{"report_id":"b665861f-7735-4f02-a59f-f8372da02f28","version":6,"status":"done","tags":[],"date":"2026-01-07T15:07:25Z","url":{"schema":"http","addr":"usdt932.com","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"172.67.128.124","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"title":"Blockchain Investment Project Website - Unlock Financial Freedom","dom":{"size":109588,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57589)","md5":"c0aaf39e70278be891d599bec97ef0eb","sha1":"7b2adf418613f2604edf20a7d5dc1537cc16744e","sha256":"3f091fd01d17072c016dcdf3a11d2aa8217c5e051c8f775bf41110660e858952","sha512":"5d2b1703386eff2c10427cdd1a62f28298752bfdafdd51e253c97402ce14d2033caf5d61856b3dca702191ba1cbe92f226a26a368f15fdd1b73e5c728235258d","ssdeep":"1536:pjqyXmRQZ+JTf+B0Ac7fGnUl+6DjLwHq7hP9k+WUlDY76TdYhuDTvej/XAQshxch:puQQ5WlSYhH","tlshash":"93b3103871063c16647795c0f0a46f993192ef3ac3548e58e3b927a62fcbdf46869378","dom_hash":"domhash1c691ec0c31a8d0c053c4e877ac6629d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usdt932.com","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"172.67.128.124","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T15:07:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"usdt932.com","ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":105,"request_count":105,"received_data":2417407,"sent_data":73518,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"apis.usdtifa.com","ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-28","domain_rank":0,"first_seen":"2024-10-26T21:39:02Z","last_seen":"2026-01-06T13:38:29.077097Z","alert_count":0,"request_count":22,"received_data":582155,"sent_data":11762,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.221.80.91","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-05T13:13:41.270215Z","alert_count":0,"request_count":1,"received_data":578,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-01-05T02:41:01.3201Z","alert_count":0,"request_count":1,"received_data":356,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rtfsq.top","ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-12-27T02:50:01.751756Z","last_seen":"2026-01-03T22:01:19.897088Z","alert_count":1,"request_count":1,"received_data":220,"sent_data":397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0efbc289fa81555431fa55aecc16bdb","sha1":"c003e091a0c7577d31a08aecedfdf0fbf588a537","sha256":"3b4ede29d0c79d3efe1a1ff3cbfbd15653230a9b26d40b33bbb1f78b465d85b1","sha512":"3571fd6c4175cd3725b3072f73015426e759dde85199169e18bcee1292ebed1cebe10a929fe05561842703f59e82f528965fdff7cbe61b342040c3035ead5639","ssdeep":"","tlshash":"48e0618250e7295c0520816a354ec5171f6505b39e818d513c8c7765cff5e4bc05d858","size":420,"data":"","first_seen":"2025-04-05T05:04:23.897278Z","last_seen":"2026-06-05T23:43:56.968069Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","size":2530,"data":"","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e9ccdf6128f496cf5fad41555021d5ce","sha1":"79948ffa9e6b239bf806d1be3ee8f33c5b44b47f","sha256":"881fc2e41e6bbf997e99d29a85de0d6b047eb5f7641f0247a82fef78b2a0e615","sha512":"448c3038447b8755d6d73486eb9d3eb05ae55c0a6b1e3e07be4f091caaea70a5d284d994087f3113841facb6baf13f8e8cff818808a38f26f1effbf34daaa313","ssdeep":"","tlshash":"0fc08cc4b0d26e201602652519bf2ce4a034802774482b028c98ed492e220b0833be9c","size":148,"data":"","first_seen":"2023-08-12T11:46:41Z","last_seen":"2026-06-05T23:43:56.988332Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","size":15321,"data":"","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T13:12:24.584533Z","times_seen":98180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index-DcZrAb-o.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28ee8c25bbc5545a74782a7951b9a6fd","sha1":"2194b6108264af7ded37b7e0eee6387f4093b775","sha256":"4639c812ad55aa7e23890138b4f979c821075b2d3a17607044b736f3fb373be9","sha512":"4e2851f1fac247d5cb7ec79db7e1c856bb7b4577609301bb10b73d10b2fe00eee81302d0d206b2bb017ce53e33b2033a050957874065936881c9bf45a2ac223a","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+50ROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKE","tlshash":"1a05af9a338a702106f536d2306e3631a3745e65f84ac0c876dcdeea25fbc056297f79","size":873735,"data":"","first_seen":"2026-01-04T07:38:56.489286Z","last_seen":"2026-03-08T15:12:25.595754Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index.DuhDaPHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","size":1630,"data":"","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"11ab169d0bf6e806e9ac049d3b54e3b6","sha1":"71fcbedf3a9a8e22003315106b9910f2bcb258fa","sha256":"3f301446260bd8578ada459db15fa8a65a2334c872ea63fe34a93be0d42943cd","sha512":"6da4335f25d683d37adc45cf7ab8d32a1bb460f0d5a564b6e7750fd6b2aaa59abd6231252a9c4aa7059c43363c77ab2c6515d8b52eb9090da8746fa854dd7805","ssdeep":"","tlshash":"99c080c471c36d0125155520507f35d490644017749c1b568cd4dd552f130b15233d98","size":160,"data":"","first_seen":"2026-01-04T07:38:56.521144Z","last_seen":"2026-06-05T23:43:56.977464Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-06T13:17:01.36976Z","times_seen":3508,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","size":14279,"data":"","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","size":2166,"data":"","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","size":4762,"data":"","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"e40acf04b9e1d2e7ad1d35c70f89add8","sha1":"826ac96f076cc09f10b4e38ca8bd6b67ba79149b","sha256":"6b702ffc46910b485fdcbb4791eaa2bcfdbfdaa8e3d4ca7b513ed029c875223e","sha512":"278dfd3d6830050797905e4e5a3565c6ee3210ca91bb415e630400808b555459f7e2bd154395aa08f55d6f69cfe49628964796446ced9ea429f1e8d18f768eef","ssdeep":"","tlshash":"23c08cc4b0d22d102602641410bf34e490248027b0485b028c94d8482e230b08233e98","size":137,"data":"","first_seen":"2023-04-21T12:20:40Z","last_seen":"2026-06-05T23:43:57.000226Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5c56bd092d0b0dbebcea0dffc9d3e1c9","sha1":"e63350a080d3edda266861535b89dc0603f2150f","sha256":"8d56b21d15b7fb8d64c62e430f90397e05d7d1c8ff9604577435bcfe68568300","sha512":"fe57381fbb2ad34a6a6750deb2d29f7bb89372dde680dc4be3b99ef6ccf3cc0476c9bd4a550f3586f8d44dd12b07c3be71c2ce454a98ddd01035405ee2ffbfcd","ssdeep":"","tlshash":"eac012c5e0966a211e51a914646f25e49024941a74481746cca9e9d42a121f48123e9c","size":172,"data":"","first_seen":"2025-11-22T10:34:45.647279Z","last_seen":"2026-06-05T23:43:56.980292Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-money.Df21XDR-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","size":3017,"data":"","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d6e92f200cff0675c6c843ee8980e5e3","sha1":"50ed9a2265e851f6b11abb8d1a5e0443151a7cfd","sha256":"9dcce56c16f2685a0cf3e10c3dd707e1685f9f98294c5a5036b2c3b3e2f30801","sha512":"49e0b72dcff5d666ad61db6e178e5a2a577f95a0b962dbd49bf7b96fadf11b1ebd2596c2b5c7cec7532c2f61809248fac043ac265cfa0c069c864c391c793be9","ssdeep":"","tlshash":"a2c08cc5b0c22d001612641014af24e49024802670881b028dd4d8482e220b08233e98","size":139,"data":"","first_seen":"2024-10-14T16:48:29.18645Z","last_seen":"2026-06-06T08:46:41.497037Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","size":22638,"data":"","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","size":18856,"data":"","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","size":27070,"data":"","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-06T13:25:57.30453Z","times_seen":4064,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","size":2457,"data":"","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"cada8fb3cc65a39eb36a4df1c90f2caf","sha1":"609ae148c4c2d63e321211f8091ec3f8e0350de9","sha256":"889322541533390498d984110d2c5183e30f68eadbdd3e26d49ff14ddcf0da68","sha512":"9b2cf6f4c703f718d9cef1fa878443517aee40771676b60ef560bfc74e96b94578c7ba9b07041d2716ce040a4c8d786ee32e31f881b9d80443d9a0671f86fa79","ssdeep":"","tlshash":"88c08cc4a0c32e001612646410af28e49034402674481b02dc94d8482e620b49237e98","size":138,"data":"","first_seen":"2023-05-02T22:44:01Z","last_seen":"2026-06-05T23:43:56.979444Z","times_seen":551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbb8281a186bd30f570bfca3f66c70bc","sha1":"113ecc8547ecd1d2cf2f7b10d8ce63e725c0ed3a","sha256":"8884166e9156c62e064132d041c98801b482a2cc6a8e146561895510917e1783","sha512":"6e355b11a3f54c746b5420b83caff25fb947695388ee01ab92e3d09fab418893a8fece553161807218370c8344f936de1aaaeab94dfea131fb25ab0c9231f5ac","ssdeep":"","tlshash":"37c08cc4a0c26d001a02a46054af24e49024402770481b029c94d84c2e220b08233ea8","size":137,"data":"","first_seen":"2025-08-26T17:30:33.449562Z","last_seen":"2026-06-05T23:43:56.976631Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"26ada63688eecf39cb8b0e0741aed2a3","sha1":"3e03adde982a6830c7a2e8c182d4b526ef9b1b59","sha256":"2616c1772127515b4ee84f38249e3dc6acdf300478ef7bc9081803e414323c46","sha512":"2ffecb0c1e9a36948b7104f5dfdf31d79ada71c5f4554a41eb88fdeb7c512e319e317535e184413a44d6b12c3316a354a0b4516cc2af569547755de8222cf787","ssdeep":"","tlshash":"60c08cc4a0c22d805612a92010af34e4a034803bb44c2b429da4dd483e674f48237ed8","size":149,"data":"","first_seen":"2023-04-30T07:46:29Z","last_seen":"2026-06-06T12:46:31.227391Z","times_seen":258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0951a72701a995f6f19518ce49792325","sha1":"6995a4b50a7fd86a4fdf32657d5fbf60d39b8605","sha256":"59bb000eb5de16037c3cfd8c30b75845ad57f4564920866696ce1e9f1fe7f3fc","sha512":"14be3bb5051110025b856b2c17e66795a3c1bb0976e4ff738747edd8bbdfd1cda3ea1838184affafcfd5fdd5c03a29e6370a5f4709d7288aec1f135c8e22f0af","ssdeep":"","tlshash":"55014908a3f221a2912b74bc8b9f9614293040037508ef51bd9c5781bf9643486ebfc9","size":758,"data":"","first_seen":"2025-04-06T03:52:55.464031Z","last_seen":"2026-06-05T23:43:56.971169Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","size":3165,"data":"","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fda026047e8eb1a5882e868c6621ecb4","sha1":"94912222851f4eef4664202cb513d7f3d45993e5","sha256":"389ca4866842c71e748f3385526f79ec5d78e6fc86cf71a48a0c44012c59fd8a","sha512":"c7ddb08213f5190b3cb67a8b6cdb51338e1763bed5a088339a123b7fb1f6e67f25289f103a5664785612b1782a4301d3d9d16f8a6d466cceca1e1c1814af3145","ssdeep":"","tlshash":"d3c08cc4a0c62d002602681111ef28e8a028842a70481b039cd4d8893e620b48233e98","size":141,"data":"","first_seen":"2023-08-10T20:40:22Z","last_seen":"2026-06-06T10:46:01.624141Z","times_seen":271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a7b3de7354307d425e2c87cd30f4ede6","sha1":"dc66414ea415cd874318119239b4af134ba2567b","sha256":"6ce792f41f1371f6d74e42988b05237acaaaf3eabaf18d6f6c7b56b2e58c4823","sha512":"15313ff7e64d913b8e7a1bc9f0802d26ec31225c1e0be7fa325315bc6cebe8d5e070cba2c58e83993c461951180bb947eed81bd1bbd165015772906c7b2599c9","ssdeep":"","tlshash":"73c08cc4a0e23d001602641010af24e8a0244026704c1b028c94d8882e220f08233ed8","size":136,"data":"","first_seen":"2023-05-05T08:00:34Z","last_seen":"2026-06-06T05:34:07.26823Z","times_seen":844,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c9906a60bf176582d9c762184036ff97","sha1":"5c61bc5b5cf5f9f82e45f9ed39397d6543de7e6a","sha256":"f72ccf65db7b64c33731893405e035c0d29bbfc704a4d4ad94d6e0d5a7684b20","sha512":"f922a474f726dceac9a7d8ae699f84be6815d0436ba8e3f514a21bb3d6907058ed6cd5544dfe13e21b701e787959e922df9967a2ea5a936b5ef789fe4848cfb9","ssdeep":"","tlshash":"bcc08cc4a0c32d002612681020bf34e49024402670481b438c94d8482e230b08233e98","size":139,"data":"","first_seen":"2023-04-18T06:39:26Z","last_seen":"2026-06-05T23:43:56.986496Z","times_seen":95,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"baf926373a5336bbdd42a02d78239e20","sha1":"a10eb81dee4374480d5414c25abed550d0be55ce","sha256":"8c2eff768a8d2a1c66d635ba46d5c553cc6600d1b5de5f2ac9d5d80e510d322d","sha512":"0aa58d4b1f32058be87a8ff4d8372e8b0aa659cc72d1ea929732905be52f7b9976c965a4a350476d92cdc7c184bafeb8f64d51ed683a8a375a317c11d4d222e5","ssdeep":"","tlshash":"b5c08cc4a0c22e102612a89010af24e8a034402670482b02ac94d8482e224b08233ea8","size":140,"data":"","first_seen":"2023-10-25T16:06:30Z","last_seen":"2026-06-06T11:57:07.720749Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e0cdd733c246a219ef3f620b22d69aa","sha1":"863bf764440755fa39ead6406e3e3e2c61df2fcb","sha256":"30d09f0fb47d204d4f13487482604c49f69eb595608f211f30684ea589eb9ebe","sha512":"c3504ed49777cfe19faaf41429845212358b3c2078bce5d31c43da809c5b631a0d9cf568b55cda87c4307a290ca35f73f6946ddc3e3a6ff8fc0e4035b114ea4b","ssdeep":"","tlshash":"01c08cc4a0d32d002a02a49024af24e49038402670881b029c94d8482e230b08233e98","size":139,"data":"","first_seen":"2025-03-17T10:03:33.622599Z","last_seen":"2026-06-05T23:43:56.970392Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e267cc44511bdcfb9d6a29aa9e0f9e87","sha1":"7068144ccf89432eab5a1b51f1d7634ff629fa21","sha256":"5df8efa06d78c4e24760df1e0f34d1487deb5109f000bed21b225e9e84617782","sha512":"34223ca932af064d34bfb746454477f0edd1a28f495a12642b5e5b107a07029685ba89ebafbf0f12b035443fd0352d8b333dc969e7e63dea56f1271bf8056a52","ssdeep":"","tlshash":"7fa001a3cd57d739187d90282301594daca3068204224c84369f28421fc81006081983","size":72,"data":"","first_seen":"2025-08-26T17:30:33.459192Z","last_seen":"2026-06-05T23:43:56.981187Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"bbfdbe498eceeae4b8955afded5953f2","sha1":"8c751893c399c81cfa90910f797e551c903f6f03","sha256":"58b8d2d45f5c38007fb9d52dbfa22b0e70b9fc6eed0dde5c96f3c600a54c387c","sha512":"2ca782e375b5aea7b15ef61611be19449f3ae3efe35807414b2efdce77c2250741e4efc0b626fe817be0c8ff1e221f8a3f95e7bd9306ff3ac87b930c510077c9","ssdeep":"","tlshash":"84c08cc4a0c22e105622641010af28e89034402674489b528c98ec4d3e230b09233eac","size":141,"data":"","first_seen":"2023-05-08T02:54:43Z","last_seen":"2026-06-06T13:17:01.43007Z","times_seen":339,