{"report_id":"0079c4bd-7d3f-441b-8239-7bceedd27f9c","version":6,"status":"done","tags":[],"date":"2025-12-26T17:28:32Z","url":{"schema":"http","addr":"usenetmodels.cc","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":0,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"title":"UsenetClub - Join Premium Access","dom":{"size":1479,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (443)","md5":"3133909e6aca1132e82b606c7cfc42fa","sha1":"177377f45338517c801cf9235e52316702dfd87c","sha256":"0ba8f45e98b8025b90a71df7a8606b46cbc849009d21635f82dfbfc1eb388f55","sha512":"5730317873ee9727a88cbe51ebf10936ba687e94daa03d346dc4a03a5cd5d6d590ddb7917b27ba795a681d9c7d8fa410691f0c33f52b085ef78e9436ccf52ced","ssdeep":"","tlshash":"ba31cea3e38f684d3101c12890f1f2f81f3ea059b7015f25bc25b773ab8da8654a2951","dom_hash":"domhash003fb3f0de8126b803198d4c3d676989","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usenetmodels.cc","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":0,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-30T17:28:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-21T22:14:03.270461Z","alert_count":0,"request_count":6,"received_data":294930,"sent_data":3330,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usenetmodels.cc","ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"domain_registered":"2025-10-31","domain_rank":0,"first_seen":"2025-11-07T07:27:37.55678Z","last_seen":"2025-12-18T20:33:46.596926Z","alert_count":104,"request_count":52,"received_data":2992297,"sent_data":24259,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-21T22:17:07.06462Z","alert_count":0,"request_count":2,"received_data":47704,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"usenetclub.com","ip":{"addr":"172.67.186.216","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-11-11","domain_rank":1688914,"first_seen":"2022-11-11T12:19:02Z","last_seen":"2025-12-24T09:55:50.762474Z","alert_count":0,"request_count":1,"received_data":53585,"sent_data":538,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"usenetclub.bz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-25","domain_rank":803703,"first_seen":"2025-08-08T06:21:22.30127Z","last_seen":"2025-12-24T10:08:37.83827Z","alert_count":0,"request_count":33,"received_data":2393170,"sent_data":15458,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"embed.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":52083,"first_seen":"2014-03-19T21:03:49Z","last_seen":"2025-12-22T01:52:11.334782Z","alert_count":0,"request_count":20,"received_data":1091616,"sent_data":9070,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"va.tawk.to","ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":51316,"first_seen":"2017-01-30T04:20:46Z","last_seen":"2025-12-22T01:32:36.128223Z","alert_count":0,"request_count":5,"received_data":7031,"sent_data":2578,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"vsa3.tawk.to","ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":3128242,"first_seen":"2020-03-11T12:35:16Z","last_seen":"2025-12-25T07:45:12.499459Z","alert_count":0,"request_count":1,"received_data":417,"sent_data":1076,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usenetmodels.cc/js/client.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cd887b37bb83ac75da426773ab7d90c","sha1":"700dc1267e009a5013ae5bc6372863d30e512b3f","sha256":"67750f50258e66c35909534bc8b6f78484fddbb4c403d27ef821702d45a7adbf","sha512":"8e4744050d11ed95ac73fbcd28debe52c269188869b7fa26d6a8133f09e979a84d265d9dc520f42e62d2c5ce4226b99be1767dad9de266a250ec5cc1847d1456","ssdeep":"1536:31Yyen8fRr5MBp8++GsyKlgyeFAqU4Ojl24b7y4hz6XBAh:lYye8fRNA+GsstqNy2znh","tlshash":"7f435baeb1ca723657b631c5913f54053b7a4529488cd058fab2c890bd78e9e007bf7e","size":56213,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.458629Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/main.js?v=2.1.67","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"3fa04ba21ec5cddc208971b58cb5377a","sha1":"d6dfb8b1e9b21e299ab6a354894b21c0b06d9841","sha256":"953950eff1a4c69480adc6fe4786b7a2a3a104f3c6c0be7698b276195c92638e","sha512":"68045109eaf8fe6425f161335b32a39afccbd63e0b4eaf16d41d7c8a133dde8f633d28460755ad8ecd9e91577f41e9a50fc37cbc33199fdfb18a1c155494ee43","ssdeep":"384:NF9YW/mGS+IqwKhtMadNKqlz4T+h9spZ1gIo7AMEr7:zqW/mGSatMadPz44CpZo1Ef","tlshash":"2672d698b61025a7c1d73eba60ef850536320971da4ac464e0b7005d6fe9fc8f673b6e","size":16056,"data":"","first_seen":"2024-05-15T04:40:30Z","last_seen":"2026-06-12T11:41:48.446934Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/simplebar.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"74c6c582c6bc6e2f900aa0741c4e6aeb","sha1":"c6c2968e8c1b4f01d06c5a76fc0db52f6411d9ef","sha256":"debf7e3134f924ee7dad356bee4184f8a8ec56c13873839c93dbbb75c0eef3a5","sha512":"3c6564a134c4ccf3722729b22b73b413a8b2707a2083d64b924414b691cd6175719a06229d033620970ea67d90bf7ac7efd58c8f6f107809d80dee505f920aa9","ssdeep":"3072:ZpLPboAJ5cbXH21VJDfSeuDJecIpUZaZA6i5ZkGHm8wKz:fLPboAJ5KXH2dDfSeeJecIpGaZA6ifkE","tlshash":"29e3b75a7ee261e2447771798b5f6104f638811b021de994bc9cd3e41fb0b3843baee9","size":150426,"data":"","first_seen":"2023-06-24T14:41:18Z","last_seen":"2026-06-05T23:03:08.015727Z","times_seen":581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","size":5504,"data":"","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-14T06:10:31.663504Z","times_seen":36636,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","size":53530,"data":"","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bad82a9d17b70394dcb479ee1743ba1a","sha1":"2c009dc2598c21f77f2e6f7acc4d47f146cfdeae","sha256":"655009c5e2dd85e9e5d763a0b9daffda4908bae06d495f30359acf4bc00049e2","sha512":"850449a8987328d3ee69c24d6521621c4793128a2e0e89649f8b5ec3d51b02185e71bc7298e1e7e727883c13b166c31a20fe7945878a90ee63e9576b2623064c","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFYTdZPfx3u4V5pfYMrlSf:4nmuTilGhmsx3u4V5pPrlSf","tlshash":"66a30a6ef091b47d8993d26120af3212f3353d55a919d0a8f234cdf859d89c9a127f3e","size":105985,"data":"","first_seen":"2025-12-23T06:37:53.054872Z","last_seen":"2025-12-29T09:53:34.58718Z","times_seen":438,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/site.js?v=2.0.7","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"143be4ca33