r\nnext-url: /\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 181785\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/x-component\r\ndate: Tue, 07 Apr 2026 14:35:29 GMT\r\netag: \"7acde8849ae3f1de3b6595cc79758702\"\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-matched-path: /login.segments/_tree.segment.rsc\r\nx-nextjs-postponed: 2\r\nx-nextjs-prerender: 1\r\nx-nextjs-stale-time: 300\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::78fz6-1775572529822-a9fc7965cbd9\r\ncontent-length: 823\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":823,"size_decoded":0,"mime_type":"text/x-component","magic":"ASCII text","md5":"ef3aa8ab52bf51b898591a9e9587e76d","sha1":"e0b342b09b4358042333e6710fa7bdd468d1f746","sha256":"21e565f9180330396b9d7630fa0a4a0f521a83b88783f0558e393bf8b21ddb57","sha512":"e119b3ad737bf278e16afed10deee0acc6d32c94561982057b3123d43ac1034611a66b48b967b899cb3287c40c872e5c0357c6ae2e63f040be474a102fc12a80","ssdeep":"","tlshash":"5f016b2299097dd41cf1e89422dad71a50682f33b4b50cd8c4cf8de007a113a1fcbb87","first_seen":"2026-04-07T14:24:14.812735Z","last_seen":"2026-04-07T14:36:47.239768Z","times_seen":4,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":229,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"usdt365.q38.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}