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2cbead8d777092847714cf3153123fb4","sha1":"452bae521f1a8f32e2f02902edabfa48d6ca4626","sha256":"998e7a7ab80aa20b3d2f7b6d9ad8e897a24f43eed54b95dcd2b478a8fa66a56b","sha512":"bfd5838ce47877b46e3e446203789929a5843be24b0a3dd95da4f1fb4260367bc11ab9d5e4304b7f45ecf2e227c31a9ac2789b0eed2c1b0e7cbdb5c59ad46192","ssdeep":"","tlshash":"82c08cc8a0ca2e001a02641855af24e49024402670481b02cd94d8582e620b48233e9c","size":141,"data":"","first_seen":"2023-05-31T15:16:52Z","last_seen":"2026-06-05T23:43:56.99108Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","size":30192,"data":"","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"35e0563db9526e0c5fb582a10302458c","sha1":"a1f9f0f5d0b5c690795b05928ad7ca0c103b9777","sha256":"65edd78a29d50b17ea83883ed1d346bb8e350b5cc13e7bb107b7507199fa8eef","sha512":"c7c38f574d0cda3932f3e34d78956e744ea361286aba39e79003d524f9f19ab05603900fe145662c11a0c04a43898bf00b76ab2f8a3783d319092bf55b430d3f","ssdeep":"","tlshash":"51c08cc4b0c32d002602645050af24e49024802770481b029c94ec492e220b08233ea8","size":141,"data":"","first_seen":"2023-05-05T08:00:34Z","last_seen":"2026-06-05T23:43:56.983347Z","times_seen":663,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","size":84,"data":"","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5d31ff7e60917b0ed4a4b70d37f66a2b","sha1":"c50f1dcef18065974e84265a1a49bdd0ee29e449","sha256":"aa6fd728eecb263d1055ba5f0b243644492895c8b51fdf396aeb35f2026ac848","sha512":"37b9cf72e1f471ea4b8ab70e1ced41fd251b10d068879907f2f7dd3276ac5c5cd9b0c3b90a731ee5449d42ba3b181ce145207561b4e72ddb32bbf1337361fb8e","ssdeep":"","tlshash":"72c08cc8b0c22d001606641010af24e49024402670482b028dd4d8482e220b48233e98","size":138,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-05T23:43:56.99016Z","times_seen":301,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","size":1194,"data":"","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a7e507f5998c97ab0dbb873768dd748d","sha1":"3eccb50466058830030b932a69b010061081954f","sha256":"a8d5d1e6f993c51f99757071832455971c5c050686ecbfc76c90e32a32ccc555","sha512":"d70d16b17806bd1cf085f7cffb3f94c9492ede6706d498e96f20a093d817c6667cec135fa77a0c3972f7087376993d233a176b4fb7b166da133d6eb9401aaf79","ssdeep":"","tlshash":"1dc08cc4a0c22d002602a51021af34e4a028443670482b12cc94d8582e230b08233e98","size":139,"data":"","first_seen":"2025-08-26T17:30:33.458228Z","last_seen":"2026-06-05T23:43:56.996833Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3e352e40da965a477c73b85f45fcbcfe","sha1":"3e723988fae01e9002cd221d32d0b80fc932dc85","sha256":"5437083c1c0938d596758b071b379432c6722f887cbe2dca49cc5dd12e4f48bc","sha512":"36bd9ae9981675720b34b16739e5bd73967018d36cffaf325c4415dede978a5c8950cd9ee99567264cef03b5020fc26def12f1274befcfba2f680291e9f34580","ssdeep":"","tlshash":"e2c08cc4b0c22d003a02a41024bf34e89024402670481b028cd4e8582e230b08233e98","size":140,"data":"","first_seen":"2023-05-19T17:54:23Z","last_seen":"2026-06-06T10:46:01.650955Z","times_seen":682,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d774fed07205a75db9f9c598203c2b9b","sha1":"a431d5203ffcde744a9025d0d7dbe794bc4b52d9","sha256":"138b79a6155dc1e18b3b0b74d7f108c73ca2ef9818da9bbfaafd03b420fe957c","sha512":"c7809ff091b5db0e57371c7fc960cb39f95047c34bd6c495c64bcf297cfea0f47d51834301b4b6b29d04b42605fe8d667d4df03f06d56675ae1973876631814a","ssdeep":"","tlshash":"72c08cc8a0c32d002602a51020af38e8b034842770481b139da8dc483e730f08233e98","size":147,"data":"","first_seen":"2023-09-19T16:42:51Z","last_seen":"2026-06-06T13:17:01.339192Z","times_seen":189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","size":228662,"data":"","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-input.uefNOExw.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","size":5698,"data":"","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","size":6384,"data":"","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1ca49f0e439cf34669924908e59b2897","sha1":"efea6ef6bd12f3ded99d07b429c6af21c23ed826","sha256":"9f9ee6011e8f88513c2761906180f430478c9d9835d4e74a211cafd3c79b955e","sha512":"f5dfd73abfc4c47819a1c10e68b974d2253a67fd9fb113e510809ee5ea650d5dd1f003dedcd6f88235e4e5b696f28c5e2f18526e794579f3b9f5a1d7db17bb21","ssdeep":"","tlshash":"fec08cc4b0c22d102602a91010af24e49024406770481b168c94dc882e224b09237e98","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-06T08:46:41.500274Z","times_seen":532,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"82b314192b4dce18e996c2179c3b795f","sha1":"caf6f26b907ac13a6cb9491dee030755bd05e8d9","sha256":"84947a1b1be359bf621fe720ff7be49752dff1864c8b425bd03878586e6f6bf1","sha512":"bddfc79a501dc421a245cbae7b0d55d979c178f44810749081e62296e01f7399ecb87cb0e1e41f7b3769d3ee8c9838563cbec5d0c34eb2841184d4a589afae25","ssdeep":"","tlshash":"90c08cc5a0c22d002602681020bf35e4a024442b7448ab528c94e8493e620f08233eb8","size":143,"data":"","first_seen":"2023-04-17T20:49:21Z","last_seen":"2026-06-06T11:57:07.722085Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","size":4741,"data":"","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36f26a090abdcc337bfc430f7eba2abf","sha1":"bde4b3d8e5ebea671a9a85174cfb4058a4bf0adb","sha256":"217e71e9b0dbcd6bf49e06ed0c8570fc448a800192167db81cba4cbaefddce78","sha512":"a191f331612f086b236bcab8dc8340639cec8859afceb86edcaa7913e42165ff3d184a5a5f4bac7ea93f59aeea3c76e505c456f9f5da206347076658fc271a87","ssdeep":"","tlshash":"12c08cc8a0c72e101a12655015bf24e4a024402a70489b038c94d8482e230b09233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-06T01:45:51.963471Z","times_seen":1563,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5eefe40b85e8c2db9ca6b62c4c3c5399","sha1":"00c3b8914ba6e7b5e9f47b5111b63e9e0ed7a556","sha256":"5e0f7543b9c01385fd8fcf8669408e298108d313227ab99067161b46c5d60ad4","sha512":"8aeda493afb753af1917f681b30c17a5c5941366be426c10cdc863eac91477e17264c4ac13c3b2924fbd47d3df739e703a6b609e7681530d4df3b3889987eaf5","ssdeep":"","tlshash":"a8c08cc4a0c26e005612641210af28e4902440a6b4481b038d94d8482e624b09237e98","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-05T23:43:56.972648Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c7e852b3890d84ceb019fb49d8fb82f2","sha1":"39fd7387eb73882beca538337c8c3cbcb0e29274","sha256":"5464fd014fa7fc9f785002e31cf3ab6a9c4e5ebd440ae9e313c2e4e2e1310a7b","sha512":"cc52b7193b565d3f3cce8ee54ff11dfee752d80dc7f51d59be7ba83b692e419528bb0a1b726935e56664d7c449fa0d6a1566253431dfb22bc266762e423d6287","ssdeep":"","tlshash":"cfc08ccdb0c72d002602642050af74e89028402670481b029c94d8592e230b48237fd8","size":144,"data":"","first_seen":"2025-08-26T17:30:33.454142Z","last_seen":"2026-06-05T23:43:56.984264Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e40cc2aab8d5d376280c17d363344fb7","sha1":"75c283226da7b59501ef980f3f8d8256a1425ea2","sha256":"187749c0617b275173ac1ef4e8273c2e95cb5ed334d3a1baa5235251ed02e545","sha512":"0518d6e4f074dd336768ae9d292bbb2baf2db8866645d7d938143fe77f3fdb283d47af41d852165a22ae63e9c11d4f41ca8762b253dac0ed14e17a77da098810","ssdeep":"","tlshash":"18e0d8736f5665744473e02e637f7720753b516b4250c9067a2c868c0fe0a87666d6c9","size":411,"data":"","first_seen":"2025-08-26T17:30:33.468213Z","last_seen":"2026-06-05T23:43:56.989253Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","size":2870,"data":"","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-06T13:25:57.303249Z","times_seen":5569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","size":3433,"data":"","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0ae64cce4f24529caa56156b159bdade","sha1":"3f1c5a480a93a0bfdc86eb0d7769ea098682b7a5","sha256":"99cb12f023e5c6752e9a7e0132343acf246a432e31d1e7326a3fad10704711a5","sha512":"0ce54f9c86d027c6895c449a7be022ab96d9df608d39f56a3eb0c2721f49aac55b9f82668c5265ba231c626d7a841bcb68c13b169f5f5f9be40244d0c3abec61","ssdeep":"","tlshash":"eec08cc8a0c22d002602a45010bf38e4a024842770481b028de4dc4c3e230f08233e98","size":141,"data":"","first_seen":"2023-04-14T14:41:51Z","last_seen":"2026-06-06T13:17:01.338711Z","times_seen":2092,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","size":107818,"data":"","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","size":1312,"data":"","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","size":4187,"data":"","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1faebd0b8ec83d9258948f07393e454f","sha1":"44d5ca89f13c7829bb8153a66ba0d76047eeb290","sha256":"9b72256f8545b5a7756926fc56e1d8634a74b0efdf96ee8291b743ac3434846f","sha512":"14dede173aa4e1c8244528fef9c867f813d3f391f66f1a356c2887fed20294f9df7265d0e8d5bab67bf8e1e1a3ca2238d1da9a6b806c008154a19ef701877830","ssdeep":"","tlshash":"dec08cc4a0c22d001602a41018af24e490248427704c1b428c94d8483e220b08233ee8","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-05T23:43:56.98742Z","times_seen":314,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-stat._gfGVicY.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","size":2873,"data":"","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","size":2207,"data":"","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","size":5696,"data":"","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","size":522,"data":"","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-06T13:22:38.006372Z","times_seen":15874,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"usdt932.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37f7\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rqc1if%2FL%2BtFdPOaIdDZWV5RILxL36s83Zu7VguXpYVobjNhwqSqTCQJ%2Fka8jniopN0Nwdnrc8nzLBvVG0l%2F9cXQmjjKhHMcW2w%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/home-active.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/home-active.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-365\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wtxfnXqrIpGxKKcTPRTNba21D5fdg7S6IacWPF0nfm%2B%2BI32xLW9%2BuCq9UyCFHzaz%2Bnr%2FdC5BWrFQcmXMgUpGf82Hn7MJ%2BKlYpg%3D%3D\"}]}\r\ncf-ray: 9ba45cdc0ed456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"c6d27404fef95ef239c3280ba0a3fc62","sha1":"6a7e607fa16ac9569e551cb1568c9c96ecbbc6a0","sha256":"ff505dd65e1a13cd126bffa304da50f172050cdf9a4441e19ecf426784c9288a","sha512":"a6af8db057397cf5827f0a83f2e8d3fa7ac1efd4302dbbf4ff086e81000e3079a5149cdbd70e4fecb63ce1e27054130f77acb5a193c78a33452f508fa6672552","ssdeep":"","tlshash":"b3116385af35b672440a70efb6b17439c221100de1d012a74ab90961a9428aab086e5c","first_seen":"2025-08-26T17:30:33.35948Z","last_seen":"2026-06-05T23:43:56.965799Z","times_seen":18,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/notice.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:06.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/notice.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:07 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-113a\"\r\nexpires: Fri, 06 Feb 2026 15:07:06 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rb90fywsS92X6hGodjBYuvxGHBOzuk8KVGX6oqZ6wmx5N6Nub%2BDnDQVhe%2FZW%2Ff5Ho77mRpblROgQQxen0HppcLD8fkIvQ9O6Eg%3D%3D\"}]}\r\ncf-ray: 9ba45ce5bf5756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4410,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 52, 8-bit/color RGBA, non-interlaced","md5":"e6e538dbdcd0b78c187113d176c766a0","sha1":"64fa3eb7b441d398729f1ff6c2ae00f8d013745c","sha256":"2692a3e296fd0b79b395702deae839c908b45c1209c8791c75ffc6901e809bb1","sha512":"865d6c9cb1b4effe1caba57abd8cec15b8b0c564bd3465574773335ba4567c171c09d2369ec0e0bd4f7d4d6a6a5d4efacec0740cbd47055c8f9d2c2df5eb3674","ssdeep":"96:b3QfbyWoYuM7n+wv5fzwwjoulxn2/SkajtyZ5iXiw:b3UyWoU+cxfcuvOSkajAZ5ix","tlshash":"5391ae71c3d484685c7ae27d1937556b61b60378ff8e3c0a88a39e08c843b8824d549f","first_seen":"2025-08-26T17:30:33.367064Z","last_seen":"2026-06-05T23:43:56.903947Z","times_seen":16,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-input-CrT96B3I.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-input-CrT96B3I.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6dd\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4yC0WWEFW9LiWy%2FVxaBHJTgXSYyl5T19zjuLh4HtUFKPmrn8SCOogoOEvPJwb%2FybSHC15GQ4pJ%2Bi1NW%2Faqo0GwALFDXzWF0iew%3D%3D\"}]}\r\ncf-ray: 9ba45cd37ded56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1756)","md5":"0b886cf1a1bdf47ff7dc92d7d99331a2","sha1":"8aa130ace09d333c7817ed114f2161247c6e9681","sha256":"11e33fcbf5534a186ed16416f1b65b27bfcd069cd373f2541e3a100acce43809","sha512":"020bd3e989b492df1bbf6b8eb66f6dc870f32853b481ecf40aea027369efadcd1d5b85d4752e5ed69f32f228e15fd6d77229301681437564d56e755a8b3c6f18","ssdeep":"","tlshash":"323111327d491855392be60efbc0be9d456462a2d393008df6d05b3a0847982fc6dcdc","first_seen":"2025-08-26T17:30:33.401018Z","last_seen":"2026-06-05T23:43:56.920964Z","times_seen":22,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-876\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bl1acWryJ6BRpoWMWWlaliH287zogLGV2egMkBKyVJ8efk3WdKeTAOMrjFB3l75MXOB7t0RRGm91dEJ5eNV3eOfS%2FXRRoWhfBA%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ce8d56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/medal.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/medal.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-f92\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Br624VEcxOU2QW9AtWtotDJCMUTyeDcREQLXfXX2MHGOBzgds0shF926bRAljo79Bb4229KDJ0fpxrKu5adYk1tS5tlZe0fHrA%3D%3D\"}]}\r\ncf-ray: 9ba45cdc1ed756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3986,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 104 x 104, 8-bit/color RGBA, non-interlaced","md5":"fa001c1299a945ee1d3de0650c3341fb","sha1":"be83462007c10263c255b9b2e35d73d0e1ae3c7d","sha256":"56856e5041077dd63e48a42e29e7cb063fe25960cb324bce740ccd329c2e21a4","sha512":"fa822003aa8a5199c3ae2f0c3913dda1f534bf43496f40fea804d311973340741088223a645f0891a857a82355f30a32ea02bc0c14c815e2b8def8f0a9a6ccce","ssdeep":"","tlshash":"a7816b5db85781ed49bd673f0480e9dd9bfb07c9810ac11e0827832aa01e735b883c67","first_seen":"2025-08-26T17:30:33.441802Z","last_seen":"2026-06-05T23:43:56.918812Z","times_seen":18,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:12.