096ecdde0e814e7a66bcb3","sha1":"bde4812cbd6ecce2d11b54c735674c6d33916f58","sha256":"fd9d27a52961111be18402b89ffb9d831cf1b4fe83a16808c081fae17a32e444","sha512":"b7f3c7ee7fd377c4aac2d7bb8bb0229722c132981b92897b37433b8d020a750bb5da4a8731991a7fe8757e3edb0ff357c1d46ead034a3dfcfa6b09aede272ba3","ssdeep":"384:dACQ24pW9LyL4LI/nD83sTD+6VjO/JM7TN+E5O4qS4O6m:SCQ8GwI/nA8TD+6VjO/JM7TN+EA43Am","tlshash":"3272095df250f43785a22364502f13a03f7a1d428903e498dd76d588ab29fa5e87ff3a","size":17274,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.464304Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f0ff88dfdf00d847e30c7ece562138b7","sha1":"bfa5f03925565625cb95fc3950a49bb3c123f64d","sha256":"d6e26066be2b66672f74cf5a79ed4db17887a5f1ea1d2d423dccb497d0d8587e","sha512":"8798d7d987668ca7b2505108b5a4cc117a06c94cd676366e3b9a08f021ca78c2978a0a84739e8312eead8de059705ea4d04a89f120487e1a2630140e3c5b825d","ssdeep":"","tlshash":"92d022132c1920ff84040137d10e82473233240227d5fe0c3a4cc2be873ca1e0a8dee2","size":195,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.466399Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/mytools.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"072952d99524de24ecc37cd7b03f4bcd","sha1":"6d0b5eee6c4bc5522401f03ebb36b3d804d18ec4","sha256":"cb519b70ffb87dcc53f777732a0585a078d7d2ce08ac7a701141b9e59e48d757","sha512":"579d902d1a91a0ed21f13a75df8d6e0a1fb941211ad4bf4e0d014f31a238f2a42a9db909e65c828d72b62edc49981f72049d2e94677c84e3ef05bc18891aad89","ssdeep":"","tlshash":"e8217f8288b13569982d1843f366eb31b6f3dcdfab190d15fa046c28688eb03c55e6cd","size":1166,"data":"","first_seen":"2023-03-10T19:39:08Z","last_seen":"2026-06-12T11:41:48.438169Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"f0ff88dfdf00d847e30c7ece562138b7","sha1":"bfa5f03925565625cb95fc3950a49bb3c123f64d","sha256":"d6e26066be2b66672f74cf5a79ed4db17887a5f1ea1d2d423dccb497d0d8587e","sha512":"8798d7d987668ca7b2505108b5a4cc117a06c94cd676366e3b9a08f021ca78c2978a0a84739e8312eead8de059705ea4d04a89f120487e1a2630140e3c5b825d","ssdeep":"","tlshash":"92d022132c1920ff84040137d10e82473233240227d5fe0c3a4cc2be873ca1e0a8dee2","size":195,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.466399Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0ae6444f3b643d42492811d109fcd486","sha1":"67e69e22cdb9048ac38ac5ebd38d09f2d2a682de","sha256":"2924a94e3b93623ce19e319c42c4d5208b3a27872089736f5ff3ea3071041b39","sha512":"2a5f22b44a0b3b1a30f55066da038ea7f381d27a65c858a3eb66d5ca3d58fdc3dab584e4e05da8cebd20612e2e207ab14c6d8af315b4fe5ea96c2325e6301b8f","ssdeep":"","tlshash":"e501c45d72d79ec8727b68df43ab49e0a61a0a4e6b178342d1bf431e06252c4362317f","size":773,"data":"","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-01-11T13:34:43.922824Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/5bd9ab3c65224c2640518269/default","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"942d2d08da33f79c23c2e34086c328c7","sha1":"c494d0fef4d055e96705c52ab78e239248e87074","sha256":"1b92666b500fe6a859035ba282d2eba353c83c039714c06991e2104474302016","sha512":"62c8d0ef88264fdf08a5ecccb4e91237dce13eafd838278bf8353515e1143eb8c3ff3a7fc10e4380a28398649a7986115d063a2a24c61063bd2f1ae6b9c07b8d","ssdeep":"","tlshash":"a64123f25b8f5d52522410d88efefa0e357b70e644dc5cb2470c0c017699abd6a9ee3a","size":2121,"data":"","first_seen":"2025-12-23T07:18:48.895189Z","last_seen":"2025-12-29T02:24:37.878454Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","size":1000,"data":"","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-14T06:10:31.655036Z","times_seen":44281,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/js.cookie.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"01ed3a4cbcdac67a227bee91fddfd59f","sha1":"5d713bd0c24c7c42c3df7f9d2bc23448640092ca","sha256":"40e4123aaebb5e68c8eafe564f1217b07a421e38a1ff4c2b0501ec3287b3d36c","sha512":"a80242dfd0403d548af839cb4dd8b8885da07304c228f85c54389ee9987b307352308b03bbaf8331a8d6f962989bea760ac03f55184022103659c0cd739147cb","ssdeep":"","tlshash":"ae31b5c8304538994aaf1221a32f178ff0798e49bc8dc94a834898f07e36a0b4193fe5","size":1875,"data":"","first_seen":"2023-03-10T09:34:01Z","last_seen":"2026-06-12T11:41:48.44814Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/plugins/toastr/toastr.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"b36f28de584845317de40a7219c82b1c","sha1":"6de8657c8782561bc023478ab708179ed846db1a","sha256":"ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09","sha512":"54477e9eadb90a447aefa3bea4b0670d6d3d47b5505fd31d8a28f4e768150a9e72547de31ad1fbd07a3f514bf89890ec11d4efa91085660d0d2868a88c69d40b","ssdeep":"96:LozfdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrI:Mzf4BtcvvRqIQcNa74ccrI","tlshash":"f7b19384b220bb8b5b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","size":5537,"data":"","first_seen":"2023-03-07T01:28:39Z","last_seen":"2026-06-14T04:06:07.015112Z","times_seen":5728,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"720a3378ea3ff8d37ca46609a86b2534","sha1":"b431124fc4f32794a107891ae38d40502f85f534","sha256":"c97e8efcfecd1c6e40f8c6ec4efa79ab20bb8324707ba9e59821a692bfcee48d","sha512":"922c743dc77e750f615873f46b0b5218079acbf2d9bc29eb7a80fa8d968f1ce26a871fc995ed98af617a2889dad0ea2667063e88a8a3adc6c0a382a58fb9864f","ssdeep":"","tlshash":"9b5126387b990039f57722aa1d8fb2087b74d521d902586f200da5dc8df7b5a29c5f3c","size":2776,"data":"","first_seen":"2024-08-21T10:14:51.947834Z","last_seen":"2026-05-29T11:48:11.98825Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/simplebar.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"bf8eced6aa61b2f59c40d6cb53a08152","sha1":"713fc2a5440b876dd0db12e2b8dadaebfbf72bc7","sha256":"d70fe0d8bbd578b47b1a77d4707c24fa5ef5080a4fb1b64720a888ca7012f0b2","sha512":"f8496ca866f433809ed52c3a5d515d45d019bff4564f26f7e70e87016745daee304c0c0f8a3488d5387abbe99be6bc3ebbf0d1722180999358746d92e239e89d","ssdeep":"1536:eYH+yNlD00CHi3ucGvrob2qPq+qb1Kyi4j5UGwu6oc+71S:eG+yUU3ucGvroRy9e","tlshash":"70630a997781f07782eba269c03f170ab339a492511cd098fa7cdad95db0e04476bb3d","size":71764,"data":"","first_seen":"2023-04-24T21:09:38Z","last_seen":"2026-06-12T11:41:48.445177Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0c9872e9b601eafb4abfaf40fb26837","sha1":"2651b995d20ed0eedb6b7a22122a26f9dfe540b3","sha256":"034ca31e126065445642ed3fe3d0109fd18a8696f76a51c87b004375cd78b7ce","sha512":"5ffa6ceef6a4bb1feba65d50353beee01d3e998a5c892f9ff0987f6d74bb394d93a0de47e73d3c3cb67f5215cd7199a2aa16ae6ff3247d6353917bfa02bf0628","ssdeep":"","tlshash":"58c012eeb1e1967052367ddf91776c782869140b3b9d7346e0690b7aaf1504d234333b","size":194,"data":"","first_seen":"2024-08-21T10:14:51.95274Z","last_seen":"2026-01-11T13:34:43.924117Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","size":121,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-14T06:10:31.706846Z","times_seen":86107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/framework.