{"report_id":"edaccb18-2029-4ff3-9d09-cd78592e09d6","version":6,"status":"done","tags":[],"date":"2026-04-18T18:15:25Z","url":{"schema":"https","addr":"www.claimusdt.fun/","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"ip":{"addr":"77.37.53.245","port":0,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"www.claimusdt.fun/","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"title":"Claim USDT · claimusdt.fun","dom":{"size":91938,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15481)","md5":"1a59f86da86220e38ce81ba66bf5a724","sha1":"06d658641c4c0a98fe714c9c67d5249ebdfeae9f","sha256":"09da4ec83c5f04c52e2992974893b612bd6c61ec48e2164684044c29bc7ed354","sha512":"e418389d1e66ead0e0c2b05e9f9a1f272b54dd49e321360803cc72ee00b9437fe41a0d556b25c8e9ad75f8db7408454393117d92a9e71252837e79ba3a9bcbcb","ssdeep":"1536:E7Qm/5a0dp7XtN+xtRdaRoYdZmBiD+x/OkDfaRM6dHAx61TsdavLy6ojd5EOknBK:37hHkDWZPCyrzHdb","tlshash":"5993d7b21667203a49d7b1e3b2b6670e31f0d203d50b8d257efd0155cfc9ea09d6ba88","dom_hash":"domhash9bb3b5dccc561f600241a80ac6158948","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"www.claimusdt.fun/","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"ip":{"addr":"77.37.53.245","port":0,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T18:15:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"img.icons8.com","ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2011-10-04","domain_rank":218854,"first_seen":"2017-05-26T09:10:54Z","last_seen":"2026-04-16T15:08:07.847325Z","alert_count":0,"request_count":1,"received_data":2763,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-12T22:33:20.808909Z","alert_count":0,"request_count":2,"received_data":254183,"sent_data":1023,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.claimusdt.fun","ip":{"addr":"93.127.179.181","port":443,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-02-13","domain_rank":0,"first_seen":"2026-04-18T18:15:25.273546Z","last_seen":"2026-04-18T18:15:25.273546Z","alert_count":0,"request_count":2,"received_data":77917,"sent_data":992,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-12T22:20:19.752051Z","alert_count":0,"request_count":1,"received_data":14514,"sent_data":550,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-12T22:16:45.621325Z","alert_count":0,"request_count":5,"received_data":124421,"sent_data":2695,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.claimusdt.fun/","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"ip":{"addr":"93.127.179.181","port":443,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"9aecffc734629d40abd5e8298aadca79","sha1":"d76ed5c6ec8eaadad1562e5d4512bd83c4574e1b","sha256":"de9e46a8d94d19f31158cf6df169fe29d0c85eb2ad10b7d71d73164533c779c1","sha512":"df4c6340bca75fdb44dcba4c0515678aada364f8d1cbcdf406ad9a2d355eaaf91204c54305cd0d4aa9a3bf4afb74c0d9e781154150965c6c036711d4e9c30423","ssdeep":"768:9fhP0Zh4KpHlCh0p5D5H1gO7VTNCt131J/ZVJVvViVEdV79goQ:9fhP0Zh4KpHIh07h1gO7VTNCt131JzJE","tlshash":"98f2419b36a7213c0ad7b27ea3b79344712062071857dc117eae46440f96f787dbaf88","size":36578,"data":"","first_seen":"2026-04-18T18:13:35.989719Z","last_seen":"2026-04-18T18:15:36.142757Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.claimusdt.fun/save_data.php","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"ip":{"addr":"93.127.179.181","port":443,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claimusdt.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 23:33:27 GMT","end":"Sun, 12 Jul 2026 23:33:26 GMT"},"fingerprint":{"sha1":"0C:70:D3:A3:FC:79:EC:17:C4:64:ED:3F:C9:47:1D:A5:07:03:2A:42","sha256":"A7:AB:8C:7D:C0:1F:FE:E3:9D:B3:27:1D:05:50:BC:34:AB:85:7F:09:5C:4B:09:1C:54:68:BE:9B:24:52:29:59"}}},"request":{"raw":"POST /save_data.php HTTP/1.1\r\nHost: www.claimusdt.