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:12 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MAGBh8WOq9jLIdMaHqRzUECnklH18iusbftKpU7gM2yMkljJX1rmJnniO1GtoF1s%2F61R53p2SZSnL0C9ngBRElMbaMjmnyYOqGzrWUrn\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d0cdfb256a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37f7\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FxDf66SWDveNk1%2Fie6tx18kY4CjrtCWIVuoMeZimWkOkpcmydM8LaXsuLDttM8EqlKcuLqZZYDtrcsnfRTdM8EVXA6QhvHCU2A%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3bd9\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TQi3NFUI49%2FXBn8W8A923JCbwgDrFzr4tIQE93t0FiMo%2Fx8csIALLeLNzakIR8pbCPwspU6uEdYZBL9TgjP3DcTVwG9MCgVcQg%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c5d\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LlqPpIqIrEi3qMhUGhO1PG64%2BqDvKowXf1%2Bs1yRUfgSlICSOBgl6w4BR4EcSIE6ldGQZYp41uoX06%2BB5LGZEP6TbCCk%2BIcl0UQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd78e7356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-105b\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uMnTwcgTPHzJ7XkvbP14qVbX%2BSOuSoIE3TVziwK%2FimYEqtxmTcs3yx91w8cvek6yoipmut%2FJrRnpUuisBeywuTBdi62bLxGiYw%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1285\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S81PIYsd0c58DKPKzHHzegoQlqajTph7v6tP%2BPnkkV1ww8vA4i9PpEzAP6Ti2CTmPappW1uRZBAqOmZWCz4CMD6%2BMUn%2F%2FgEE7w%3D%3D\"}]}\r\ncf-ray: 9ba45cd79e7656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-money.Df21XDR-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-bc9\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=POyluwWWF%2FEJagWtaqMMj%2B3HcmDHcexVWrTsW8CeqKQ39XqG9j88NOw5XQXPy4MI40HSiVrRye2JAXOmV9VgHmaEr%2BHj3gpsMg%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7f56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/message.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/message.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-8da\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y183V5xChJvluM70bAHE7HCceIyJIkZusc7iY1ZAFnfgoYhcg6WBiLSBr%2B7SKLMA7s5ou41SpU03KtOY%2BRohZZw6wiMOZuIaoQ%3D%3D\"}]}\r\ncf-ray: 9ba45cdd1eef56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 82 x 94, 8-bit/color RGBA, non-interlaced","md5":"37012d79841b66014ba8cad9da7adf9e","sha1":"8036e4412ed7b3382f54b263b3ed31f4e73baa72","sha256":"a48ece7c63208f04720d485810e58d939080a65ef1d50323d269778e592074f4","sha512":"6eaad6c89f200a827070455898199d848d5cb59bfb0af6ed3047bfa01f8191fbf7d9260f8229a467e2dd20781b1bd083d75efc4998fb966b5993f28fac1e78b7","ssdeep":"","tlshash":"05414b23fab89c4b490fbee7d493e619d3a8db29041730aec21b0e45d8702c784fe250","first_seen":"2025-08-26T17:30:33.416951Z","last_seen":"2026-06-05T23:43:56.940978Z","times_seen":16,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.221.80.91","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:06.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:07:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Wed, 07 Jan 2026 15:37:06 GMT\r\ncache-control: max-age=1800\r\nset-cookie: __uni__uid=rBEQVWledpqsu39PAxlvAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-06T12:58:51.789541Z","times_seen":16180,"resource_available":false,"data":null}},"time_used":1421,"timings":{"blocked":578,"dns":1,"connect":265,"send":0,"wait":265,"receive":0,"ssl":308},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-520\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g9kR3Jg05kpsdSHb0t6UfGj6V0gGvmvSXsV%2B%2FjKkn8hGiyUB5KVP1WiWBBajffZUVWQVk85Xl7GmtxqUV5ZwYzMPNfREw0wtow%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index.DuhDaPHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-65e\"\r\nexpires: Thu, 08 Jan 2026 03:07:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eJhJUUrFN4oZpHyVMkkI6kuXuHvNxany3vi%2Fn1hzmnWKIzjE97kFcAvmLXZUE6DGgvYV29blNayThNWBK7YWV%2Bp85EZdOxWzag%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1539)","md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:10.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:10 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KdMUzWbnEaP2V6ISjpKKG7%2FhzdS%2BoFEr0UXWkR8SbiHq1Q5b1YTKJcs0gGJMofHpGBGPwRpDaCXhQNiXE3Gj5%2FGzS03nCBrimxRlGmi6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d005f2b56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:20.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:20 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LLcFiKmlUzRCaLY%2FVDBgAl0I%2BSNOSmo2UCgnsY0KnpPbIafqcOIZiIJmP4uefY%2Fco3o2gJDcrw%2B4klWMWtrVyQxgSvuNmXrXyOcQ9Q4Z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d3f1aa356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":172,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-confirm-CVVpLVF0.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-confirm-CVVpLVF0.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-cd5\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PITWaZfN6Qa7ASvP%2BENVXp3IUHcDYJ0c6a2L%2BX5xz6KKKtNXfXVRRWdyc%2FdVcPUhEh3O4CAJVoLfgqaMWfIr2dpUOkxuI1AIRQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd35de456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3285,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3284)","md5":"4218a36f7a6fccc299ffb3577bca67ae","sha1":"dd996d34c9100398526782d5af26887184ae3c38","sha256":"ae5f566f4f2fbfb0d3ce7aa0a5941a934f9483719e107b1c184cb1ed77d63601","sha512":"4c1ec008efdc5e5ee2e280c8890bd89a315dac3fe55fd4ca2c9659314c789bf9b382c59f7a6795ee423078d5a6f0fa82aa14971493303526fc584762f18febc8","ssdeep":"","tlshash":"27618f20ae692c848277c661aec05e49d379eb877af6094f7a4c4c134e8711e15fefe4","first_seen":"2025-08-26T17:30:33.418855Z","last_seen":"2026-06-05T23:43:56.912692Z","times_seen":21,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-checkbox-7UAD-_pA.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-checkbox-7UAD-_pA.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-342\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LsskV7I4WsRbfdAxNrUit9Yw40hzfpzTTvBHcGK6CHOzeKAj%2FLQgI37oeFVxcjTSiWbdyX2tbZ0l4T5dsI8%2BvFNRzly8vtZooA%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (833)","md5":"1d133a333267da931a20d39afae27197","sha1":"9c1ef3abf336ec77b39598b7bca0158d9c1371d7","sha256":"3f115aead4f822dc2e19473faedf8f874eeeab803c7a8b278af6e5a394547196","sha512":"998e29f964a04a62bbefd183c08b6bdc2fcbe0ae92b362679ca01e5f70fa510ba732f25fa5bf8561dcbbb86dca3e1099b5dacb817b2e5f7a3eae44f43da2c4e6","ssdeep":"","tlshash":"fc01cc33fa882518a233c7013391decd563a8381d766061ab39069144ccf78e2ea7649","first_seen":"2025-08-26T17:30:33.400114Z","last_seen":"2026-06-05T23:43:56.921574Z","times_seen":22,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1a52a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DJhWm1Pq5ThKlZONcPQUSdVwqwyr7ITl7cnnFVfg342gMFTfVsuYf7K6fnczb32a0AsbN51JkzfYGVMOxPEIL%2Bs%2FK37ZU3oxXA%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0d56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107818,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (64022), with no line terminators","md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"resource_available":true,"data":null}},"time_used":692,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":690,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b36\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SLZCfs5qL75KRz9iAlyZOCySL3RIABX%2BWzoz1QgzTB6VlpaGvSHMLdZBCaVzYA2EHPcUJ71eh1EO0OHIEEdi14MUZqHLhGr7yQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0e56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-520\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tvGdmZq6fiSofpGRHAamiVTtX4VWM7oi4l0c4hd592h3MANoL9SqZEIM0BpKr5gWgGpm8Ji%2BIQJBiE%2FT3YE8xszgcfDfHqsjHQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-129a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2VHG6RnqKg7t3iGTfyivU0yAdkARuOp63rC5WPW4rH2eSFAn2pWVfN4Y5x25i%2F1Hp1DlcLHokM5W5RUykozkh1bjIQsU8emUng%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ce8c56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d69\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L2Ct%2FtHwZigpWcLI9cVhc0d0TPf%2B9m1WUbf7u6xxpkqRJR0yXuzy6Gsylpwum2Di1Fx72mpXGEw%2FtBbTjWTwYrv0jnYnoWSqWw%3D%3D\"}]}\r\ncf-ray: 9ba45cd78e7156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1a52a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=poO0OryN%2FUisJ2gqo%2B7%2FpK6b9faySlhblHuYqNMAKAALL9EaM5JdG%2BTm%2F2Ee8qRP5lZKv%2BZbYJdcnV2pwzKAUDlH9%2BcC8l92fg%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107818,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (64022), with no line terminators","md5":"18f4fbb02ec5b91843f179fbc6437a43","sha1":"67e362477dd1e0f8b0ce5e1de081fccb9e4eda12","sha256":"a66f1d8d7bdcdd96218bee3eef7d17bb51bf2540bb09234cf11c3020f7db30f9","sha512":"9677be31033dcb27042e49bf047c212fff12582198aa59a470f1174da31fa0c741be7155245a2d96840fb62f518eb82608b38e12d5b4970d58605f564d29c16d","ssdeep":"1536:HdkyOg+SJ3TQCIO6a103WSWo6BebaKfSzECftpD1i:HePoTQbO6+SW2LCftpRi","tlshash":"6eb32b923204e42a53caac69f81e330191456c4fa94e55acff69bcffd64cb1832d9778","first_seen":"2026-01-04T07:38:56.316175Z","last_seen":"2026-03-08T15:12:25.54293Z","times_seen":11,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1640\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n0rv1AEu3AWuCBKcwec57xc9JQL0%2Fieu4PPIiA3R9nv%2Fy59vQ1Td9mYaOBoq6I23nBgyUxMeSdRQTEIFmFjYHaaTRsEMRb34Lg%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-4aa\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xvAjHmIRZvq5sXrB6TvtFmAX%2F6YxPpQOTs2GDIkDDVMHoajMnS3wvDUuSIymKBIvfvs2mCLlEkbXvDymIh1521RQ2OiviHl0vQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ce8f56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index-C2R1XfRB.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:02.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/index-C2R1XfRB.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:02 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-79c7\"\r\nexpires: Thu, 08 Jan 2026 03:07:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JaoMyabXF2loZmE6CW0m%2B72%2FLt%2F66t1UeMUzQ3UjFUQmpfeBRCx7Jyk89%2B8xL8%2F7uYcbUW%2F2cfmpSYUidynAySfL9NMNQKTo3g%3D%3D\"}]}\r\ncf-ray: 9ba45ccb2d4856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31175,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (30950)","md5":"92b434074c6cf3e47cb9a2658db8ff08","sha1":"ea753d3fe316f85264e01edf521521958668a9b5","sha256":"4014fcaa52dda1b273304725500679ec91f70da9bd54c6fedc9c63a6fdfd382e","sha512":"b59cb7e09b90d2f7d5941e1d87bdcb210f324a997cf94887c8f9ddf59b02a712d80b6f0927d4475b7044f11c7ea01677a0345031273a8d82697305b2792af083","ssdeep":"384:qeDzFzaU5couyYDdnsf0VSxa15tVjaXeCcrUUf2GWthmohI:dDpOHFVdS+SE7wfcrzf2RDI","tlshash":"ace2c5bf598d14c873baca43e75077ec2d25f52ac362489ef067294ccdc72a31a5266c","first_seen":"2025-08-26T17:30:33.412092Z","last_seen":"2026-06-05T23:43:56.951239Z","times_seen":23,"resource_available":false,"data":null}},"time_used":706,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":706,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:02.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 381\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdt932.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 07 Jan 2026 15:07:02 GMT\r\neo-log-uuid: 10656891599619541890\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/CurrencyList-DB3FY5Nt.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/CurrencyList-DB3FY5Nt.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-d28\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=17F1XaHJRj528VuwItIHba3mfuc6isVgs1ZUTDjjHmtZnDhe4PLkh40nt%2Brf7NiBGkO7EA0WCFqutTCMjTweq0FW529VFP8qPw%3D%3D\"}]}\r\ncf-ray: 9ba45cd37dea56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3368,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3367)","md5":"ab4d4be3845fee6ddae159b928238d55","sha1":"aecb5477019c06f5ccade269a9809ad5d72e1382","sha256":"066336f842b881e4d5caef0d4e7e4b32d5d9b11b73c9ed167156a79528051eaa","sha512":"1f367e2773a96df74a43d53040eebf39882b832b85690b00f984e682d73829c9b9fc1fd832fdace7762518b4e4e2fd6b545213ec9ac1564cab17b1ddf12ae107","ssdeep":"","tlshash":"dc613e6d764c322e457ff6096dd55bcf1230e31ac36215cda9833b34ad8ba432e224d8","first_seen":"2025-12-31T19:20:06.986084Z","last_seen":"2026-06-05T23:43:56.966556Z","times_seen":16,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-money-DEKo3EMj.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-money-DEKo3EMj.