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"51e6bbb769079eee54193d87f5249fa2","sha1":"17b4e0c71c9109b7ac6cac71badf225c256d3480","sha256":"15ae8fb27af125b3c7f8890b5c987a356cdef5e6668c176f88742af6e2c5afd0","sha512":"66af74e47d8fc8e0fc563c07c42516b5cf1502503a1892d2895062d2b51752f1460a686e823ac8e685ac991fe4f31f2be46aa8406077d4292fb5b66d4ce435bb","ssdeep":"3072:Zc+bS2TLkRmFzfFTYLVDa5lj/rJJZCYO36n9VY3:bVTLkRmFLj/Fm2c","tlshash":"0b14c8c9b381b069c6db6276502f1a0eb23aa4c5940ac058f578d4c57e75e09e13bffe","size":192040,"data":"","first_seen":"2023-04-24T21:09:38Z","last_seen":"2026-06-12T11:41:48.454182Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"01fe9ca4844935c71356c695b694083c","sha1":"dd95007770446aa2862a6b50c0ff3d80add31be8","sha256":"0756202cafd3048f29ae14916d3b3b3726b79e2fda619c42c6cede05d16390d4","sha512":"3950b4362992126cd0b45e49d3da2d34c831951352d6971084d0bc425f40ad5ceb290895749c7db30e026dea7ff86586e9e1adfb056bccdb875955e7b60f303c","ssdeep":"","tlshash":"3e4183d936e8f9b6434318e1043f9016f6352976097be8c0531dd4f5bc78c49815afb6","size":2306,"data":"","first_seen":"2025-12-23T06:37:53.062154Z","last_seen":"2025-12-29T09:53:34.547112Z","times_seen":472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","size":151,"data":"","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-14T06:10:31.63038Z","times_seen":86144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","size":82913,"data":"","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-14T06:10:31.579268Z","times_seen":59629,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc08ba58d0fa542b65ee2eba4590ab8a","sha1":"774df0e93dbd05e0ba1e1ab52bc036e80298093f","sha256":"6ee957cffb57b80853eaea9a8c315840ff1c2fb8dd4c7f3dbb422f26b4da9119","sha512":"429e84bceb591c0d74af034515dae68cb6cd3a0d7450037cd2b10681035796c2267210c28bf01010e50130ad18aee142e1e75096bb62cab02a4728ba47de502c","ssdeep":"96:zNC9Hqt7pEma7hY/rcKXJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYNLRIvgx43nVY","tlshash":"f5b1859af247b456c156225150ef3b1df33a281ca61ccdc4a66965f218784cba077b39","size":5261,"data":"","first_seen":"2025-12-23T06:37:53.070649Z","last_seen":"2025-12-29T09:53:34.561942Z","times_seen":442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","size":10938,"data":"","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/jquery-3.3.1.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-14T06:31:01.621173Z","times_seen":135095,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/main.js?v=2.1.67","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"25374fb0719def72cb6c6cfea9aaf07d","sha1":"65cdd3bc9bfb77b230163c659e415ced626d9b5d","sha256":"2a21d83a5ba9fda40af92d51f8ef1406b6cdc478500caae9d153ff4396695b55","sha512":"36b69f830dc8870f4bec625b3a2f934dfbc09b9bf8daaa226ed39e92ee75cc9f4e60b43a4015dd702a2e211b374f04442d7d5eb754a32bcc34f09386deaa4891","ssdeep":"384:KxkLOwpjQHkFDn+4VYswqh6g0i+GuCQpOzfvCcBokp/:KKQHkFxOswqyi+GuOzWkp/","tlshash":"62b286c0bf1f265f81d7f37550bd6444ee3cc135824695f4b8f94048aad468863aeeae","size":24617,"data":"","first_seen":"2024-08-21T10:14:51.936536Z","last_seen":"2026-01-11T13:34:43.852718Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ba3b60c9fe8b0293f45614de5463010","sha1":"e2d7813078665eb6caf38e0cc138ef2e121c4575","sha256":"77f3fe8aa8c5c84a3a4162fe9a5ebbdf998a2980729c0d9f64467c0e39e4fe4c","sha512":"49cb83047110db506b4e1cabd9322f32d4e97770b009dda8d6150ae34c93bf4ce3cbbbce9b33027d02722a15ef7d58b8178b33ef4d6a0a92684cb2d6fdaeb2c6","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJFMoZm+odXsJ5Ar6VKkOP6x/:FGABPVhO5wdKJbMo4sJ5Ar6kSx/","tlshash":"25644bc8f183b0b606e6a1a5009f5207737a151968ed8498f574dfe968e8e5c633bf3c","size":324094,"data":"","first_seen":"2025-10-27T09:17:33.308043Z","last_seen":"2026-02-01T02:00:04.952968Z","times_seen":9308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82fda0ebb74f4b114af33d2806d7eede","sha1":"aff980422b6f318ee27d39d70e04fe23575e3174","sha256":"1035b6c9de3df2fc9d62c2ef69031dd9552aad8989e769d5a75b978556bbbbf3","sha512":"1b08c666c27284b916f5a36cc76f77b14801ffdbd84e5c114e73bb7f60b4a7558557e0c7e349ec6b09a74b48de8e9e71529f5ab503a914f357dc834264a8fbd0","ssdeep":"384:UJw/U5YK8Hx9KJhThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJhThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"c852c6a7b2a4782d42379712708f3205f33b7d45b215da19f36edcea4aa84c16056f3e","size":14213,"data":"","first_seen":"2025-12-23T06:37:53.081382Z","last_seen":"2025-12-29T09:53:34.570083Z","times_seen":422,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9b1475385717b67054a18045afa6001","sha1":"54f21b7853f42f57e619227baab1daf8d2e0e8fc","sha256":"c413c29f248f260ffe669c5c46a752c74e5af60ba2ce3955a322d8064a8ccb9f","sha512":"de8c17f0e4f951f940097c42643c2cb4a44257edc74ae2c9ca019284c3fad108f647330d2bc0e6fb34bb73db2c26519f457c1ea1501266089f7636a10333a043","ssdeep":"","tlshash":"dd31cd0473a1b25c21ff327525dfc88c82baa0449b2751d1a02c59494fd74de367ba7f","size":1746,"data":"","first_seen":"2024-05-15T04:40:30Z","last_seen":"2026-05-29T11:48:11.989064Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b2897743e3549a2cef30483faf5754f","sha1":"5a390b0b6ac574399766e9bda0927793a8b42a7f","sha256":"f78377f66d231fcff1d7834d79592ef71151bedda75125d5288562a2ec5713fb","sha512":"43f6827aa6b3dc7cad8b60dcda0db49a69fcc23031539766cb8a0841c996676a65d1fbfb8de617a42144637cab27b60f2a016be91cfa6b25b3d63eba640afda1","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOccErQYIMPdLMz9o115:kyWFW1W+fM4fYkBLMz9215","tlshash":"b434c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","size":240941,"data":"","first_seen":"2025-12-23T06:37:52.990778Z","last_seen":"2025-12-29T09:53:34