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.claimusdt.fun/\r\nContent-Type: application/json\r\nContent-Length: 23\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":23,"data":"{\"action\":\"statistics\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 18 Apr 2026 18:14:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 492\r\nx-powered-by: PHP/8.3.30\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: no-cache, must-revalidate\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 664b295fc5d5698928b0cfb7afab963e-srv-edge5\r\nx-hcdn-cache-status: DYNAMIC\r\nx-hcdn-upstream-rt: 0.460\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":2305,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"aa034dfaf5f94fe1726556d69d09e14f","sha1":"9b4ce40887b2c2faf5e8c951e1aaaf2a7b6e3a25","sha256":"e9f84a4e309ab54d8058a9139443bece75f342f7cec4da097adab8d911f40608","sha512":"7cc9c5d9576dc5f45701d50136c23a6a3f7dfe49b3f7a3a1d81eb643a13bac1ee6f003d50dbac7553cfedf2b4e269eaaed236b3237b89bfcede6203b29630627","ssdeep":"","tlshash":"1841a164e5601cd30895f3319e6b9db327a6056b4f8d39643ece192c2f2e45f9cb242e","first_seen":"2026-04-18T18:15:36.130401Z","last_seen":"2026-04-18T18:15:36.130401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":509,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.claimusdt.fun/","fqdn":"www.claimusdt.fun","domain":"claimusdt.fun","tld":"fun"},"ip":{"addr":"93.127.179.181","port":443,"asn":47583,"as":"Hostinger International Limited","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T18:14:57.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claimusdt.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 23:33:27 GMT","end":"Sun, 12 Jul 2026 23:33:26 GMT"},"fingerprint":{"sha1":"0C:70:D3:A3:FC:79:EC:17:C4:64:ED:3F:C9:47:1D:A5:07:03:2A:42","sha256":"A7:AB:8C:7D:C0:1F:FE:E3:9D:B3:27:1D:05:50:BC:34:AB:85:7F:09:5C:4B:09:1C:54:68:BE:9B:24:52:29:59"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.claimusdt.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 18:14:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.3.30\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: dc3493f62df1aa06b213929d0f44622e-srv-edge3\r\nx-hcdn-cache-status: DYNAMIC\r\nx-hcdn-upstream-rt: 0.457\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":74586,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (400), with CRLF line terminators","md5":"22f2d1ac0804dbf939d3850b0d4f91bc","sha1":"1edeaa19903b976ca59c92ad8a260b4e7b1689ad","sha256":"5bb5fb7c4987aa4e57e64539c7275a6cb0ec953de89777a3eccedf8c5dd79447","sha512":"6401df1e5c2fc0257e0f0eec53460688f42c558d79f7411a2584bdcb49e9fd156116b30696cab28bd5ad1d88b112a8fe22167464d63e788647217cad3f4f1e3d","ssdeep":"1536:hI8S6viIkRh9sEktdbW5iCVgyxAuwpeKJXCcpfSiBjiFCn9SsSDSGEZ/:uCEktdbWGQEl","tlshash":"0373b5a62609113e19f7b3aae7b39349f9605103c40785197efe02854ffbd64ad2bf48","first_seen":"2026-04-18T18:13:35.974835Z","last_seen":"2026-04-18T18:15:36.132977Z","times_seen":2,"resource_available":true,"data":null}},"time_used":836,"timings":{"blocked":138,"dns":40,"connect":46,"send":0,"wait":556,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Orbitron:wght@400;500;700;900\u0026family=Exo+2:wght@300;400;500;600\u0026family=Rajdhani:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Orbitron:wght@400;500;700;900\u0026family=Exo+2:wght@300;400;500;600\u0026family=Rajdhani:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.claimusdt.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 18 Apr 2026 18:14:58 GMT\r\ndate: Sat, 18 Apr 2026 18:14:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13828,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"37ddfb9a999266c2839609d2d79df029","sha1":"db42ef82b4094b4bf644bd0acea4b0b22dda0922","sha256":"f0b0c33d8755ad7727531f0609e10c0cf6c1ad4fe354b7f74284837d8306a25e","sha512":"ca6ce8e8da089e95cbc4632a1491639d9e666afa20b1da5bda3982170aa75660dafab4627fff6598bed2f59a9734f4f20cf7aa8278f61dba5ac7c47578742b7f","ssdeep":"192:CpSRHHxxEipzRHucx5RpsRHtjxK4pVRHkmxnsgwg6gMgFxoooi4vDOHSVeCBL:KUxlTexHs","tlshash":"8352fea1082be400eb931cc663ce7e3aae5f7254a440d5795ffe1cd8acdac621355b1d","first_seen":"2026-04-18T18:13:35.977084Z","last_seen":"2026-04-18T18:15:36.134732Z","times_seen":2,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":130,"dns":6,"connect":25,"send":0,"wait":34,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/exo2/v26/7cHmv4okm5zmbtYoK-4W5HIotT4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/exo2/v26/7cHmv4okm5zmbtYoK-4W5HIotT4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Apr 2026 