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1fb\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AHDZlfO8h5xo0W9grgsZCHrMXhbA6tI%2F3QrVwtL3uicLnGkEDNHU1RgmP%2B1Uv1f2sfuPndjpyVmTds%2FR1L5A5JWV%2F%2For7ZicBQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd38df156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (506)","md5":"1ec6a4f0444037a6b44b2a56d62f8120","sha1":"affa6da1860222fe4c4dbc1835b3311775cdafdf","sha256":"c054f4bb46d90822b76fad8d952402cae3ac9c39abb03bef2091f6b0a76570bb","sha512":"2ac2092c0bb97e180253f6e958287c951ea46f464a60071737ac5fa634824d6182478ed13d74ed52686ea05b4569e71e76f3c5af7cb97224c1d9fa50849401f8","ssdeep":"","tlshash":"f6f09ee07bb41f00db3f6d18296727a2d6323e836de143b48351a3a44e5b179150e988","first_seen":"2025-08-26T17:30:33.438038Z","last_seen":"2026-06-05T23:43:56.940303Z","times_seen":22,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index.DuhDaPHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:03 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-65e\"\r\nexpires: Thu, 08 Jan 2026 03:07:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7JhIEL%2FZ1Kj0s0HpFxEeN4ZAF3omCiIqJTBNcQPBEbDE9zf7cgPQwwDYN%2BI6LBhK4QqvbSxgzk3qoqz%2B%2BOwZ7NhsGZE5ZPgI4g%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1630,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1539)","md5":"b60ce4da07198c83abaf49a40042834e","sha1":"5826e146f9713686284e296fa0caf2dfe8204ace","sha256":"70a0c148ae412405b6a7347768dab9d016419719226b1c0610d791cde5878a4f","sha512":"0bf1df4dbb623b274c31310fcf3bebe9ff06781ef8f7e3fe7f56fa7d1633655b609e05b48c3f38556a4859b5cd7bb2636d96662daedb8eb210df043d9c43b2ac","ssdeep":"","tlshash":"b331c4cd39c5743183d62a4663f35d81b67c9c1d590f4a8cf17854162c20d6dd27be18","first_seen":"2026-01-04T07:38:56.364002Z","last_seen":"2026-03-08T15:12:25.518082Z","times_seen":11,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-69be\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eag2EY1FjGEr91TVZ%2Fvd88BMpAnJhSatRAjf6DZL05Rfs1qRjBm7BZoVWj15HfSzkP7PQVq8F3SDO6AsbVmzlKyt4PRCXh2Uwg%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27070,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27039)","md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"resource_available":true,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-89f\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GEp%2FsWO6RG%2B5OUY4VyaektVEH%2B0iN6NNldEk6kt8YgpQ6YPXaUhBFJFf9NHT%2BLOd9crp9wIG9AKfYvqltTmcf4i3G6sEJg6%2BAw%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7e56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/investment.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/investment.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-739\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bB%2FMjrKC5r9Ygn8Fppci1BVD5zr7R1APMRjHxK7QBri%2FTFe9TMeuXF1sHb99NQhObVlGWSTm5lBJ3pM3xwaWN23QGlNb%2BEAm4Q%3D%3D\"}]}\r\ncf-ray: 9ba45cdc0ed556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"9490e4bc3ebc85b5e2dc4708e2f56808","sha1":"9abebe68c6df85bdaed853aaa347cde80763330c","sha256":"e2302dd0233206ccdca07f8bafd9afbba39037d12f19d9f18c88bc50c331ba46","sha512":"b8b5742ffdab2e82f571854147a613b5ceab68ce68dd5f753af23095e70ef1abec6ac642942c79d18edfddd2bf2d4d95e0539c4c2e8414e608c924f858c53443","ssdeep":"","tlshash":"7a31f979cd34a184d8f581b7dadb7dd488a84a832a4ab696c18957bd6ef000430f23cc","first_seen":"2025-08-26T17:30:33.417883Z","last_seen":"2026-06-05T23:43:56.960559Z","times_seen":18,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userIndex-yvkidZCu.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/userIndex-yvkidZCu.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1ce0\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rjKrNZ4FoLIES8%2Fh3VB%2BLHnIfw00uPGn5aC3dDZ1BIglSByRpVP0Grp9pWpMWE87XazoyGDocNTteohKU3F5SgWMSo1BgtR1Mg%3D%3D\"}]}\r\ncf-ray: 9ba45cd38df056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7391)","md5":"be34723763a118d67d255cd364b2f45e","sha1":"9fd33f03dc8dc12add2f57b33b979ffaf4712ab0","sha256":"f9cd2efd4a2892c48cbb0d5ca111aaf3a7cfd568df9062e2aae6dfa74739fe66","sha512":"4f5420319587696d050708df9ef45d7d26a3c7659ea46307d603ff69eef6c7d3f9da0d7fec769020ba7cb35cc217bfe02ca5c089ca676cbb33f420dbd2ee1ffa","ssdeep":"96:I3+puM7NbHnDu09iTZUQXaQEInlQAr+RWoKb:IUBHTWTt","tlshash":"f3e1d834778d3a04aa3bce6884f0774ea110e38be9479a8c648375768cd70d33a795f8","first_seen":"2025-12-31T19:20:07.101137Z","last_seen":"2026-06-05T23:43:56.89998Z","times_seen":17,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/language/en.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/language/en.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3540\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8g0LJOUCF1f20iUkODr6lPC0QncvJaYeJPDnXY1aUV0gHOKRg5Vj33buPw%2BEbg09Gf8utH0qAkaVx9OzPB%2BNz074L3ycbwYsYw%3D%3D\"}]}\r\ncf-ray: 9ba45cdd1eee56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13632,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced","md5":"006b7e7d7fde776f342748895f1ed3a4","sha1":"fd0c89c849c4c7a2ecd7ba60f77eaa1ed4386af6","sha256":"c669e7dc48949e9cd63b4d1e70edb8c1798231dd2479056c216a3db7231e9d32","sha512":"60bd0897054b66bcbfaa3fbddf19145c1f63bd868ffed331a40e37b169f1957a5138c6ec84d993eeb3c6fb5eaff30411578281c32341ded04fbf28a4383d1f69","ssdeep":"384:N6oGLPs9AQOZvDRfdpARWKyzlykMASiium50oXx5w5fFmVD:BGMOJZZKyzlaASZumWos5M","tlshash":"8c52d0dd6f184a63fbce03e7a959d98a303de3de19413efac4804618151c3966be3346","first_seen":"2025-08-26T17:30:33.397237Z","last_seen":"2026-06-05T23:43:56.93477Z","times_seen":16,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-fab-D2Ib7dhh.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-fab-D2Ib7dhh.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-c0f\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5M6%2BFmlPcLPv3%2FRd%2F0sohL0nS2i6l6bvhB5nqxovUgWDVlZNQJYMlVoc5Tmm7vgqdMZsJiCl9PMgrAPpBmTclvppsNic58g6qA%3D%3D\"}]}\r\ncf-ray: 9ba45cd34de256c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3087,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (3084)","md5":"1c85c6659c80c6d97d956a08a1be24f6","sha1":"6eb58b78742743606df302b9d1252b6b05970205","sha256":"62e879df98a95ea3c4c4afc1721abb54717a04f954886b352e4db25fd11c3226","sha512":"08e2714d05a5b244f3e9a2bfbd5d739bc0d2d47c9e28c65fec46657dd016ce985197c8bae38d16c5c3d8f1f96f6e1bc71999ccb420ad9a0903e4239438bbd548","ssdeep":"","tlshash":"4d51b83e29192572383fca87c590a9a44c15fd53d6a304cef01f0b1d4d9798b6598f7d","first_seen":"2025-08-26T17:30:33.369834Z","last_seen":"2026-06-05T23:43:56.931948Z","times_seen":21,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup-bottom-BiGtqM4n.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup-bottom-BiGtqM4n.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-276\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fjN6luV53JqN9m44gFcM%2FnmrZJIPHd3P6AaZBxC2hl%2BMlDQ8vQdbpNLmovC54UBeD17tV4yWTe%2BbDxbgFUM1ox3ziVazn1vEkQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd37dee56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629)","md5":"795a7b7857567358cc4f8e630fd824dd","sha1":"687095a0389bcc5580d15fb0ec22ceb131705f84","sha256":"81d2b6e508e695666536446d38bcee719890675c8f4483a5ecfea69dd117b84b","sha512":"4369ca94ce84ebe80b2e9affe1519e7e1de2f166f24f4bc6803a666eec3af351341f0293e777fa0593fbe95a27021e28e38ab0214c92ed2ebfc13711f81730af","ssdeep":"","tlshash":"25f0282879823050687fc75af990ee44423da689fef609de22d516854f0bdca78065d8","first_seen":"2025-08-26T17:30:33.378514Z","last_seen":"2026-06-05T23:43:56.890756Z","times_seen":22,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-586e\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KO0W8Gx5Gx1rMK8VnVKVJHDn%2F8LhFNiWLWKuQMZYxu3KSDn5lh7FOWDbxC6Iz2gj0QmRX%2FqYtY9kROfPx8MvnQjJZytGmNjrRQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd79e7456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:16.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:17 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPR%2FXYp8%2BmtZojqAv%2FgiXgLlEBMELmZONC7mf%2FqD4t3n223M%2B0Mlp5m%2B0RL7giX4Q%2FdZtgxLShVVcwlnWd7PeoW5IZvkb5I4%2BbhirV5M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d26f90356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d91612e9c5d4cf10dd1721833c4847a1","sha1":"d043c5e57be6ccbe99e6e4bf5a5e71ef4875ed5e","sha256":"bc0db02811b27a609baaa75800e6bc94485c75009c1a30e29bb28cfa029dbca2","sha512":"89d96f472a11a11de4e96154d49b5ad89a223715751e657aeb365e603e6c8ced64dfcef069dc7c8286205b0f245ee86121665b0ef0802100d66894dc6b61b0aa","ssdeep":"96:3VRl5Av/5pIrQLaVI2DJwqIqIWvXxIR+aVIM9/I532sjI+j7IukFI47RIxbwIE8R:lRfA35ZLGJHXhap9G32sH5k/Il2m","tlshash":"a8b1b15227cc7c35aa733587928b78da85c9f147bdcd7fb54b8edbbd0865a19300a800","first_seen":"2026-01-07T15:07:37.699348Z","last_seen":"2026-01-07T15:07:37.699348Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/mine.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/mine.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-510\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hK%2Fp1W%2B0Z3eSGHqW%2FHqw3%2F%2ByZzk8hPlV35bEO%2BRWSYfre2hnaSTssiSnvEsLlZrSGRPZhdwYCmzL1VZXs4xmaZojtEUMGrVaEg%3D%3D\"}]}\r\ncf-ray: 9ba45cdc1ed856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1296,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"dace18712982fa15d863e5f23e80d72f","sha1":"f2f3980d479b44fa5bf3301a27a5c2620a1e7129","sha256":"dc574a5baae2bd1a496a09ba25877a936abeaef569db6612f772f507c7dd025e","sha512":"32b25f6e54e4b478ed228af3af83be9eb7c9ee436ceffc9a72f9143c0b8b4af0b693660554faf0ffc4b0707b52b13fc41c5d604885450241d30530822c381abe","ssdeep":"","tlshash":"2e21c8c7f65574f2535c4c2f336909429d2313de9b2954738cd166a4ac487285985b47","first_seen":"2025-08-26T17:30:33.374175Z","last_seen":"2026-06-05T23:43:56.915691Z","times_seen":18,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni.734051d8.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:02.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni.734051d8.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:02 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-8019\"\r\nexpires: Thu, 08 Jan 2026 03:07:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=emnE4b5OuSOqql06T4r4xYsiRTPiUk%2BfJt6EgYbfq7LJ%2FllSHxVmlZP5%2FasmTL4vw97NEvDdV3e11EwDrVdobfxIQ7chYe0LMg%3D%3D\"}]}\r\ncf-ray: 9ba45ccb1d4656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (32792)","md5":"dd5eb10f1e082900e8fc9f5294a20ea7","sha1":"0cb5185449f798d94746d77f3d50592cef306b81","sha256":"734051d81039fde90b77b4172ad966afe58f19ccca555fd849fd990d5cf327b1","sha512":"a7bc4f19c6eff7dedcae0d639d4f3ed9aa54fb0abbd517c4503b1b75693ceeddc1cb8e9c9813e373b81f4e0e4c7b735c4d8ce02cd16f296a1140519488bcda4c","ssdeep":"768:UoL4zei+XH7eryHDAtrEW1xBiM5TiDMBNXpriBdG54mZr9YnDcwpH:UoL4qxHHaISCmZrirt","tlshash":"dee2d6325e012939f8b7ca2668d1db8f2331c173d5531b6deb7975288b8e8c9167b384","first_seen":"2024-12-20T22:15:00.546241Z","last_seen":"2026-06-05T23:43:56.945127Z","times_seen":25,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-img-AdHTCu8Z.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-img-AdHTCu8Z.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-13f\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oVQv2q8VzjqCp6eMggSgyU5hXI9yfz97BlW4P%2Bbn%2FZ2fx78UJS7tDTI6jw4HmBiU0EpdV53ud%2BRSScY%2FCAzgFGBI3dLgZGpScg%3D%3D\"}]}\r\ncf-ray: 9ba45cd34de156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (318)","md5":"caad3ce25d72effb824a029ed4548224","sha1":"464bc035b1972a6b3c45a92cdb00b6627146d6df","sha256":"a68414fe0955a195cccc7130dfbaa6de5308a690fd5a9ae0cd02b57eb135be85","sha512":"ea3eddb3c854ecc7ad8270ac5b60f0ab72f275818311a0102cf88c3edd900aec87ad714bc5158732ec3665ce7355335c0c05ff458203f736a3b2016ee3b7b008","ssdeep":"","tlshash":"c3e026ba2368788008ebf10039f4ea484138a9b3eba3049fc5801390ca0f6017609aa9","first_seen":"2025-04-22T02:10:48.304952Z","last_seen":"2026-06-05T23:43:56.957428Z","times_seen":23,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-stat-DueXHMM-.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-stat-DueXHMM-.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-385\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yevFvgo3YGa%2BgvZNd46JhVsaU1%2FD8%2BGkq9uFsekxZuLmEh16%2F2zGsucsjZjGu2xJbm%2FiAlUUU5%2F%2B4OnzaGsR%2F0eHyME0ED3wKw%3D%3D\"}]}\r\ncf-ray: 9ba45cd38df256c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":901,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (900)","md5":"64b30841961e87a65747d84305f9aaad","sha1":"51d82963ba5f45331d3b5f72c4179286e5e7a547","sha256":"530e0ce2b3c9c76d652a1900d5aa26c3f33ce153582006f8fabccdc61da9f7d7","sha512":"a7a32cb7493e2a50b887a5d266318c22cc42db510d9c7f2e2fb66ecb976ec0582fbaced07fac83d1a86abeeebe8a92902a4a14586e48cd48d516331600a7c8c2","ssdeep":"","tlshash":"8611593a36c4fe54fab7d96029613b8f0110e6748963518d86a3e5bec5f71021e983ed","first_seen":"2025-08-26T17:30:33.403051Z","last_seen":"2026-06-05T23:43:56.964335Z","times_seen":21,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-75f0\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IMch9QtqkhPOCHzcNHAdouMgR28KOLibOSRWrsfJ4zX4P1mcMvb6xSQF1V7mpshXtreTsFyaTxK0nk6wiui08cqfX0NhbHsW0A%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:12.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:13 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I1Ys7dyIxsRHfpy0Ckc%2BrFoplHJpbOPLYklPBxxFaVDbe2u%2Be765HQxjVYT8DsUYCC6tyFLvduzoyRUbqTjFiHWViotnNScPoqv6s6TX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d0defda56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5503,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3bb24b8f300d45e41772c5f89c424464","sha1":"1eaf902d3ade5c7ecbe11c01766e3b5ad5dacdf8","sha256":"b6475b42028285ce5e97450f457d8ea7865e206b745e0bf9efb5a263d2c7bfa5","sha512":"1c6751185e0699a922834befaac3405e9ce7b1e9eb3c4183b94d849bd26d6c81fbc59750d5f26ae7a103adc8cf424185e19479bee509e0de66f12dcff980f9e3","ssdeep":"96:3VRl5q/kpIrQLaVI2DJwqIqIWvIxIR+a8IM9hI5ZjI+jKIu9PFI47CIxDIE8YFm:lRfGkZLGJHIhai9AZHW9P/xk2m","tlshash":"86b1b05227cc7c35aa733587928b78da85c9b147bdcd7fb54b8edfbd0865a19300a800","first_seen":"2026-01-07T15:07:37.710536Z","last_seen":"2026-01-07T15:07:37.710536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b36\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pev7Wpx0wdxdwaWpCQdkBmD249H6AFDYDnGlQ5t%2FvDcpoq2b7fzCoZTuKRQ%2B9i8Cx21xQxKttyeTc0pRcnD13HRJVZl1C3uPyg%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/z-paging-Dz0lgrdA.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/z-paging-Dz0lgrdA.