.561414Z","times_seen":472,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b894f83e14dd0ac7b97f23fe50ffe4c6","sha1":"e0bb6bb419418782cfaa396790422a3d3fbd0603","sha256":"d8cb5d2045d17ce977d66141768bc091c32be50617794b7a317662a0242032cf","sha512":"cde7a72c124b02ed618b406c3270015aea678bace1b76abb70246dcab427b834a957ec0c9476ad96ee134677d244c12bb4b843f38befb13c1c68053455459115","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCEGN//h6LiJq:SzP2D2SLi8","tlshash":"c3822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745df245a8cc2906af3d","size":18392,"data":"","first_seen":"2025-12-23T06:37:53.053164Z","last_seen":"2025-12-29T09:53:34.539332Z","times_seen":441,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22c3555f28e4cf14ab05055e09ad71d1","sha1":"a0dd8c5ef635b620c7aa12b4258272c049d24619","sha256":"a0d483681b5857b4153e8923ad497547a5cd0235537120c3f69d187775e83a6c","sha512":"d2608848e7c273ed0cfd37b66ecf306b83307b16a396763225ac552dda83d1d680afbed0f6492fd99ff8ac70504a3db44d72a817b42489fa0ee71e6b94d55a7b","ssdeep":"","tlshash":"92e0c66c3a00bc31922349a321f2ee0c34b23028a006e80088ef8c482a08c89c02cf88","size":332,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.925779Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"63469a4370507df06c5c4e8b4df35d3e","sha1":"765f67dac2f11d590f979329682936b2e20444c0","sha256":"e53ba59b1b0913d9c153beb7685d3c5a31bdd981ff6e6a865e2801bbf3a032e1","sha512":"b26d249359f16a08b947cc5714d7d07ac08ad1088835fac6fbd1818864f1cf90007f97a6570625e48d5280df228bd0ee2e0c690b1f6fed3ffcc2d342a4c406cd","ssdeep":"","tlshash":"09b011b8200b38020c03c02b02b8ba0032083823c8c0a020323b080c2fcc0032aa8e8a","size":95,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.930817Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/user.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"105a7cc139fa3ca9f393344f7bca22eb","sha1":"5d89cf27d62e9fe5911432fa2ed4e42f2d650efc","sha256":"7686e5819694aeca81184fc9cce92fc80986108856e512425482c3a0a597ae9a","sha512":"6f4babb706414795d07e7d395b153f7417458dab566bb8fe1307e81aeb9123db74d91753914472a533bda8e2652a6b20e45374e3443017136b8cd6447ccdaa14","ssdeep":"","tlshash":"22d0a759fd125a06dc51453c5c3a172d4e122ad5a5123b20d2f248e4d738ccee515d9d","size":225,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.828164Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"8e01a9fb017b2eb1cee9f855b7b392be","sha1":"55005beb4961dcfb304614c82bca3ffd9a839889","sha256":"09642d62de21f9dae2142f3e15ace27391a1c33c9604124bacba126648075246","sha512":"f8905924e078efb6439d9eed0a98557da0a94887474529f5f616ec0bbbad3b7f4f38a9c79d15d2752d9adcb8bb61350038311ac29723d919a5db3201f73b3bb6","ssdeep":"","tlshash":"29412f00f9ff939026737abf16f749043be4042be509c205342d16b05fe8ba8ba96385","size":2207,"data":"","first_seen":"2025-08-08T06:21:29.565169Z","last_seen":"2026-05-08T10:05:13.113266Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"76a88e73e3250b47d1e782218a32f44a","sha1":"3b2aa7f8e931c40a310f6b550f90498179a917f8","sha256":"21bf7bd694b558991eb21d1441acaa66cebcca827a101ebc5d6aef5ac03e8277","sha512":"6b0a6379154cbb6cb4cb501bdf8996e5c205ae3ef811cd270fe473103f55b01cf5596a119960db44cb280ff8ba1adb8c006f5a094e15fbba1d59f3c93103d778","ssdeep":"","tlshash":"6de0ab2998e7063c4cf67e481038ca3934f838a4aaa3d017625cc83ccd39fc50c10aec","size":424,"data":"","first_seen":"2025-11-07T07:27:59.639997Z","last_seen":"2026-06-12T11:41:48.47038Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/map/load.js?id=TWpnNU9EVTBNREEy","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c272e3deea771412e89c86dd1c42c4e","sha1":"c9d46c219519ca262b46504b82de8f6d5c799b7d","sha256":"7b1730e28953406af19f65f23ae76fbd6520afd3a5d489aa92c90f329bf35b46","sha512":"5f840740cac842a4d69e6f732896632b4a4283550e942d0e513f7948a9365bd87a9500d58e853e5e40802bbd670c5805bc4aedbf563e335c868274ba15a8e42c","ssdeep":"","tlshash":"33e02e16b528081b813a3330f3a3337aae32041f15141283b28c8e906ff3aa4b2a5fc0","size":306,"data":"","first_seen":"2025-12-26T17:28:43.851046Z","last_seen":"2025-12-26T17:28:43.851046Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"496bd7d4bf3777ee2a7216c5c0b636be","sha1":"190b802fbc0eec44fc014c1c8b8bc48f7571f8a6","sha256":"9c710034f6d2d36e6d1cce7ec6ec947db6ef35c2c82561265380a926c99bbb3f","sha512":"499c6b6a691208053c086107260922f6e4776d0fb65b3639350815ecaa0d26070c26138bf7726002879dd0c23278db8ad31f740bc1f60086d0b7ebb0172e619c","ssdeep":"","tlshash":"09c0128eb8a129125033b05a8e7bf904ac1620876e14cdd138a540ad0fbdcd640bfe1a","size":186,"data":"","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.936011Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"bd175b9e5405b012f5e15bee6427c3a9","sha1":"4b8896035c55ceecbe33c66a91c897cb2776ca21","sha256":"42b95b7ca852df199b49c8cc9920acade6c251bc795a4e27d128e2d2e6be1adc","sha512":"f4cbab1cc3f436201f1ff66e0da14e52fc908b2d8ffe26862924d2d0798d94b14d56d95f32eb9869096704766f2bef5882afa286d379795cd70a7aae9d32e910","ssdeep":"","tlshash":"79700088003828228a2080023aaa0823202c02228202aaa02220002080a200c20ec222","size":23,"data":"","first_seen":"2023-03-07T12:22:34Z","last_seen":"2026-06-01T06:33:18.042265Z","times_seen":190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-06-07T08:16:34.45127Z","times_seen":242447,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetmodels.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113543\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":89,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/style.css?v=64e73af5b167a2.01.73.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/style.css?v=64e73af5b167a2.01.73.