08:45:09 GMT\r\nexpires: Fri, 16 Apr 2027 08:45:09 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 20:22:55 GMT\r\ncontent-type: font/woff2\r\nage: 206989\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40836, version 1.0","md5":"9b3b8ff7ce2027b021390b101482e960","sha1":"94042c26bb2a2e3337c293ffa5cd88894764207e","sha256":"6f7153d9320d0b79ff1fe4502f0b2f9d847dc765d66414a0efb91b31096e113e","sha512":"7f63a3f2e93936f73c8a881d3cdf17e7516e54ae50b7cab42ef3a89575f9507b27fe368b48364ce7f885dc6346969e9e46e64a7eb2cca98f416ea9a5f98e154d","ssdeep":"768:HUabfwFhS0q7rdQ5DNYk1p5tLYmDEz87/yzIMr53M2ToWr1McLhgjXsucOCH3mZh:0asFhy7rdQIkdtUmDByEApJTo+Scfu1T","tlshash":"b303028073271964a8984cac4c5def62d9c32cf75b632da05e7e84f7eab2c09d457348","first_seen":"2025-01-30T16:57:40.808331Z","last_seen":"2026-04-22T17:35:07.904384Z","times_seen":4379,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":111,"dns":1,"connect":7,"send":0,"wait":11,"receive":9,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11800\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 01:58:02 GMT\r\nexpires: Sun, 18 Apr 2027 01:58:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 58616\r\nlast-modified: Thu, 04 Sep 2025 17:04:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11800,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11800, version 1.0","md5":"5d281085f7277a3ec9c7586dd2f24a13","sha1":"d686c7f2bfeb693a91baf3aaa3b6e70aa1a5bcc3","sha256":"c25a9f9da5d9f3db1bf2a01474722dc9b377675b7bbab6d0dfda6902794fd1ed","sha512":"7a31ed0d967a47d8f6135b5889c2af595b1ed3993ee3e2e2f522875e6384773b1f9f96ac891c068599580a543001443b1a1d565563a13010d40e1dbac4142220","ssdeep":"192:oufNGqi8O6lHWqR+OVLlB2AynsvBhJo/WO9UrApcn4UwLqJhPCGSlkeLlM:vCjKBBB250BhJol9UB48SeeBM","tlshash":"fc32c067623046e2fc22b53001fc4500466865bfd140f1bfd66349e7766e9606eb2a3e","first_seen":"2025-06-03T09:08:22.59014Z","last_seen":"2026-04-22T20:56:10.501461Z","times_seen":3749,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":214,"dns":7,"connect":12,"send":0,"wait":9,"receive":1,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDIxapCSOBg7S-QT7p4HM-Y.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/rajdhani/v17/LDIxapCSOBg7S-QT7p4HM-Y.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14976\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:34:16 GMT\r\nexpires: Thu, 15 Apr 2027 22:34:16 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 03:40:47 GMT\r\ncontent-type: font/woff2\r\nage: 243642\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14976,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14976, version 1.0","md5":"cac31f26b77ee8053a76a54ce2f8ce48","sha1":"c92bcfc9121164049c1b30655db9481d0e454464","sha256":"759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38","sha512":"175e68a3fa2978ab4a89c5bd92eebe5c0f034ccbd6004dd708c243b561102ac7e15e267b90edb86d03c312c1849b157b544ae8045209b0c2e2b27d1b480b7783","ssdeep":"384:ekfg3HBbG7EsSXbNSX0FgF1o56xCKSEdVkSKMOk5:bI3hEEJJSXExAwEKI5","tlshash":"7b62cfb8b1b6d40fb06e4de74cb0d2e11d78b155ad6a8ee4109bef197668063852fe30","first_seen":"2023-04-26T23:36:20Z","last_seen":"2026-04-22T20:14:21.864449Z","times_seen":3007,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/96/000000/tether--v2.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/96/000000/tether--v2.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.claimusdt.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 18:14:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 2026\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: DEDR1BLPBScO\r\nicon-size: 96\r\nicon-format: png\r\nlast-modified: Sun, 29 Mar 2026 21:24:50\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k8MCK25yUROOAxiInZOkmgStITm3sGWxyTi4dQZCvkcUkbqAMhUdItZWzxFq4numRw\r\nx-77-nzt-ray: e2f75420e00bb97b22cae36908174d35\r\nx-77-cache: HIT\r\nx-77-age: 97448\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2026,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"5d686869d039668dae0deb8ac3797451","sha1":"072b227464595654141c91f566038cb366fc41c9","sha256":"8ef6facac965ff9388661af9c9aa3c4225de24e3d2cf6b2d85086f62f0bee9b0","sha512":"fb49faa8dbf83f6e1864b6681e980f9069ef2128cd588ce350722c889a71aebbdcedf2aa227f578115c64b33b11278c46b518d547296bb770dc421560a3d0d9c","ssdeep":"","tlshash":"9841f8a9be06ecff5e5d1e6e4940c99ab522a794e9377402b720205cf815e47044ef2b","first_seen":"2026-04-18T05:25:36.253161Z","last_seen":"2026-04-19T05:42:34.237814Z","times_seen":4,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":17,"connect":8,"send":0,"wait":33,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.claimusdt.