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-16b3\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nE2F%2Brj9XdqTXVu57jswyMy4sGIWpyF3GqJC1GFf5%2BhR%2FZBj1TK2RyGb0mNMlvi1kCpSC1Fn5jAdCYCJY%2FI7ueFz2Y1gVamdDg%3D%3D\"}]}\r\ncf-ray: 9ba45cd35de556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5810)","md5":"174f196dbdd575437914dabeae885229","sha1":"a1dce8d47bfaf62e197c543e9aedb3664f3f6bca","sha256":"a95bc9745d619306f65889023d4289d026702e73d0bf9bc45e5af4c8e56f508d","sha512":"b045262974cd61251dcd03d860374946efc593315765061de3be9176ea5fc74a88de76e45dd8976f1ee4c957568824eb1a0f0867ca38cfd21bbb47c3bb58969c","ssdeep":"48:kRpuakdxeHDeCa3z4NhamadBaJlLaJ5GaMoSa+J8vasCayagKarUEqFN3YA6J1jS:cYxeHCaJpxIFHHoYs2Fk3keCk4","tlshash":"3ac1232d716db0395577db6e60f49a6c5060e22bd72bea8c6343231bcdc76e539242cc","first_seen":"2025-08-26T17:30:33.429333Z","last_seen":"2026-06-05T23:43:56.939575Z","times_seen":22,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/InputPayPwdModal-CwjLcKcJ.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/InputPayPwdModal-CwjLcKcJ.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-10e\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SNyE%2BEwAwydOVTlW6bPGY8cKPTEi0pfN%2FcycltYf9tVuqIFuCnArgqV6xx7wq5N44K7iclj7%2BoXQTeaqBa%2FxNdeIwZJGpVEqBg%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ef857145a2387fa7f0b696d9c04e7309","sha1":"e720751d4d447040d3d1c52ccad4e080be11828a","sha256":"9c5c2bca02b37dc58e30ab5662894d521eb4d8f1c6b509e9b7a0f7a26cb9e67a","sha512":"481f8aafaaed51b3a6c35f90eec289047c3b99c94ecc569f7d430243581db234fb8654f63922025ccbba7b6b50928a94082ccda6553169a76f50556f8233d148","ssdeep":"","tlshash":"56d0c22fb8cd8050dd7fce222498edd98833336b6788148e2cb619a2c9533062221888","first_seen":"2025-08-26T17:30:33.409471Z","last_seen":"2026-06-05T23:43:56.965058Z","times_seen":22,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9e2\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j%2FpgU2psqWMWy4GD2tv0JXpxXDIfYgFpmHbpSRwhK3yz7achhVJSBq500AAkt47PPA5ZA1O5ymRh%2BnAnairpfYy2HaEoriG7DA%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1e56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/home","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/home HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ag1cu3CJEHs2tJ6PrcqaaKa7jOhvd0aV%2BUQQGo3nMXys92vx9j0KIluOAnMwNUQa%2FQldb%2FvYAUqMmkBkkId2IaBlEpSUQe0U0ukkPrj7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cdcec5c56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":487,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":485,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:21.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:21 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ln1P687GBkovwoHHFqWozNRFIvrA1CeuTnWZ5Yj343CGr8IvMEav03zMrj8dnOKikJod7QpEhGl4jJaSirawrNmRasfWzJG6q4Rj7gm2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d404abc56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5502,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f60de55bd5208437681ab1170f377e1c","sha1":"e64566810bf9bec58ea88703b9f6b89fcf046e4a","sha256":"737dc3ed88849958083242dd40e2b88ffd5e73b1375b6bf4b5988895991baac4","sha512":"87dfaad4c6a628b8a4aaf598c4dd883405126acf8ef4a97658a97c1efcd6a8cd91c9ae1e01ead95768d60884cb274e30b327bdf69f9cd5442d4a93491117d3ef","ssdeep":"96:3V1l5Ov/yIrQLaVI2DJwqIqIWvTxIR+aVIM98I5AIjI+jjIumFI47RIx7IE8Yjm:l1fO30LGJHThap9TnHBm/IMWm","tlshash":"68b1a25227cc7c35aa733587928b78da85c9b14bbdcd7fb54bcedbbd0865a19300a804","first_seen":"2026-01-07T15:07:37.714991Z","last_seen":"2026-01-07T15:07:37.714991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/qa.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/qa.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6de\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NqTAcgmR1JCMLI00kbsou80rvb69kqM%2BSDb8HfICodyScHuCASbrCj427KN4dwa53oHJ9%2FDjuU%2BL3vtXHZDVOlFg5dVsHejshg%3D%3D\"}]}\r\ncf-ray: 9ba45cdd2ef156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced","md5":"4a7c2a4168178e7cee64ec6c3f50fc2f","sha1":"dd475369b3668262539099d6c50ca028c848d0a2","sha256":"2cec8d95ad061d4d1766de686f5aa726087094befa91b90391275dec59d7bf09","sha512":"cc73b8c639c9278e99cbadd03e0c02a2d358d4c6e3e32caec7ef46c75dc2e1bf49bc89d261128be8b10cfd60d1435c3b0006b9f8061b1bf1ba5929b87e01eb85","ssdeep":"","tlshash":"cd310b810b70289dec1f4d3fa01d87648da58f9c35167d280486d04bf59cf8d77a4a60","first_seen":"2025-08-26T17:30:33.426988Z","last_seen":"2026-06-05T23:43:56.926243Z","times_seen":16,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup-D2Okk1oU.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup-D2Okk1oU.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-10a3\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B0cYApMQOsGfmRNLEXWv1M2j3%2BfIo%2FJXeut9XvVv%2BUzjrMH7bT1F8HVBd37cvTxoCCKRuj%2FKhJyxsDwOM%2BswrXSZGL6iyeJ4sg%3D%3D\"}]}\r\ncf-ray: 9ba45cd36de756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4258)","md5":"06fcd30ff5c377c4a2f9f9f3ebfe3adb","sha1":"de7ecd01b1875701a718f6a23b13b42098eedcbe","sha256":"0afd9914f132bf3d55d12ad6b79db6a7759c03ca76fc0cf5721e027ac1b1f31d","sha512":"ddf5528973b5af2bd222c1c70f559eeb4e03950c583846b024d74695801159b855d3e250196077c0efa68283579470f0f8c62461d881caab4c2fb43f5751702c","ssdeep":"96:u/l9Nh+ecD+wB9u/BifBAoBESBOojkbHIDD2GA:iNMTD+wB9u/BifBAoBESBOojkbHIDD2p","tlshash":"c791c134abcd202cc0bfd37165d05e8a4276e79ebb660f2f61a50d134aa354d316afe4","first_seen":"2025-08-26T17:30:33.439943Z","last_seen":"2026-06-05T23:43:56.963607Z","times_seen":22,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-popup-Fqn9N-Zi.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni-popup-Fqn9N-Zi.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6ea\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bR%2FM9rMMMXonZluM11Spnzz7jmUkod2egqBneE1jK16Ep4nUrACa0WpfXaCx8ghUztuaXflwkaV6zGqy3mvxZBqLtDBhB6j%2B2A%3D%3D\"}]}\r\ncf-ray: 9ba45cd37de956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1769)","md5":"d082db8500b272c2e43675d8c52d8fdd","sha1":"b6a165928e6ca58ee847e1b9316b0954a0a7b126","sha256":"2567b7b7dff7c1b3092ef67294d1adf734c4a26d1e6ba21ba15fa4ab2404ea01","sha512":"ec6a79cd5137ebe2eb07f48e22b5c1bf70afabb63a1685e49aac0b7b73479b1e9994369488db30971644dffc33bae8310432891df182d4cba8c0d735d7f7f4e2","ssdeep":"","tlshash":"9f3170723c1d351984afc0e6689aef46432c72339553b6946678f4180cdf9e23e5b6bc","first_seen":"2025-08-26T17:30:33.414771Z","last_seen":"2026-06-05T23:43:56.904585Z","times_seen":22,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-49a8\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w%2BTVg2%2B5TIos5piVniHCr01GjtVqTQN4zQdxVzp%2FBEWKLcSWhj%2BssY7axXAdzoT5l7bWmgPzPwA%2Fcu4zptZ0bJpFawZ5O36Rpw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be1056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-money.Df21XDR-.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-bc9\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FvdnE55gUfZo1MuQXlbcWU9tmB7SDBlanTzK4ulkiFBXMuTR9RbbyAlzW1FbX9ml3n%2FAm0D6seyv%2BnjEFshHR4ml1P%2FBMj5YPg%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1a56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-stat._gfGVicY.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b39\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C%2BNm3yUreF39ZHoBGlTQuF%2FkiaVKD%2FI8MXzl09eOTgmFoMR1XkBeZSG8jMwflIxYNZPcG1%2FvQhqe1trhzsic3jJGnWMrLL3QFw%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7d56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-5b\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XREtdbcJC5KJnhEmQgBJCGvYuHgcOAZyKAuRgaJcGSfI6%2BvjCjkpWUzMSfn%2BR4Inx9%2FrCMW38QyRKC8%2BOF5ipsgOCrJe0%2FNPjA%3D%3D\"}]}\r\ncf-ray: 9ba45cd77e6f56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-20a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CNRThixYH8eRAp2DhprIyIouEY0tbnSiic%2BhPiVs3tJfZN1JVJIaP6k7zfq5nG4MSNr82Q6sopvvxL8SzJY0VzguyzoMGMkSnw%3D%3D\"}]}\r\ncf-ray: 9ba45cd7de9056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:08.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:08 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L7d%2Ft0CJeAd1GNWZPQo8IlubLYyD%2FLZ8%2BtASeCBD3R%2BXhtnrcFAESQuDuiE%2B2U7kmE81b%2Fxrc6ZJJez%2BL6i3X4JcUtYlQ7YxjVW4075v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cf3bd7d56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:08.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DB8FnaHFjaki6hN%2BueDi2XYiAlwDYQIkwiH5SBeDVFdTPfYCwtkDgNtVY99iEAbq9q7wwH6ozzCsbAmyQ9UihoKbBJuZq1x6MOhp3mIw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cf4cd8456a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5504,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f0f781f69591df4a5dfeb53dfabce0e7","sha1":"a5a5bad60cbf841f3dec1c88cc84f07ed4afc048","sha256":"92d53afff0b2ef77dc334b10ab19103dfda09b4a1d51bdcc4e9376760dadc8da","sha512":"c41ec20eb69424a3d3bfd6dc4386c7229b2e8c69d479a1f42675a67549fcb33e1e2be549d498592d1064291c77757c6f4bffd0407430906ac601f37840f76720","ssdeep":"96:3VNBl5q/4IrQLaVI2DJwqIqIWvmxIR+a8IM9qI51jI+jsIuBFI47CIxWIE8Y3m:lnfGOLGJHmhai9B1HUB/xnQm","tlshash":"80b1b05227ccbc35aa733587928b78da85c9f147bdcd7fb54b8edbbd0865a19300a800","first_seen":"2026-01-07T15:07:37.723147Z","last_seen":"2026-01-07T15:07:37.723147Z","times_seen":1,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-button-BpzWQUlV.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-button-BpzWQUlV.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-162d\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p4YfuOBurk436N93k3biK15gOwHWbrou7fLlvWxFB2wB0LD6mpRB7A2iqyBI%2FKtCboCI2fAso%2B1DWUNQRR343nveet0EYmwKHA%3D%3D\"}]}\r\ncf-ray: 9ba45cd35de656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5677,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5676)","md5":"119264cd3c80acfe78ffad71134d788d","sha1":"8cda9c0b48b8d22eed34808e6cca43caa59c891e","sha256":"08e80d2433a59c8e2371d0268b7c42e849404c218150ea0eb043037743bb53f7","sha512":"f52bafe7171cc2ff034930bce798aeff2d138762d357c8142740fa28459931675db2df6a1ccc5c76f9b3df8bbeb511a547571fc102ac076c630e429b926ee69d","ssdeep":"48:jPwdIWejFN9UGzb7GDBpX9rU9E7hEVhRQeESmjxfkgshmhMv2k/IS5O1V:jPw6WejFN9UoiDDXtz8Lm1fLsQGvvg/","tlshash":"70c137e6f3cc48693a6bd29a43667b7d1c6e72c7c2040f26f4673a644f220d2357218a","first_seen":"2025-08-26T17:30:33.372003Z","last_seen":"2026-06-05T23:43:56.924247Z","times_seen":22,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-20a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BjAxTqPeaEgf6v9l6gQWWmKhIoFczk%2BiswDZy8o%2BaFixFT%2BYVthMQO2fPnpCP98kx2myw2RQqN4L1IjaD8%2BU124V2FG8ZUuONQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd3de2656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:10.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:11 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5GZxFBLERupmJfnx9GLAohQ95J7%2Fpi3TKDRuZMj58i%2FrmNO6n7tnXziS2uhH394A2xB8w4zZ7lqIVuGGXuTDy3f2vCn9Tbi%2B1xyHVI4J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d016f3f56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5500,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3238807048d30b49d853d68e5c5dd655","sha1":"137d7a89c2cb140ce611021afd9ea59d955d0ff9","sha256":"7ec9b7c27e4e398484add13747cf4a97727234ec0dae38365e231148e97eec9e","sha512":"102c2e4134dd93aba5578e2362a86e2104846d39481b0e58170b4aa1e0cb9e05e1085d30c1a96a9289afb6e1954da5f41f3899dd38c29987c8f8864f0f3913e4","ssdeep":"96:3VRl5q/DpIrQLaVI2DJwqIqIWvixIR+a8IM9hI5PjI+jsIu8FI47CIx/IE8Ydm:lRfGDZLGJHihai9APHU8/xwWm","tlshash":"06b1a05227cc7c35aa733587928b78da85c9b147bdcd7fb54b8edfbd0865a19300a800","first_seen":"2026-01-07T15:07:37.726223Z","last_seen":"2026-01-07T15:07:37.726223Z","times_seen":1,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 15:07:03 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YVT00tEnorWG64iiMYFwQSISxNXEoX5y003GzLLjZ%2BThpv%2BIuBAjSXnXV1zHNYZYYwtyRcCGqOG1RUA32B6iEHzRb%2FiBAQ5O9mXzEMX7vTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cd40f691525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/sign-icon.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/sign-icon.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1e36c\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DWhSTn1LjT42Orjt9sf41v7X21%2BK3LZ6yyjphHrkP12AhIxCyLLwxHoL9Xqbwj3dirorjz36vZuIikTG6bLDzvvqBqIGWMtGTA%3D%3D\"}]}\r\ncf-ray: 9ba45cdd8ef956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123756,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 378 x 370, 8-bit/color RGBA, non-interlaced","md5":"17721091aaf118d6cd6abc16d2aeba11","sha1":"97bdf3e117ac6d61d646712c8d8e8e4e51198285","sha256":"4dda0b6c1c108a5fa0efebdd996a869e3dea1ad2b747dd0c9749a5bcfb4b57c3","sha512":"ff36aff822a6a3d8d5d25aeb108ee010d9b573eaa87a32c34c65292abcf58de4cd4a1dcf71522744071878652eab110954472b8efd1f26b03511c84804efb215","ssdeep":"3072:7Ut+EYbRGwcF59XAtmaIBxO3unW+QV1d9cYuUM2+:nEYtGx/QEauO3aTQV1ruX2+","tlshash":"93c31218a091f4e8aaa713254ff17314425689bc4fbbf6fdb36c429f70d645807d13aa","first_seen":"2025-08-26T17:30:33.392612Z","last_seen":"2026-06-05T23:43:56.936255Z","times_seen":16,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rtfsq.top/1.1","fqdn":"rtfsq.top","domain":"rtfsq.top","tld":"top"},"ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:02.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rtfsq.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 23:23:46 GMT","end":"Mon, 02 Mar 2026 23:23:45 GMT"},"fingerprint":{"sha1":"44:D8:A2:09:D5:CE:EA:C9:55:12:2A:B8:78:4E:92:E7:12:AD:51:91","sha256":"41:C7:8B:8F:B7:71:56:D1:BF:C6:13:70:EE:EB:69:23:19:45:C5:56:EE:AC:6B:E0:51:B8:C7:AA:FB:FE:C2:28"}}},"request":{"raw":"GET /1.1 HTTP/1.1\r\nHost: rtfsq.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:07:03 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":1528,"timings":{"blocked":608,"dns":0,"connect":304,"send":0,"wait":305,"receive":0,"ssl":307},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-drawer-joDNLxy7.