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: text/css\r\nContent-Length: 10277\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8f9-2825\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10277,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"55e8e2c0effde721bdd0be8a8afea5e5","sha1":"6f798ed8b4c48d5cf8f486ba32e3335a2d385b34","sha256":"287ed65b38db729496372e34103703d46bdc2b2be957aac51f92a36f75a37a9c","sha512":"deece667b7597aa3cb38bf945f3cd31d8f853b4f9c48db11a4f7eb726c9334407c36f2a046b5a6f55e54c90d7b8a290909503d9fc70cbca925f0cc9d80c81153","ssdeep":"192:KrTcRL/8VXj2bZKms73Dv2ZEBTVEVS7u65S7WS71:VmVXj2MDO6SsAn1","tlshash":"b422326a9a26200d7363a9b9bfba4e69dd340423db1742ecb5e4500cd7e913c27737c9","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-02-09T10:41:15.868733Z","times_seen":49,"resource_available":false,"data":null}},"time_used":966,"timings":{"blocked":67,"dns":0,"connect":41,"send":0,"wait":807,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/map/load.js?id=TVRRek5qZ3dNakEy","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /map/load.js?id=TVRRek5qZ3dNakEy HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":42349,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (375), with CRLF line terminators","md5":"f3510fe48d20d5b0f8f1ee966891db95","sha1":"b1131402bcede087bab6f44855420dfe14cef04d","sha256":"5ccbbc8dc4eb316e5daae035535e5652f825c7509543190a94d5a47eef5ffce7","sha512":"3bbe78b236e152286b53e8670ec708a259c72eab3a1c1078fb23efc6b1715a20ddb014872f478711f3b08c865292b594adfc0617a1f13781075b1a5463436140","ssdeep":"768:mapppppppppUUSMKKqVRWzKqlkEIepdEx4HBP7PpQ4T:VpppppppppdKh6R6epdEe57PpQ4T","tlshash":"e113f01466da192b327362f64aa11b4ef9a0810fcb0784c571bc179bdffae149d43dac","first_seen":"2025-11-07T07:27:59.595025Z","last_seen":"2025-12-26T17:28:43.848069Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1104,"timings":{"blocked":777,"dns":0,"connect":0,"send":0,"wait":325,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/15.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/15.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 27642\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-6bfa\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:20], progressive, precision 8, 176x150, components 3","md5":"38f01f44d9378e1e825e3d75cdbe0887","sha1":"75166fc03b444c866c83777c749f1aa407d5c1fb","sha256":"44fc60389d2c66aef2955ce8ceb7d3be27a397031eb291fb0aec4350bc00a40e","sha512":"4eb0b119b091b514798177e1b4e328a96d318f4409eccd7da93915ed2c70ba5d5a3c9c3648af9d576f494adba104c759bf9ce43e86f082eaff9696dc70059059","ssdeep":"384:6zee9xQykzGGf6iqLzee9xQykzGGflna5LvjQiMOADEbqPQvbkJDdfcZaeP:6H9xVnGf6iMH9xVnGfluIQ2R9ctP","tlshash":"e7c2bf15b7a9ad12ffd4693988eec351c3339c941ab355e6788d68847ff11a48c8c7c2","first_seen":"2024-08-21T10:14:51.89325Z","last_seen":"2026-02-09T10:41:15.85985Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1837,"timings":{"blocked":1534,"dns":0,"connect":0,"send":0,"wait":260,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/images/signup/signup-form-girl-rt1.png","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /images/signup/signup-form-girl-rt1.png HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/png\r\nContent-Length: 63737\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:49 GMT\r\nETag: \"6908d8f5-f8f9\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63737,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 91 x 400, 8-bit/color RGBA, non-interlaced","md5":"a36950902153e2e0eadafd5ec0d75cea","sha1":"807560dd834c3ea8d0beb71d83050df1ab9a4af2","sha256":"3b40858859318d4cc85f1383c99686e957bfc29d11943247cee826a53ce3dc44","sha512":"e385880c1dd823ace4f9b4a18d96f159c1d0faeb42b0900035f47ddae11ef933d3f3c4c4e9a09482a71c3282974cd9e5f8bdf0debb423492fa82df3c36166a88","ssdeep":"1536:hNBj2ppGaciMidR7xpdSd6CZWAvokOJbAUWiq:N2jGjWRlwrWAvoQUWiq","tlshash":"e05312446e96bd2c3966de3ee5f1ac150d10bf389920b043cde8c07bbe9586a49c5ccb","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-02-09T10:41:15.866321Z","times_seen":51,"resource_available":false,"data":null}},"time_used":3020,"timings":{"blocked":2689,"dns":0,"connect":0,"send":0,"wait":280,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/map/load.js?id=TWpnNU9EVTBNREEy","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /map/load.js?id=TWpnNU9EVTBNREEy HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=ndr4bdeenppcq0nu85ifmukhl4; expires=Fri, 24-Jul-2026 17:28:13 GMT; path=/; domain=.usenetclub.bz\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y0ehyTaqMWqQaWW91Nm8eZLrA7nT1%2FL0RYeflPa4dYIw1xWVlZP9BwxHpYXUQwE5agFEdAsVlhZ84dRuohIO%2Bv0DoljmHuXFNbzk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bc9df56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":306,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"4c272e3deea771412e89c86dd1c42c4e","sha1":"c9d46c219519ca262b46504b82de8f6d5c799b7d","sha256":"7b1730e28953406af19f65f23ae76fbd6520afd3a5d489aa92c90f329bf35b46","sha512":"5f840740cac842a4d69e6f732896632b4a4283550e942d0e513f7948a9365bd87a9500d58e853e5e40802bbd670c5805bc4aedbf563e335c868274ba15a8e42c","ssdeep":"","tlshash":"33e02e16b528081b813a3330f3a3337aae32041f15141283b28c8e906ff3aa4b2a5fc0","first_seen":"2025-12-26T17:28:43.851046Z","last_seen":"2025-12-26T17:28:43.851046Z","times_seen":1,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-26T17:28:09.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":42349,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (375), with CRLF line terminators","md5":"f3510fe48d20d5b0f8f1ee966891db95","sha1":"b1131402bcede087bab6f44855420dfe14cef04d","sha256":"5ccbbc8dc4eb316e5daae035535e5652f825c7509543190a94d5a47eef5ffce7","sha512":"3bbe78b236e152286b53e8670ec708a259c72eab3a1c1078fb23efc6b1715a20ddb014872f478711f3b08c865292b594adfc0617a1f13781075b1a5463436140","ssdeep":"768:mapppppppppUUSMKKqVRWzKqlkEIepdEx4HBP7PpQ4T:VpppppppppdKh6R6epdEe57PpQ4T","tlshash":"e113f01466da192b327362f64aa11b4ef9a0810fcb0784c571bc179bdffae149d43dac","first_seen":"2025-11-07T07:27:59.595025Z","last_seen":"2025-12-26T17:28:43.848069Z","times_seen":4,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":155,"dns":0,"connect":44,"send":0,"wait":335,"receive":88,"ssl":109},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/fonts/Material-Icons.ttf?e8u1sb","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /fonts/Material-Icons.ttf?e8u1sb HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/icons.