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 18:14:58 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 653895\r\nexpires: Thu, 08 Apr 2027 18:14:58 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ofs3%2BT14OVy577hHx%2BkP1jPCgTSG5D6%2B%2FQeMtlQ6Sq9NPMCh%2BLj4tgkoBgcUSZhQ8RQo083J0QGgI4bQ4xpNFdam4S3mu8J5xEU8DHp0Dld0Hnu6zdXgq%2BAnvgpGblQptaFnhvZt\"}]}\r\ncf-ray: 9ee5a6f5eb495687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-22T20:18:18.59024Z","times_seen":44964,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":15,"dns":1,"connect":1,"send":0,"wait":17,"receive":3,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11800\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 01:58:02 GMT\r\nexpires: Sun, 18 Apr 2027 01:58:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 58616\r\nlast-modified: Thu, 04 Sep 2025 17:04:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11800,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11800, version 1.0","md5":"5d281085f7277a3ec9c7586dd2f24a13","sha1":"d686c7f2bfeb693a91baf3aaa3b6e70aa1a5bcc3","sha256":"c25a9f9da5d9f3db1bf2a01474722dc9b377675b7bbab6d0dfda6902794fd1ed","sha512":"7a31ed0d967a47d8f6135b5889c2af595b1ed3993ee3e2e2f522875e6384773b1f9f96ac891c068599580a543001443b1a1d565563a13010d40e1dbac4142220","ssdeep":"192:oufNGqi8O6lHWqR+OVLlB2AynsvBhJo/WO9UrApcn4UwLqJhPCGSlkeLlM:vCjKBBB250BhJol9UB48SeeBM","tlshash":"fc32c067623046e2fc22b53001fc4500466865bfd140f1bfd66349e7766e9606eb2a3e","first_seen":"2025-06-03T09:08:22.59014Z","last_seen":"2026-04-22T20:56:10.501461Z","times_seen":3749,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":232,"dns":1,"connect":28,"send":0,"wait":8,"receive":1,"ssl":199},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 18 Apr 2026 18:14:58 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1256425\r\nexpires: Thu, 08 Apr 2027 18:14:58 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZzpHNhlRyp8EfyDmlyR40yfJX%2BvvdIQg%2FWcx%2BDm1O2DUrHwk%2Fs9Nv0%2B9TXRxTeOU3iGulGWS7Ldpg1zrjP6JfcSVKC3g2736sFkhTLsyLjL%2BsOpULBDMy%2FKd0KV5jlrKVxAjrLUZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9ee5a6f7ca9e8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-04-22T20:18:18.629112Z","times_seen":32969,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":45,"dns":1,"connect":0,"send":0,"wait":9,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/exo2/v26/7cHmv4okm5zmbtYoK-4W5HIotT4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.claimusdt.fun/","date":"2026-04-18T18:14:58.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/exo2/v26/7cHmv4okm5zmbtYoK-4W5HIotT4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.claimusdt.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Apr 2026 08:45:09 GMT\r\nexpires: Fri, 16 Apr 2027 08:45:09 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 20:22:55 GMT\r\ncontent-type: font/woff2\r\nage: 206989\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40836, version 1.0","md5":"9b3b8ff7ce2027b021390b101482e960","sha1":"94042c26bb2a2e3337c293ffa5cd88894764207e","sha256":"6f7153d9320d0b79ff1fe4502f0b2f9d847dc765d66414a0efb91b31096e113e","sha512":"7f63a3f2e93936f73c8a881d3cdf17e7516e54ae50b7cab42ef3a89575f9507b27fe368b48364ce7f885dc6346969e9e46e64a7eb2cca98f416ea9a5f98e154d","ssdeep":"768:HUabfwFhS0q7rdQ5DNYk1p5tLYmDEz87/yzIMr53M2ToWr1McLhgjXsucOCH3mZh:0asFhy7rdQIkdtUmDByEApJTo+Scfu1T","tlshash":"b303028073271964a8984cac4c5def62d9c32cf75b632da05e7e84f7eab2c09d457348","first_seen":"2025-01-30T16:57:40.808331Z","last_seen":"2026-04-22T17:35:07.904384Z","times_seen":4379,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":83,"dns":6,"connect":11,"send":0,"wait":18,"receive":7,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}