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-drawer-joDNLxy7.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-67e\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=syaYw%2FcJMTOG3jn3JPvG52lHcYaQ1%2Fm7VmfTvAID6wE3G4bawjmYMwyV2KPw49ifdvZKugfxmV5XG4XzmJMO%2By6WyUkke91YHw%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1662,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1661)","md5":"c459d8c22b13969efd179467452eb13b","sha1":"0c10dad7104de3185801252919cd93876687f9f0","sha256":"da10cabef00245f7c0337951d5ff5cbc9a8a1f6c83efce5dc26b6230c2edaf1b","sha512":"1d8d798bd83557544abb5df3e3251afd3bc7834f2f24521fccfa19be96e04d5a1c6844f28658fdd5e33d7316796e66cb5e0496a6fab13ebef553a676865a80f1","ssdeep":"","tlshash":"53318a325d553c18767fd316d4e1d9a80f3cd2d3daf2acce6209652b0a4b9b9205b582","first_seen":"2025-08-26T17:30:33.419712Z","last_seen":"2026-06-05T23:43:56.941652Z","times_seen":22,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userContract-bOONBziD.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/userContract-bOONBziD.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1fda\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xD7TbUjKAy1ZKHqw7poIQTSGrOoTXefvfT5U7vGH3c65Y2WufYacGgoRxTgPRAsiAepdwuRAvLX%2BrYU3ZGpm%2Fifdrq1DgJWr9Q%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8153)","md5":"83b83bb797c6007d7f03d48704a72001","sha1":"abc064e41cd4a625c49efc0dffed7848950a976b","sha256":"ca6966fe263d225f57a6a5c2cd8cc06958e3af709b5c287f24e0c0decd3027c8","sha512":"174f97c0a0baee5f6c03a2aab44b0d5799daf8b8b8fe9d77737f987e5395d6a42a721bda78551fc0fffa4b2d1f486ae887f8285d9bba9ec716db6a4638ac4dfb","ssdeep":"96:wfPCD9/4DoLBp34pMMJJqOum8NvupjI/nWpu5Hf7fApa+e1F:CNsD4pMoqJm8NGpjcnWpu5/74paV1F","tlshash":"7af19559bd0d1419e2fbd20a64f05bcd0624f76bf30389dc6253192acd9769b2a12fca","first_seen":"2025-12-31T19:20:07.049418Z","last_seen":"2026-06-05T23:43:56.935451Z","times_seen":17,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-586e\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y9wGwCQgbkZla47gQxCFPrKlh%2Byi68V4twzsG0YJVSXcSRk%2FkSe1NcFDMFjycbgNEA9diX%2FvKuo3ChGJIuJgI8q1dQrmfIUfTQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0a56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jzoqs9vp1UVipnomMLrLdLrVvGMHJqpOiAU8leU1gBrQyEq8yUMCCii5%2FuZlfJaAuez6VlRnxaBAD3ZAp5%2B7f4KOzAynsq89Q%2Fikgg%2BgVeY%3D\"}]}\r\ncf-ray: 9ba45cd53b431525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":152608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (51193), with no line terminators","md5":"2fb55e745bc26b6176c71c9fcbe84ae9","sha1":"c71e9113e4df800562af48ec5150167eac2aef66","sha256":"85bd4aaf6acdd3dd7a2502eb50cc6e47e7a6a089c6145f312a587072d737e389","sha512":"9243d5add488c1589e5151102af4cf017c51a98819e4c7c0cf8b257566a1f572f7a1d90559a8c225cf4b6729738621a24e2c6ec2c1e78e5eee8195000db6cf99","ssdeep":"3072:g7PC6Hy1ZEAIEPaL5Wfdg94Isij2Iu89dQCV:J6HAIEPk5WfPIss2I/9dQG","tlshash":"62e3f85eebd51122c84351cdd2c2fa7bd07838227745edeea0478be905c6a09993b1fb","first_seen":"2026-01-04T07:38:56.352845Z","last_seen":"2026-04-19T12:18:29.293612Z","times_seen":4,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d69\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9TlYzmMzDcUaomdZHaLDupxWun8KGtaTKSRv%2FEWp4zmHA8K02tBYIljTAlOhdEhadLRrz0oc2e2fDWTafZ%2BlDCODeh%2Fkm5srjw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-105b\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OdjqQTaTmjv276IVH4LoZUwjJVija5h1gI4WJ42zY5gJ4l1smk6k3BOPJzI60to%2Fl4jo0HpQXXaLIR47bIFeeBST%2FuLn5KFohA%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0f56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37d36\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZY7O7C1NI0RUAcXKf5OlHQsJugdFYz5I7xk2XZeOomRsp76hOZxFhPuwZ3LDcoIALyEKweSBKCe2T0NfT%2FDZk7UYwLSHuApMuQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce2056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":228662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"resource_available":true,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":696,"receive":173,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/transfer.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/transfer.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9ed\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jGxEbvoWKeZWHYz0DNIfyv%2Bna7mAs%2F%2BIeliiYMZa6xFVqNN6sy2bVZqg3v8dEnvrHai%2F64mWYMC0ihJP5noNAiAExVH4IVSrGQ%3D%3D\"}]}\r\ncf-ray: 9ba45cdd1eec56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced","md5":"2351a17787b8fe12c8c46607290131aa","sha1":"3c3750c93598dc5ac06e061d60e4442f73ba9053","sha256":"e454f01d73229cd93c51a814c99acea6742329f10bfebd19be15940b749128be","sha512":"94dbd0d6a747edf27221cf5c30118add873b10cd047dcd85eb7f0c120077b1894e0ef06ca4bce57c484c741a7c60d500adca491a602f4749bd37040ab96738e3","ssdeep":"","tlshash":"3251091afb0c56c0e00abd9f96320504ea4e73f05d930a0d7c509bd48e334d67786bab","first_seen":"2025-08-26T17:30:33.432881Z","last_seen":"2026-06-05T23:43:56.919504Z","times_seen":16,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/mp-html-0ul9zqPJ.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/mp-html-0ul9zqPJ.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-896\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OAwUF9El4bOB4ulynm95%2B1XSPU4cCPMaNcU9gMrrXzenWKqG7lWAw3iCymrwK%2FyEedvOwgyub7GBST21EfwTotbRzLnBjyg5Pg%3D%3D\"}]}\r\ncf-ray: 9ba45cd37dec56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2197)","md5":"39bf250660e96521f3a35e1ac976e1a2","sha1":"cc7d930bddc88105f7c3d6bbbe74db8f78c7cf50","sha256":"6ddc23e5714d16e58c5fa537109e04b7f45abf79ac4aa1b8f371631ea3520d75","sha512":"4dae98925cc55685a79033199037b61e7370685091480bb4e9c92c5f5a15176a092f868b8a531c1dbc5fa00b41c298d60dab95b8656f89c33954bc319f6a28b9","ssdeep":"","tlshash":"3d41412231fd68b052bfc83a2b84ae9555d77317a0b383f06d1009572d9b86666ca18c","first_seen":"2025-08-26T17:30:33.430307Z","last_seen":"2026-06-05T23:43:56.920278Z","times_seen":22,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/ProjectItem--WQEwVja.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/ProjectItem--WQEwVja.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-548\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hE6JBdKRYsvqMzg9qJYelz62ma%2Bu84I6Cz5WeT7f4U0zlxPWOw%2BnXxt037HHl9JNDAlOAd7MGhzqbYpr4%2B%2Bza319ryuKUudMgw%3D%3D\"}]}\r\ncf-ray: 9ba45cd37deb56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1351)","md5":"30c73a40912b2d57d2bcf3a9eaadefad","sha1":"d3313e7a5377930b330338beb0648d139c26c7db","sha256":"6de8272c94e2df8961626816b63c5b4b55e5b190670faf3826bdc18798feef9b","sha512":"a8436f768e1d29d40ec7b43a04f77026c58e6653bcccaffdb5bfb23f7baa4379466cd7dbd502c4d6c51853f8dde2fc7d9dbba70d405d55ffe47325081ca9d77a","ssdeep":"","tlshash":"a121cb21bb4c60087037c90912c98a8d1279b247a11a0afd9a7e3099df476b3303a3c9","first_seen":"2025-08-26T17:30:33.405062Z","last_seen":"2026-06-05T23:43:56.93881Z","times_seen":22,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-18f0\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IsPNWdGD8rIaHwYaBcXXCeYOnVscPQ5cmlmYB11CWIueEIariA3MFEgnJ0bAeV51EXE%2FjQMkYlOCj8VcS6ZFDd5n0JlMdcpsxw%3D%3D\"}]}\r\ncf-ray: 9ba45cd7de9156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/recharge.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/recharge.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-ff5\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fo30wqSWFwbznGN9ckogyEqzJoU7LVfNA324Z910UJZXZ8MUQqQVf3ShyMt8REy8Q27t1VE4drv55MbBvqHlMCipX2kYErQjbw%3D%3D\"}]}\r\ncf-ray: 9ba45cdd2ef056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4085,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"05317ce08755ee6ff5f6ad591e2f93c4","sha1":"dfe3ef60a32cc18efae83dc8f9662d3fff48ecab","sha256":"b64b6514f61f995aa214c8230bf336ec3d042c80c51bcf05d440ab17c638aedb","sha512":"0dbb9ba8d3c8d006708fd8fa741892a7ccfa7a6174dc36509863a523e6e5ce939520ae0bfd348b0692707198e525dd646aed577d5316adfca93aadb3898bd5f0","ssdeep":"","tlshash":"cd816d8dcf761e45cab7969c268375a0bfc0467c93891d52bd9d403aa287f9d3233848","first_seen":"2025-08-26T17:30:33.391711Z","last_seen":"2026-06-05T23:43:56.949039Z","times_seen":16,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1285\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3CPt393Y%2BQW4t7ptf9RQ2NHo3FZaWw3SqRHPXNauU9ZChY0NQnRNEsQcxbvNp67K0DHn5Ij9cjDP4I2GSTEqTiDXd6aBvQkMA%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1256c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/transfer-icon.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/transfer-icon.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-167e\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8I3v%2FU6egx3vW7nVOCwqcxSZqo60305n%2Bx7AndtdH5qcuDnqv3USsctJR35f819Jiex6neC0LUTKTuqzR694yo0cKzw7ILZDEw%3D%3D\"}]}\r\ncf-ray: 9ba45cdc0ed656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"79a4540df34c1810b2c287d1eebbc341","sha1":"d7a1de42bddf1b55de67878fc4a65695b1ed035d","sha256":"c00ce1823f739b5844eb607d6e6d8cfda06177227a431136e615fd754ac2b7cd","sha512":"e0707a4643e725529e23ed6fa351cb7234554c5fadc2b701892df2352669c51bd921463183a5dd7f9d52eeeb36b31b906a54a8970a4c916ea37e19481fee152a","ssdeep":"96:7a1FgEpzZ/BtKQe3FO9HMZGx2GNXyI8ghHoR+vJIn9yOzgIP8Jj2:+FpjB1e3FM2G9yb+v6yWgq8Jj2","tlshash":"57c18ff9b10c7155fd5d4c38085502fa9a608ae2430f4715b6accdfa1667d03aac68bf","first_seen":"2026-01-04T07:38:56.390166Z","last_seen":"2026-06-05T23:43:56.955998Z","times_seen":13,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/home","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/home HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=In8LRdiB%2FsMz793oQ1%2FG2lDDWALaB%2FaENOLzb%2FIsY7X354C96Wl86aOsVKghGltqMUZWUnyYbhi%2FgJTt58nvNiOfTaO3PgsicBPCDy5y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cdffc7d56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":361647,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"04cf12f988119d9d754fe2857cad5c63","sha1":"cd5f54635e67195dacca3a014b961070045458f1","sha256":"cefc313c7528991bac77f3a128a8674e9663f632f98ece9da6a9a4e8d4f48a8c","sha512":"c1d6abbb956871f2eeffe092e0d6b99503bc749fa44b758697e97512f2a8eef0e6dfd1f9d5a3c9d0c219d90f964098d2f8aaad485cc0978c893ba0eefe9c92fd","ssdeep":"6144:K6HAIEPk5Wf5eWpSByAS4HLjOnbx6hrMnV2TC9plX5g:nwE7HLjGBS","tlshash":"f1843a3dd3eae3244de1318d25527f76dbac2123e7c9eecf824ade4a11c997441294b2","first_seen":"2026-01-07T15:07:37.738887Z","last_seen":"2026-01-07T15:07:37.738887Z","times_seen":1,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":337,"receive":221,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-5b\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SVNYU77r5KsMHiV0gfZzKphFNN%2BYCJjHSO9aTx%2BObRWF7A8914Xhvpn%2BoxY%2FJ5en46GDPUlMRvyq62871M4Bz1AxRSRsNQaPcw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T11:23:19.853947Z","times_seen":1550,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lJZGUCC9vlVaQjNL7gyaQBax8pIyXpVZiwKswZLsHaFhKinDR8BUe37FklHOnfEGl3na4G6t89plnXbI4zr8fOJh0UqXfYS%2FJkT9owbCIEk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cdccb511525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/LoginRegisterModal-C0MgRRGF.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/LoginRegisterModal-C0MgRRGF.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-801\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dc%2BkTzxxxKZzqrigMdYABbKuaBhp%2FvLl9wqaMH%2Fljn1d9zh29GnTL021srtEFAkt86OLTUxc5p2qaWZhuH5BNaWmkSEBZYcDpA%3D%3D\"}]}\r\ncf-ray: 9ba45cd38def56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2049,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2048)","md5":"eee85bae3cd742e5e7b74f0883e85942","sha1":"1c2f3bc7dc76ba102bbd309157c435c4942e3a53","sha256":"150da1f7dcbee84fb90720ef16ead3130001ad4936917a2982e1f39c9eb98263","sha512":"a9998ba400d872f30018580a288af850c0807dc103c5b8ba129bf107652604618668db597a6fe1c6eff62937c096f76d8f4b0cb94b5a73456e56c3fa4b44ec46","ssdeep":"","tlshash":"d141b85cf9ec1899107bcf2658f18dde1522a3fe921117bea5f3a0348c4b2832d3e198","first_seen":"2026-01-04T07:38:56.361717Z","last_seen":"2026-06-05T23:43:56.959813Z","times_seen":16,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/iconfont-BQrkpu4W.woff2?t=1668947853265","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/iconfont-BQrkpu4W.woff2?t=1668947853265 HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/index-C2R1XfRB.css\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: font/woff2\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\netag: \"695642bd-2eb0\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CdBayF0ufxyvXzij4BvVMptjEMg35oGxBeR4sGf0DdA1wm7fkI7%2FW5LccIBPOFwr8H4y35tCebdO3c0hfKyky17i4%2BOSDYb1mQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cdbaece56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11952,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11952, version 1.0","md5":"9ccc2f107ff8412def4cb549ab006ec2","sha1":"17c86325a22b37017136c6ca36c1d36164a17bc0","sha256":"85e60cc2bbd7a6a41285f6e28e96a2d9cafdcd3edbb024b91a1d4a27db9e8ad7","sha512":"f0d06e94316fba28fd215279f3d48123a85a0e257f20468561a39a687b6e6769795ceed3bc5164dec86100a1305e92caf48bc7e136b372f6f82529971ffb11db","ssdeep":"192:n/31M8Q+z+R+gKmjHD+xIe2pEP7Yil9PEo/DtFmoNu4XMyn48KxKvPnQy8Fdmv9D:bQ+zc+gKmj4kilRDtFmy/Myn4MPQve9D","tlshash":"a432c09c5b485c895cac4da00b91a9b4c58e37c072157aaf8c4b56e06f8ab323383d5e","first_seen":"2025-08-26T17:30:33.435551Z","last_seen":"2026-06-05T23:43:56.903271Z","times_seen":18,"resource_available":false,"data":null}},"time_used":671,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":671,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/withdrawal.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/withdrawal.