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 25548\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:46 GMT\r\nETag: \"6908d8f2-63cc\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25548,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Material-Icons","md5":"2fd57ee8ed6a7c3b1dd2093d68e4eb30","sha1":"e353d0935b6f4033dbf50217a057e8d7feccab82","sha256":"e3a1715a8802de8b0bcea54c766ecf62c66de8a831b76d1ab27e7f034ed43773","sha512":"ae6750444e08cd7b08f826cc15b5a5a5ce91923faca29956c1db12ab2de13a64ca129b55fe6eff7b138c1ad293c2098746ae6d786913c530011af6aedde5f7f0","ssdeep":"768:GjKm3C0YcRvpjajZJduI8PTTLKCAhx922a/wx8LuPGeQsFfJkvrId09G5DGz5A/P:GjKYC0YcRvpjajZ7u9TTLKCAhxM2a/wg","tlshash":"bfb23b13cb9fe91df819bb340d2a96512ddca959d138a3c729c42c82854fcf95adcac0","first_seen":"2023-05-25T13:24:56Z","last_seen":"2026-06-09T22:32:42.785129Z","times_seen":416,"resource_available":false,"data":null}},"time_used":355,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":274,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/client.min.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/client.min.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:21 GMT\r\netag: W/\"64ee2ab5-db95\"\r\nexpires: Sat, 17 Jan 2026 07:19:56 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 814096\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3fQ6yF5hdnLHwsVWGk4Ya94CV8xFT3V9iwKp0CzzdwKP8Z73kubqkehsXG%2F8WoNcWtiueArqvJu%2F969CAjMAkmrYvRVxeohNUtY6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bc9d556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56213,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33423)","md5":"5cd887b37bb83ac75da426773ab7d90c","sha1":"700dc1267e009a5013ae5bc6372863d30e512b3f","sha256":"67750f50258e66c35909534bc8b6f78484fddbb4c403d27ef821702d45a7adbf","sha512":"8e4744050d11ed95ac73fbcd28debe52c269188869b7fa26d6a8133f09e979a84d265d9dc520f42e62d2c5ce4226b99be1767dad9de266a250ec5cc1847d1456","ssdeep":"1536:31Yyen8fRr5MBp8++GsyKlgyeFAqU4Ojl24b7y4hz6XBAh:lYye8fRNA+GsstqNy2znh","tlshash":"7f435baeb1ca723657b631c5913f54053b7a4529488cd058fab2c890bd78e9e007bf7e","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.458629Z","times_seen":93,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/js.cookie.min.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/js.cookie.min.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:23 GMT\r\netag: W/\"64ee2ab7-753\"\r\nexpires: Tue, 20 Jan 2026 06:41:09 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 557223\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cgx9OaNU5iJTyEEy7JAap0Yi8F%2BKZHGQtx2TNKAykIWXYtcjYOaKWYzUWRD0I4ptpUtzuiVYWI3r%2BSKZtOZ78IgNhFAA%2BUflopf%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bc9d756ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1709)","md5":"01ed3a4cbcdac67a227bee91fddfd59f","sha1":"5d713bd0c24c7c42c3df7f9d2bc23448640092ca","sha256":"40e4123aaebb5e68c8eafe564f1217b07a421e38a1ff4c2b0501ec3287b3d36c","sha512":"a80242dfd0403d548af839cb4dd8b8885da07304c228f85c54389ee9987b307352308b03bbaf8331a8d6f962989bea760ac03f55184022103659c0cd739147cb","ssdeep":"","tlshash":"ae31b5c8304538994aaf1221a32f178ff0798e49bc8dc94a834898f07e36a0b4193fe5","first_seen":"2023-03-10T09:34:01Z","last_seen":"2026-06-12T11:41:48.44814Z","times_seen":109,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/signup/signup-form-girl-right.png?v=3","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/signup/signup-form-girl-right.png?v=3 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 73633\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Sun, 03 Sep 2023 17:48:09 GMT\r\netag: \"64f4c6d9-11fa1\"\r\nexpires: Sun, 18 Jan 2026 07:02:07 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 728766\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Np5gw0G7FfisQJgyNKsLK%2BvIhta2HwKthpNPBFrbuCQXXqB5wcJ11JIrj8%2F7mqRigZfdbDmiY4xlUX1e%2BWssADhzYp9y2NXNOoLV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1be9f456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 129 x 415, 8-bit/color RGBA, non-interlaced","md5":"89a739aa2857d1779d3416c4cb44e856","sha1":"9b0a79078e7a235202531f657a57783d9b0554b7","sha256":"6d345fe3eded8f3e163a777317bcdd5e6a7fca255b315b703c14e119927dde26","sha512":"2ddbfc8e94a66ba50de43ce8429d1a1146f3d67a39bc74096460ba0ae2b4f7d406e7ba08de18abcdaceaf8d689858abacc802ea161e7b3874d9f16ea3d27bf1d","ssdeep":"1536:uGgd3t2zRFYu1V7akHVCrgMMjpyWYrNk8BcwGtu1:ngZszRPWk1yEbaNk+cB41","tlshash":"a673021a793b5dd249457ce28c3d54c16593fd223be0d88d86d0e2f23906fbe6a1247b","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-01-11T13:34:43.852075Z","times_seen":45,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113545\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/fonts/Material-Icons.ttf?e8u1sb","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /fonts/Material-Icons.ttf?e8u1sb HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/styles/icons.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 25548\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:27:58 GMT\r\netag: \"64ee2a9e-63cc\"\r\nexpires: Mon, 26 Jan 2026 02:45:22 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 52972\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ux5AUPQJ16OgpxLPqqXpdLYqIqrRgyGbs2il1zdY%2Bn%2BuJBjCtix%2FXrxv6dy%2F30%2BjgcsoxJv10bvZlhtTsBNR9DHDjrM4OimVqvN%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b24690056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25548,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Material-Icons","md5":"2fd57ee8ed6a7c3b1dd2093d68e4eb30","sha1":"e353d0935b6f4033dbf50217a057e8d7feccab82","sha256":"e3a1715a8802de8b0bcea54c766ecf62c66de8a831b76d1ab27e7f034ed43773","sha512":"ae6750444e08cd7b08f826cc15b5a5a5ce91923faca29956c1db12ab2de13a64ca129b55fe6eff7b138c1ad293c2098746ae6d786913c530011af6aedde5f7f0","ssdeep":"768:GjKm3C0YcRvpjajZJduI8PTTLKCAhx922a/wx8LuPGeQsFfJkvrId09G5DGz5A/P:GjKYC0YcRvpjajZ7u9TTLKCAhxM2a/wg","tlshash":"bfb23b13cb9fe91df819bb340d2a96512ddca959d138a3c729c42c82854fcf95adcac0","first_seen":"2023-05-25T13:24:56Z","last_seen":"2026-06-09T22:32:42.785129Z","times_seen":416,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-3ea2c7ce.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-3ea2c7ce.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"52698c6dc96b5f2bd13e8f921334e398\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31298f8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5504,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5496), with no line terminators","md5":"52698c6dc96b5f2bd13e8f921334e398","sha1":"eb0adbc44ebc73775c5cca0a3851e8a6510d360c","sha256":"37527b07ac54a4567d7e23bde1edfde8ed74c4f30402c96fb56f4c0020c6af42","sha512":"032e41ececcfc651f34c235d15953baacb81e7cfaf492dd919c7fca2a7c49d507ae4a60710064c5419df70eb581254058dffbf1d0d4c53ef47d87bce4e036524","ssdeep":"96:60WlCWYW5rugkENQdx0hZUASzpqrcHZ73abT3Qlgjm6i5cCEsK7oGuyGwDf/2/5N:XBTW5qgNQdAR7c573abF8cCEsK72/5N","tlshash":"b5b11982b251b4668ab5380045cf6f07b07baf4f5d09cd50d783e4a3b230c5a9667e8c","first_seen":"2025-11-13T12:40:48.559139Z","last_seen":"2026-06-14T06:10:31.663504Z","times_seen":36636,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0da3af.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-2d0da3af.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"82fda0ebb74f4b114af33d2806d7eede\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b3129908deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14213,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14213), with no line terminators","md5":"82fda0ebb74f4b114af33d2806d7eede","sha1":"aff980422b6f318ee27d39d70e04fe23575e3174","sha256":"1035b6c9de3df2fc9d62c2ef69031dd9552aad8989e769d5a75b978556bbbbf3","sha512":"1b08c666c27284b916f5a36cc76f77b14801ffdbd84e5c114e73bb7f60b4a7558557e0c7e349ec6b09a74b48de8e9e71529f5ab503a914f357dc834264a8fbd0","ssdeep":"384:UJw/U5YK8Hx9KJhThWazJbUZDkM0kWEYPk6F+UtKM5eH:6+9KJhThWazJbUZDkM0kWEYPk6F+92eH","tlshash":"c852c6a7b2a4782d42379712708f3205f33b7d45b215da19f36edcea4aa84c16056f3e","first_seen":"2025-12-23T06:37:53.081382Z","last_seen":"2025-12-29T09:53:34.570083Z","times_seen":422,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/fonts/unicons.woff","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /fonts/unicons.woff HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/styles/icons.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 216020\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:27:59 GMT\r\netag: \"64ee2a9f-34bd4\"\r\nexpires: Mon, 05 Jan 2026 15:50:01 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 1820293\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=20oa%2Fx1A6q9IU1l8eEMYAHrCQbIPW6R8EhDitkeukhpJaJZxMKH9bxfVCse9D01LDINEAv%2FLvtV689RrNU%2F8B9F4s%2FAK%2Fo8un%2FA5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b23f8a456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":216020,"size_decoded":0,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 216020, version 1.0","md5":"bf075325fc6a4255699b8ad064e46ec5","sha1":"cefb4e8aec67bb93ff3def7235ab8cb4ed795bfb","sha256":"2d282daf87bb7159e394521d12a3fab8660f40fcef8295e0ad121696b277c2b9","sha512":"ccb812995b7dda1093d0c8bf6fa86c6a88b33190a141117e14c6bcdee9e71bbf3e2d4b1a32c92295e4d1e649c1bf73c1377b0aca163b1aa1ff4d6e976f38ca0a","ssdeep":"6144:PGW9YfSwS1oJBZ66dCM5JzYFi480fKE76Jc:t9KxSCJB5dCmJzYY4VfF6Jc","tlshash":"fe24132ef77224586d914d39547fb53eb473902b6dc339eabb9052aeb31280017361f2","first_seen":"2023-04-24T21:09:38Z","last_seen":"2026-06-13T03:45:25.439996Z","times_seen":688,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/css/message-preview.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/css/message-preview.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 23 Dec 2025 05:56:15 GMT\r\netag: W/\"81c75a0e54497a15d75c28168b257487\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b3229cf8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54000,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (53952)","md5":"81c75a0e54497a15d75c28168b257487","sha1":"bee41e283ee688fc5a81c864c771af7766ca85d9","sha256":"e762048b625fa5fd66d8e6a4267da9c5302b149fb3ea06d4ebd943085bb53462","sha512":"34b28938bb4e80eb5c271a7d5233abffd948d538b0a4ebbf2493fd40a146d5a962330cca4bd805e32d3faf444d9c5051d71952887fb2a790b852f31ae022fce4","ssdeep":"1536:fGUifm7kUdwddCri2iLc0Lg261F2BBCsEZf:X1V","tlshash":"cf3322b2f56710ccb363c22292d1f6bc202ae770d746ce96f427766c4ad12a63551fac","first_seen":"2025-11-24T02:42:30.965145Z","last_seen":"2026-01-16T01:10:38.098418Z","times_seen":4514,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/11.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/11.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 49945\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:58 GMT\r\nETag: \"6908d8fe-c319\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49945,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:05:46], baseline, precision 8, 176x150, components 3","md5":"e23f285feef322a592caf53a0d76c2b0","sha1":"57370154098f3a24a87671abc3c62504231c88a3","sha256":"fab1a5f88c64022c288f2e5c4ccd05abbc6014f5da49a3cbc39faec4906582a3","sha512":"f444c0b8a28ac2c0788ac9da76829ea842702e156131690e1ed56458228d2aa98b58f22cb0d5d121425bc9df9373645fc7fffe3b763bf814117ec1abaeafb199","ssdeep":"768:lHQCWXFGfPi2HQCWXFGfU452rDrWW9MvUrPulDt3zq2u8q3zYvfl2kVyn:WCWGfKCWGfU45QrzMvUbuN55wsvfl2fn","tlshash":"0623d194b7429c31f8c46e709cdacba282274fcc6b631299389d58457bb17fdad47282","first_seen":"2024-08-21T10:14:51.917461Z","last_seen":"2026-02-09T10:41:15.863613Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1698,"timings":{"blocked":1369,"dns":0,"connect":0,"send":0,"wait":279,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:300,400,600,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 26 Dec 2025 17:28:13 GMT\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23176,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"49148aa6aa83030c8107b048340b6d45","sha1":"0120fa4085b32b021b14aeae199e5dfade9bbf78","sha256":"c9232eb823d220300177aba31f7efd6e78e0ccdef46558336f8ede5a6efbfdc4","sha512":"2e5514ec03270ebe0019fbafead0722e2ab5e87b3ddc3e2c6a2beab2ab4ca36d6fa22835e6a88827eaba8f0fc9f0819a94e69fe3049539a389076b6baa8521fd","ssdeep":"192:NCddw24WrqKnbqGIwV4Mrz7xCAAN21/rqbnbqGIwV4RazqbCuuH2PlrqxnbqGIw3:0AYqY4tjXqY4ahhqY4tU8qY4Z","tlshash":"3ba22ba00027185063431de623de7e34ee0fa2657048d0766bfd8b9beedad6963b435d","first_seen":"2025-09-17T06:09:26.673739Z","last_seen":"2026-06-14T06:27:13.671052Z","times_seen":15196,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/signup/signup-form-girl-left.png","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/signup/signup-form-girl-left.png HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 77894\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:29:02 GMT\r\netag: \"64ee2ade-13046\"\r\nexpires: Wed, 31 Dec 2025 03:48:16 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 