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-e3b\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SG7lPr7pXhdWQ8%2FgW6kRzVX64ppK35592AQ1QAslQ%2FE4hu8WiwKuS%2FpNgpvJWYeg9ACeP9DEOxpvZrBddCvbSr3LIm5260GklA%3D%3D\"}]}\r\ncf-ray: 9ba45cdd1eeb56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3643,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"81650cf5a60e4d3b7b11bd67e8b654f2","sha1":"2064205c7f1f25b6c6946a6332d62a2bbda4f6fd","sha256":"f77eaf76a0bea7a25280a55558e85f24f5f449522d90b4b8d2dc57104d2ed7b7","sha512":"fb037a6fc4289ac03fb40587a062d1f60ea4a01239bb5b1d2e31fc449c7564bfbeae58dd5496745f80d57fd211cdd5630cac851caec4a858013e18f884be3a8e","ssdeep":"","tlshash":"f4718de7c36864a0cc40aa00052b19a337b6d78b1d567081fa4d4a53bfb8933c0f1bb3","first_seen":"2025-08-26T17:30:33.432Z","last_seen":"2026-06-05T23:43:56.906621Z","times_seen":16,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/home/vip-icon.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/home/vip-icon.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d1e\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SoCMs38rcPFMYG0TGYVsZhRwFRD%2BHKZ8JTW%2Fuz7zOO%2BuzyRwaLW2ineWhrKAg9tOgPtYRkkB8dWVCrfFD%2FYsHlCywEM6npwNg%3D%3D\"}]}\r\ncf-ray: 9ba45cdd1eed56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit colormap, non-interlaced","md5":"95c29573bc4958142f4bbff771f82895","sha1":"b03b76fe266d70f1bb068deb4abe211b7db56f31","sha256":"400154b273cf2dfba3d1f4da5199639507a0932b4fc67eab4c0bbe53a7307686","sha512":"2f7a3ec619b6dfa1d314d593c51d959c877e6f6f07999416e3429aa455af638d0949d794ebabd0810dd5ac5e49320dfcac3f7e5fbb24754a2b59e22731dbd759","ssdeep":"","tlshash":"20614b69f721fd24c1c946a09fb80d091e507c429bc9d79a7295b0174031bc8a814dee","first_seen":"2026-01-04T07:38:56.313899Z","last_seen":"2026-06-05T23:43:56.909597Z","times_seen":13,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:06.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:06 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0JKSlBN9poLObxl%2BgYv8haaPFn2bCT5oEReMC3wFwHY4qr38EAJK8o6MiFXZV6JA1qdl3fePha%2B63t67YynXra43X4I28hA3IVpbpCTw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45ce6fcc256a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:18.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:19 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wvlN11MaOaSbP%2B6eT30WzfwNMXQFnvo5aONcRITRjSrLfR76RmEMziJrK6aUyMjM7jKC%2BP9L4CnpI011MPNJb5XamrlxTpdkgHomltCo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d33a9e156a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5500,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a0b2528730d25b38b3aa0b81e4b12911","sha1":"dcba66d1646b33f81f1020e75da5452a939e30fd","sha256":"3b5d0ec469aaafcbf3e1b46deb1b7e1af39dd6af29e04535d708eecb9fb152a2","sha512":"6c977282c6becfd1832299e2c49e648e2caa365707961b47cd05fdf2e7071ba89e822015e1822316fea2bcc15ba6e3de767f7dc19c56c6b80b271bfff34eb56f","ssdeep":"96:3VMl5Ov/opIrQLaVI2DJwqIqIWvMxIR+aVIM9/I5AIjI+jkIuaFI47RIxJIE8Y5m:lMfO3oZLGJHMhap9GnHMa/Iiem","tlshash":"9eb1b15227cc7c35aa733587928b78da85c9b147bdcd7fb54b8edbbd0865a19340a800","first_seen":"2026-01-07T15:07:37.744396Z","last_seen":"2026-01-07T15:07:37.744396Z","times_seen":1,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:18.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:18 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cnd%2Fp1K09tahYWWVJK5tTT49QZengWEJ5xHWjIqEqFPWsOXe4s%2BAD4p7fB1n4AuLwBGmggYyUVU7vJm3neQdTJt8oHkCB1GkQbakdvQK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d3289bf56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-89f\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=czCnLRYlq93oJEEy37DpmrHH2fg4y5dX9SNMB8nLCJy%2FN5teS0QdGXoTxo%2FbR8PBEcif6%2FmYluDpfRp812L55QtQ6xa1SYIYLw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1c56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-999\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aor7vEoDEazgZ%2F%2Fw2HVeCdo5MM%2FHaZNHaIdiCnwmLQgJt4wVvjwbSwbIzGFMI24c3x9UxuqDNQSGqNusX0aAStGbe9Fsq%2B5i2A%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1f56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-69be\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TSl6gusufxoXDDpynLmGacMk706PCb2%2B%2F2QYmvxC1hMQ8fnDKnU%2BtiyZ%2BwqeDUmeE46uWEska811eAUooZYfzaIrfr%2FfBt3B2g%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ce8e56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27070,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27039)","md5":"c0c9c90054b004882dcbe813b28efdd9","sha1":"9927c7aa2fd8ff2736a17b92ee24cfa1903499a2","sha256":"fb8fbae0da305550ebbd2013de7443a4cd484a2d2a033679217a2532f361490a","sha512":"bd0054ebc2d794b4d58b0b087e1c9196554228a1d4bfb665eaedaef09a70d3b3f3ef8e7cb07717a627cdcec609ff6eed1c7a7aec7a8cbc181816340256050eb7","ssdeep":"768:R1LcXOJOCY8/PU1kfSTeC5Umdb24tpxvYL4fVZw2O:XBJ13gAyr/O","tlshash":"14c20a5b728c70390ad884e108a56741a26e660cb54088bfbdbce4fb59d059530bfbfe","first_seen":"2026-01-04T07:38:56.339578Z","last_seen":"2026-03-08T15:12:25.569535Z","times_seen":11,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:16.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:16 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mpYU1B%2Bed%2BsOqUvSjifIh%2FVL9eKKd6cFv4eEapzpHOFHZ6nbpvfWBXai%2FPqzZ3vrthZ%2BDTZUDwD4h6%2FxDrNvGBQtSI5DsMi%2Fm2BAOGUS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d25d8f656a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-section-CDcYCXgd.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-section-CDcYCXgd.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-174\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JO2DNIQ3ujURD310%2BMEjMMzAkMd4wieanwDMERG9YobR%2FgV67McZLOSIE%2Frj2HxPJNFD%2FI6gjQHdETBgKPFwGAw0N1BO%2Bo2Nkw%3D%3D\"}]}\r\ncf-ray: 9ba45cd38df356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":372,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (371)","md5":"006a7f142fdc4795801553a74c5f0ccf","sha1":"c2889babfcb0370ab068512f13e74f12fdb00094","sha256":"7225c3b57051f107a8e638cb536668f1ca88fa9925544670a7f44050adcd535f","sha512":"ed7cca52ec98758a50462be334b7891e70aa95301a74c308bc171395a674418e646e20ac865eda6848f12fe81972e650b794ba6a806c856c2bbde59d2b502c4f","ssdeep":"","tlshash":"b1e09b16778eb54c642bd73b34a2bdc80124d621c277c10d6671a3584da734711026fd","first_seen":"2025-08-26T17:30:33.40408Z","last_seen":"2026-06-05T23:43:56.967297Z","times_seen":22,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:03 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-54\"\r\nexpires: Thu, 08 Jan 2026 03:07:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eaaduCAL3UWB3mrmmljtd6Zi8Hw7NB4uBj2rRunWuQxHm%2Bkaqbxq8mfgpswt9ocro7t3y67AME4Jxout2FUnehhUuJ5cp1dJng%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c5d\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2o4tCxDCtB2IFiwOfN4XEiTdb1hXpNOABuEaIdg%2B%2F01kG%2BpuCu5GeT8uMaH3ex6Y5qDTUYGNT0IN7bNi9HCmnxGJM8WEMVdn1A%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1640\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HuYx2wabd99mi5H%2BoSRslcKksMGegCk15fPmFOR84PnRImfZHo%2BNX9reMVvSLVSTCxGhPKzcu31400QTiyaRdWlYQF5b5CFeRw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3de2556c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-54\"\r\nexpires: Thu, 08 Jan 2026 03:07:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1yjuro991rjwwVG%2FovLQ9ajrgEQGpSiMjcJv6luMw4M4qvOc7n%2Fa%2BfnIywUYmp4UbdB9oUhin3fTPuZ3duKMUWH2ceGAxB5vkA%3D%3D\"}]}\r\ncf-ray: 9ba45cd77e7056c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:06.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eumpwKwvqWX12r9jZQgiHymba611Nw9BjV4TEJBzWHmdtZMq6iM634TUfOR65zOJ%2FfVNjiKAR%2BptMqfzC3mkNx%2F555xhUiEECeUospPZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45ce84ccb56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5501,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9d4075a7f570d64bb3169b0f3cc19699","sha1":"26936e2a164435e1d87e13dca6f9fb70dc6da3ca","sha256":"0b81598700108d1c5e37a1fd1dcd12d1a7158bde5bf6d45b537d7a7e8a9848a7","sha512":"00943f75170d95d52b1811249d74ab306053f79723b08860e3633a9ca76c0e08dd48e81d2a322c534bf74cb28a4c18c6a5b03011ef237732b46949670ef97dd2","ssdeep":"96:3V+l58/hIrQLaVI2DJwqIqIWvDxIR+a8IM9GI5hjI+jfIucFI47CIxUIE8Yrm:l+foxLGJHDhai99hHlc/xdUm","tlshash":"03b1c25227ccbc35aa733587928b78de85c9b147bdcd7fb54b8edbbd0865a19300a800","first_seen":"2026-01-07T15:07:37.757597Z","last_seen":"2026-01-07T15:07:37.757597Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-title-CVAcbwdi.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-title-CVAcbwdi.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c6c\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=skzCz8qeX2tp3uD9zgqdgJDbGFEEysSB6pCf6DHhVfSACq23TjI3GdqPAzCYAUyyFSAeKcO9PtypnbJNEEiaYd%2FotcwNL4QBOg%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3179)","md5":"5177a0864313a3a5c4e35c97a88cc6dd","sha1":"0a600582603bc21aa49ea90db47c1f8fe75c0128","sha256":"0e3b38377ba563f6800ce39abb9bff953b64f949e0dd9f290bbbadff2da62356","sha512":"899a86a4d2e07cfb5ffabe2906b3a8403e720483e9b0099222a6c4d6ed79a1af784822b8f141943d6408d4693d93eb7a11c4e48d0fd6f56ed957d76ebc2c9a0c","ssdeep":"","tlshash":"1c6131316919121c8e33e7222ca037c99534f1a9f7d7116d53a7283e9dc764714faaec","first_seen":"2025-11-22T10:34:45.560659Z","last_seen":"2026-06-05T23:43:56.913407Z","times_seen":19,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/transfer-BRg7NsZa.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/transfer-BRg7NsZa.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-568\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=btGNp4peN%2BPJffkQUJs2XuZnZrZwgnx0DCNb0aOrehB%2BZxORQupv%2FbgFoA8mF5f1v6DuH2RNjm2QR058cpgKcd7lmrvbJUY9%2FQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd39df956c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1384,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1383)","md5":"8732b3e9351dbf0b861b02335c964d20","sha1":"6cad70740f42e02a06acdd1d47acc4397644e789","sha256":"d0fcdcfeb22f78ed82a487b1713e7102184a57059d7a278b811ba1a2a3970a8c","sha512":"ac3ad5cd570bf9a4c872df2c1f6f9ce2eafaf9cb843cadd1397e8eadadbd2d7aa77d147cae133564c8a5d68fcd8ac935340df1571fdd45966ab8da23915a8010","ssdeep":"","tlshash":"0c21475df54c2d6664b7db0a18f287cd9922b6b6c801565dbc6b3b10ccab3c3241678e","first_seen":"2025-12-31T19:20:07.098297Z","last_seen":"2026-06-05T23:43:56.951965Z","times_seen":17,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-876\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mqtLqm2Gg3rodol6VaBHvuIm9r8FTeRvyBoxSC5zw1CWRNWUSicfglhdmpzMM445tVevrUPOd1X8xmX2BudClWmX8Bfdzozaog%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0c56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-input.uefNOExw.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1642\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0YJDobHIf4BGg9wj4MDJdlhtCFDlDrJepXFcovIRDsCqqjAkPVLvlX8OsugmhWQTlACE3jadq17HTAjwM8TvQiQ%2F8%2FtO7xCdeA%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1656c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-stat._gfGVicY.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b39\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQCzcHP49m%2FxI1On7SXYFSALDwTHReTRTspl7thzFM42SrVhOu2xlHyAPkfnZCq49DZX33ECB%2BLajRoQ9MWvsDj6ciTgDDEZXQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd3ce1856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9e2\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rw%2BD2JOSUdKaZpn8IfQreTC5U2uEJYOOorfzZx1xrTVztFbEo3HAq4Xgw1BQ%2Fq11C8FVGDFlF96GiChCxPHSm8Q%2Fy7MWF3LE6Q%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8156c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-input.uefNOExw.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1642\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=liWq0wsdpdBE%2BS88UaKsq06HZdSIHoNk3OfGrEdePGz5e2nnunPOmEkPM2ZUK674sF%2FoxZ01cOT2IraIVW5BJ07cipf6wY0VEg%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8256c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-999\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g6FcrfpwaAd964JF6sVd5%2BtoKJSB62l4hDyhY7AKfzHsS7%2FJfT0DiP4Rdqnp9v%2B6veHBZAXadKD3zGWbetnTo9EEDHNEyNz3IQ%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/index-DcZrAb-o.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:02.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/index-DcZrAb-o.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:02 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d5507\"\r\nexpires: Thu, 08 Jan 2026 03:07:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l3RE1tCGIEea%2F%2FKi3TKA9pxQN31brgOoNed4OeeiJBvLNOrhp4DrM1RuJigDd9APTOZxLeLATf%2F9VrToNbxMixmzCzhiP%2Fdy6A%3D%3D\"}]}\r\ncf-ray: 9ba45ccb2d4756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":873735,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (26861)","md5":"c97a0470fec56723c03f4fc4a191c9c2","sha1":"c216e36c6d2683496badb80ec376db7b9f219565","sha256":"5be122f7b5600ddba4ffc33f21ab66e6840e69d4e5f7a7ef91a10cc2643cfc8e","sha512":"68df6856fab87d794a9b741ab11b7605a692f39997b892a978b78a1b837de48a0ec8b5380dbc4514dbf9c88c0d6615c14500737d9fafd64f7ce35c320537c7a4","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+2aROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKd","tlshash":"6215ae547396b32106e935e1306b0732a3744e61f44ac08cbaacddd625efca4729bf79","first_seen":"2026-01-07T15:07:37.7625Z","last_seen":"2026-01-07T15:07:37.7625Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":497,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3bd9\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pnq70CgvfNniiW298olnNzhI3a64yiMnhqni7gnDWF97JsaE7qmQC9h7GYHUtg13VfHEze1NHm9zesjLGXdKo6VduqO02%2F1WUA%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ce8b56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/favicon-DYZFR1kO.ico","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/favicon-DYZFR1kO.ico HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=og6BtXz8jcipJWf4TBOtgM41X%2FfB6pWNg%2FNoJKCTHudznhndT29REY7jo6FLj6Lt6aK%2BFPPxPrP2BX%2BJZkESs7MlZRyw6BOjDw%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"695642bd-1083e\"\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba45cd94eab56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67646,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"c1e95980fa943781f0eb7e84beceec34","sha1":"16b7f463692369ba1c2f87ca8b2a9c0b78b0b1a5","sha256":"388ee33538664826ebace6ad3583c68031fbb50a9b64d6a4cf3f1b83ad16edf9","sha512":"ab7f0b44e2b8319476526d8868da0cddf44cbe13d234da08db0380653cae1899796f1f6219bdadcc9894a0576f7b0af8db8b8e6007ede7ca136e36ab836ea278","ssdeep":"384:8bcUhWm+++vR9wORuO4AGoNVwKOqr7IwV:EcUhbTrObxDwKOqrswV","tlshash":"cd637aaea6119d3cfc450e7ca4618c0409aa5f8e381dd2fb64e03a09677b7d8c85fd76","first_seen":"2024-11-30T03:53:11.674099Z","last_seen":"2026-06-05T23:43:56.926969Z","times_seen":107,"resource_available":false,"data":null}},"time_used":600,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":424,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 46\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":46,"data":"{\"page\":1,\"product_category_id\":1,\"is_hot\":\"\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8l6y8QsKzurQCH%2BeObpTzSS6VrkoFHo6iQUMzMGywjDrvKSpF3to%2BUHtBlGT7bU1VkfqdIyIh2DvqCNqECygJDOKlEa9JBFofKFLHnvR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45cddec6356a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5500,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1daec5c4b2999bd5f80cccb662aa9816","sha1":"15453c60394d4146158481a4c06dd5c88dd8162d","sha256":"35814991e2cfa369b5ee9df9fec8faa18518bfe8bcae75ce20956e840e3039df","sha512":"7ef67ec98f9a7860718bb30e82d49de49b12241f7f3ccaa79770d99a0968721c029ce474603758a34239a57b6bc86515d7420cfcc85d0627fde26f1bf0c16b09","ssdeep":"96:3VGl58/hIrQLaVI2DJwqIqIWvTxIR+a8IM9hI51jI+jYXIurFI47CIxnIE8Yjmm:lGfoxLGJHThai9A1HY9r/xIgmm","tlshash":"19b1b05227cc7c35aa733587928b78da85c9b14bbdcd7fb54b8edfbd0865a19300a800","first_seen":"2026-01-07T15:07:37.766582Z","last_seen":"2026-01-07T15:07:37.766582Z","times_seen":1,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":514,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:14.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt932.com/\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:14 GMT\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt932.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3nRU2gRpu3IJBHo8p7YbijbVSwezCFDWYJLcL9dGHU1q%2BgfzE9MAu4AawdsH0GWIgv0aytesUKj5SkFrLA%2BhbytayFCADB3EGwRmaVeM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d19586a56a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T13:09:45.117471Z","times_seen":16178700,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/index-DcZrAb-o.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-75f0\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EtVnvbpDvmPuRlnkUXP1N8l2aq%2FTBrNCXZUY55DYfuUQhLc6x7G%2FQFpv16RJ5TXJcwNmhfRJ7FHBViSQ7%2BEeC%2FlziC720Xaz5g%3D%3D\"}]}\r\ncf-ray: 9ba45cd75e6b56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-49a8\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2BlnCNSUdXeQ5Y2G5O8MvEC%2F1oRpnJ5oeCcNm5j46Ff6VE9GqGNRaBlASc1BMrmZVHaGREixJQfkDsDKhzdGsdXXwBGjF6Bh6Q%3D%3D\"}]}\r\ncf-ray: 9ba45cd7ae7c56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/static/images/tabbar/customer.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:05.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /static/images/tabbar/customer.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bf-188f\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O%2BXsR1JQZ93YQCQWy8kHeiL9SYSamkv3m52lYs1cQgX4OQ%2B57MDoAMRLbNYSkLOwOjaEvdFLUeJLsIvq%2FCBU5lW2ntDfxgm8sg%3D%3D\"}]}\r\ncf-ray: 9ba45cdd7ef856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced","md5":"d3ebc8acc94fa485045049aadf40a45e","sha1":"7da056e27d5657d96c3b8d9d714f6625ec87917c","sha256":"1efb8c5097407b7f24b202e04d22b91bcd111fa335df306f6e72aa463104572b","sha512":"576568733bfb87420a44a70bd3ada580fbf3335b09c902d89d9faf2f4c915075229ad96d2a5f9cfccaef14a04ca30ab0de300789b4c3ff654b2b53dc1d7cd86c","ssdeep":"192:EAxt3ZnM1dA8sFpeC5voUdlWenVgzKffHNsJl:Pz3dcd5sFkCGegzMNyl","tlshash":"20d18ee11dbd2a5a586959377c158474ebb6b1ad879373cc2e8bd1d8303021a68409b9","first_seen":"2025-08-26T17:30:33.424681Z","last_seen":"2026-06-05T23:43:56.910266Z","times_seen":16,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/second_contract","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:14.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/second_contract HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 10\r\nOrigin: https://usdt932.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":10,"data":"{\"page\":1}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:15 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IOwpEgVRpauYS9sPE8W8OpSnI9aMArcAfA%2BshYsGI0jbyIxgKRuBa%2Bg57GqSpNJm44ZJ4ezw10kWv0ZapQsxB5%2BoBS%2BtIpHFF2Pc7x5z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba45d1a788856a4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5503,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2556586bc1dfb984447e8f64bfb1c808","sha1":"27015987335e603460c6f09fa4d2569fcf93ba12","sha256":"7e891f7d4368d526b25d1741843e14469f7e44c2033796e06c635b03cbd1f4b3","sha512":"5146a2ccc63930bb5a651df1abf14c4ec8e16c9a6b1dc0b9311c6fddc202d39ad89342d37f4f292a12dd366f8fe9a52aaa66a0320f25d884779a8e9e12e2cbd6","ssdeep":"96:3VRl5Av/5pIrQLaVI2DJwqIqIWvNxIR+a8IM9BI5PjI+jrIu2FI47CIxjIE8Ycm:lRfA35ZLGJHNhai9gPHJ2/xEfm","tlshash":"32b1b15227cc7c35aa733587928b78da85c9b147bdcd7fb54b8edbbd0865a19300a800","first_seen":"2026-01-07T15:07:37.77595Z","last_seen":"2026-01-07T15:07:37.77595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T15:07:01.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:07:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EQYJKf3lY3qLymGbVQsb11XxE4nlWcGOSZ1eWedSL1bSS7PX1%2ByVu0Zl9%2Bittf3BxZecAMlt%2FMB3362fiibDO49YPbuJugXVUVhC\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ba45cc6d91f49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (464), with CRLF, CR, LF line terminators","md5":"efec4c8da83baa08db9905502dd346cf","sha1":"7e0b95553d0c03a0858094e5e9428027edee01cd","sha256":"a4c95ee00df462dcf4609e1d93cc408b38bf78b5c711bfbe76ddafb0d8f45530","sha512":"ad79362a3f516c6d022851ad16320fd77cdc3818bbb466770293d28a23885c46e9ed1046136d6b0f47b58ecbaa2bb85bf5fd272c4476124e2bdc0c64d0f8db20","ssdeep":"","tlshash":"be71b515bd90942402318a287fb3e60def3284735200eda478cc971b9ff4a46ccabdd9","first_seen":"2026-01-04T07:38:56.432781Z","last_seen":"2026-03-08T15:12:25.587595Z","times_seen":12,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":22,"dns":1,"connect":1,"send":0,"wait":526,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-18f0\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aaza%2BbwBFoGmggwvxT5ExvBCjn1%2BOP2I%2FE1bddpHiqBZtLlQoGKC2z4E7iWK90HngzLW5lACLm5McAHwDZ8MmS%2BSSd42kHDNHw%3D%3D\"}]}\r\ncf-ray: 9ba45cd3de2756c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/assets/pages-user-index-userBoot.DkifFdHN.js\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37d36\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aS0x3aavWVp2nOG1VJvJJjeS1TG6i4KMs4TU5FZWquq1Iz5sarfVIYLAuR5O4yFZFY0BEUEq%2BPCD7u%2BLGOOtbjdwmo14s9fT0w%3D%3D\"}]}\r\ncf-ray: 9ba45cd7be8856c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":228662,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators","md5":"06aa49153aab8f3ab76c1eff378c8a2f","sha1":"5a04b7cc640fa832423c6d7e4973827d06f324ab","sha256":"b2a191a814fcbdf3fc9294e083e6a2d058b7412381fc7f305ded749ca2f96852","sha512":"797df75538297e83a594cba68c65f01935c2bb1ff2af0dd83b337e6e7cc19cacce288c4f98fbf99be660c5b65c8eb8e45e42501165c91801b9277fde99d254e1","ssdeep":"6144:fpdUPGVIJx/9LEwKaCBaL08YQR4XqQIVqpyX:CAw","tlshash":"04240a85fb65b41542a39079413f0907b336369e944b86acb27ecdda296c4ce3276f3c","first_seen":"2026-01-04T07:38:56.308438Z","last_seen":"2026-03-08T15:12:25.561334Z","times_seen":11,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":172,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-banner-B1KD8OCE.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-banner-B1KD8OCE.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-81b\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mtlRJJcStpaGfl7D6diM60%2BP7u7AeQZZiShnJ3raa9DnDoPGlCh6%2BDzfoq1NrD0X%2FO1gL6cuB%2F28TBA%2Bc29x8UA%2FhbFyJY2W4A%3D%3D\"}]}\r\ncf-ray: 9ba45cd35de356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2075,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2074)","md5":"12c9420c9ee1805a5a956e6b5f1f5c18","sha1":"ba25371146382376916a6195037fdfba8ae361bf","sha256":"73e4d379d8db798beafdd7dbaa4215ef0b9bfed3fa37057ce464b3072b699023","sha512":"facc5735d2b1329eb247c38cb34659843203756dad339dc9c1e92ccc99511a9f7f4b461fd0debbb236a8cf1ff9d791bfa7026b86803baf8d0246a1cda6ff322f","ssdeep":"","tlshash":"b841892cbc4d3f14957bc72615fa49cc0229b6beb723053d21e3b565aa0be822e02074","first_seen":"2025-08-26T17:30:33.376377Z","last_seen":"2026-06-05T23:43:56.95343Z","times_seen":21,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/userBoot-BzD3tkpn.css","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/userBoot-BzD3tkpn.css HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:03 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1c12\"\r\nexpires: Thu, 08 Jan 2026 03:07:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pMgKrmnoyA8DhIkzWKHEdpBUytyugpVtO4lidLFFJPV3xTArLFy04VU4pPEDcdvfY5Z6zi1WgY8zEFSyyNZnvzIFpMTPnRD2ag%3D%3D\"}]}\r\ncf-ray: 9ba45cd3adfa56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7186,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7185)","md5":"12b3de5bedc5d044cbf7560368f63d2a","sha1":"162705eacf8a88fca84088caa60a7de174a56d8e","sha256":"292bf74952b3710282a57b3f82421b100c587d5a2a6efc853ae0821da3617c7d","sha512":"90278bf1e15bf610333c03ca099ad4ab968cb0298e3cd344e785b5047ce2870c5e21cab4c9fb4321b1317c9da1a922c93cb1bdb076e1057b83683b8090f8f977","ssdeep":"96:JkydSwIx/+nVqSMSBavXwXYGv4FTW4z28rfcvu2k9k14TwlqIiqR/6/jdDqjMU4j:qOSe022y1krWG","tlshash":"ace142383d5e201eb5bfd102b4b152de0275b35ad341c6eeaa677a24cf971c628339d4","first_seen":"2025-12-31T19:20:07.071433Z","last_seen":"2026-06-05T23:43:56.922213Z","times_seen":17,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/notice-pop-B_iwAnHR.png","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:04.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/notice-pop-B_iwAnHR.png HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt932.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22ff6051d2-eb33-51ba-98be-522d1a84e3f1%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800222804%2C%20%22ct%22%3A%201767798422804%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=aca7e536-8c34-507a-8321-74a14005ed85; __51vuft__3JnRFYkERItiZhCQ=1767798422809\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:05 GMT\r\ncontent-type: image/png\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-512e\"\r\nexpires: Fri, 06 Feb 2026 15:07:05 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TEaili6SsGPCXkB0vDOuqXDtqjV8kadeHFtAHN%2FwiJbRvT0EWjYNPmIpqv7thxx%2F4Fde%2BEYxx68LcTX2vW%2Fvqq6PCJ7FHtuyVw%3D%3D\"}]}\r\ncf-ray: 9ba45cdbfed356c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"e8b6d6a684174fe592319167d41b794b","sha1":"8b27940304e963797b5a1d7bd01d715a1c486bb5","sha256":"8813d7728e298924f626b9d7d594a59a08d8a91994446342e408a47989e5908a","sha512":"a06c8d5e4ce8d9b7dd77826c64b264ea442523bd75618efa3fba4188995b81eebd6508212054f4b0ba32908cf225bc9a7489c28cba9962747bcfb2fc8ac24c7e","ssdeep":"384:bwxN5HRAbw5oxF2rn1jtdd/NqJEJeMIQFK9YYolYyvibnqMLq2CX0iN5XSmOXXXx:bwxNJRjGAj1j9/GEVIZyh2nDL21NpOXx","tlshash":"8692c19216a902d1adb8eed13bbebd5799865b94862c6c00fb1d3d3798c4d0117c4fb8","first_seen":"2025-08-26T17:30:33.408647Z","last_seen":"2026-06-05T23:43:56.898346Z","times_seen":29,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":716,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-129a\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2FUzHFFJSP%2BzeA%2FnGR8HQB4JXvbxMrDGjp3b3S1YttvmtvMwX85B22a5mTKMIFMy6JJ4w9A3HTjxll56dUi5iCVese%2BdyUft7g%3D%3D\"}]}\r\ncf-ray: 9ba45cd3be0b56c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt932.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt932.com","domain":"usdt932.com","tld":"com"},"ip":{"addr":"104.21.0.75","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt932.com/","date":"2026-01-07T15:07:03.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt932.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 13:54:00 GMT","end":"Sun, 05 Apr 2026 14:51:46 GMT"},"fingerprint":{"sha1":"76:FF:0D:E1:FD:33:FA:39:15:20:DC:2B:D7:15:4C:5C:63:BB:7D:1A","sha256":"D4:96:05:53:7A:51:E1:10:2F:B0:73:FD:35:C8:C3:C9:15:46:8E:75:11:0D:21:F8:88:5D:57:E6:C3:47:D3:4A"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt932.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt932.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:07:04 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-4aa\"\r\nexpires: Thu, 08 Jan 2026 03:07:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NFPOeCpD98ucuLSLhFPbri%2F8c5S0b9suYYEmW%2Bx5SClBoYuZA2Mg%2BuK6vdVIVz1rc9Qqqz%2BVYJ7pVUKpSMNYZ20ajZFEkWd%2BCg%3D%3D\"}]}\r\ncf-ray: 9ba45cd3de2456c0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt932.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}