2295597\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oPFYZfqKKXLBn%2BVWjiJ8y3bBS2JEuQzSbKP%2BSO1gXrYeghXGQDoRo0f6x2nRwKGyo7hqyTtNmfT%2BJBXkNTF%2BY2s565PlHoPJiNd2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bea0156ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 107 x 415, 8-bit/color RGBA, non-interlaced","md5":"d81a3d09983bb7ed284f35ee0cdc1a7b","sha1":"c15506c537d0b79370efd5002ee6cea813b03a7c","sha256":"3107fa346171464740d8f3550b5d30bc582ad9081694ded607a5d25e379af41c","sha512":"bc63f07ae8bb5018c2e618901aac1c33227f8ad69836570db688022b4e10b5cadd0f2344e20dee850a27e8ff37eb0028bfb37f670de8e269f60934d1f4f9156d","ssdeep":"1536:UxUgonYyv2s55wNtTN+VJVMjL/td2DE95YSWsh2hLSBlo6+sAT46uWppAhJ:6UDlv2s/wXTkVJVMjpkAShhLw1+sQ46+","tlshash":"b27312565fc62fbb03867049836b9102aa4341b8a7bb326710c5f7733d89af814fd979","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-02-09T10:41:15.85163Z","times_seen":52,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-7941cc06.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-7941cc06.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"09a6b2a4fc1400ec37c1115e6aa1670f\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300521\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31499e8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53530,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (53411)","md5":"09a6b2a4fc1400ec37c1115e6aa1670f","sha1":"d703fbc76276de75b56fad5c189fb663146d116b","sha256":"59147272a66366aa00b1f3771a23f360ee90c3bcac88ad31f59d29562b2d3c28","sha512":"2af2fecb20cad761430bd295a3e8846ad7404f20c9610dc8e20010e4d941b9067a192e700a964b92fccd2289ae4a10eb0e2ae81db8323b49bc3c0543dfe0e457","ssdeep":"768:Vlxfu8+HYUmI+rTRWf2z+y+Um/+VRJWf/W+Hc1lt7Gj67IW8/JGvgLCBxf6stK43:xfurowf20UJWfO+Et7GZrC90k","tlshash":"a533c8c9b2d6f4258763632130af3006f27a4964a81dd155f334d9f6b9ece48a227f2d","first_seen":"2025-11-13T12:40:48.539817Z","last_seen":"2026-05-27T07:42:34.882187Z","times_seen":34008,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/background.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/background.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/offers/special_offer/style.css?v=1.0.05.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 195287\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nETag: \"6908d8f9-2fad7\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195287,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1227, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=1857], progressive, precision 8, 1857x1227, components 3","md5":"6fe4cae683fd4be6879050b111359096","sha1":"173b6bb020fac16311614554e41e01f64f67b5cd","sha256":"0d6ae3d99af2881abc479c657ccdee239154ebf02bd65bb2dbbaa95605344c57","sha512":"0a3ec33d38d6e407c07dcc0419afa704370c5ef3d5b48cc32f37999a7f391fef7090f4aba25c8670d702e9914f3fccf5e33d9e84c922539cb382f4f5441475d4","ssdeep":"3072:AqJzlD5Q6U41mtS5Cm1pPkCJPYRMVJaFMpp5YJQcAx9dsuGwMPrwClt9xM:AqJRVExSppPkEf/aWYJvAxXVxMPrw4t8","tlshash":"c4141245ff879c62c4c42bfd96ddd091aa765fa0bf039251f04c54683bb07a6ec4ca85","first_seen":"2024-08-21T10:14:51.906232Z","last_seen":"2026-02-09T10:41:15.846424Z","times_seen":47,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":285,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d224aff.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-2d224aff.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"b894f83e14dd0ac7b97f23fe50ffe4c6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31298e8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18392,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18392), with no line terminators","md5":"b894f83e14dd0ac7b97f23fe50ffe4c6","sha1":"e0bb6bb419418782cfaa396790422a3d3fbd0603","sha256":"d8cb5d2045d17ce977d66141768bc091c32be50617794b7a317662a0242032cf","sha512":"cde7a72c124b02ed618b406c3270015aea678bace1b76abb70246dcab427b834a957ec0c9476ad96ee134677d244c12bb4b843f38befb13c1c68053455459115","ssdeep":"384:jqiSR0nIa0kIrCQl2kL3kCEGN//h6LiJq:SzP2D2SLi8","tlshash":"c3822ba6f149311bc925c750605f2228b33b19a9fa1ece7df2745df245a8cc2906af3d","first_seen":"2025-12-23T06:37:53.053164Z","last_seen":"2025-12-29T09:53:34.539332Z","times_seen":441,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/bell-1.png?v=17","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/bell-1.png?v=17 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 4236\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 18 Sep 2023 16:58:59 GMT\r\netag: \"650881d3-108c\"\r\nexpires: Fri, 02 Jan 2026 02:49:53 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 2126300\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nHE4cwNj3fSJYSpcbSnxMygxvoUDQy7v1F42Ocwu6%2FHZ5xhiZzfXncz%2FO06pYaiVbPtdBIUOww%2FID%2FGyh6KUlkMwQ7ojAIPafMF3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1be9ed56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4236,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"a586bdc4328c25395b3a827c3916b2d3","sha1":"764580b24016fe5b042d06588d0b8f117b08dc5e","sha256":"30d038d08052fa49efd3ab79c280558d4af55bca44650eaf45f92812757236a3","sha512":"f172b9c5cd4d02049a46dd3eaeeeecc03765c9cfd296748cda43819cb4f04f12338b7156937b059ed9877985cd3c6b51c2ac9c7aa37f2d46fb334e8f5758f489","ssdeep":"96:6knGLWpomnQkPRHnKH7ggHbSJt/kIA8mciAzKsMchBUmlS3Mg/H:6knrHKt68IA8mcasMkBBiH","tlshash":"bf910b5afd41bd11c68c99457efa926b2b7757c08d82b181bcc9890364603fecd1e2ca","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-01-11T13:34:43.84721Z","times_seen":45,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/18.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/18.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 34933\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:32:00 GMT\r\nETag: \"6908d900-8875\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34933,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:59], progressive, precision 8, 176x150, components 3","md5":"2d75494344ad1461f24b3ce634f4184f","sha1":"f5e5a257fcc86421ac0761040ed8cb7a80f361b0","sha256":"31482837828d049fd85ffba26d90c5a6287b5f730211864fa5c3aa5918c5e97f","sha512":"dc28b77f2bb2dd592b439888232120c2e3a30e8798d100a94a1be0e0c987a4483bf3346813b34ad4e7ef9675a132dd870ffff93adce31b8057c8cdfc7c0f257a","ssdeep":"768:zUilL/dSGf9iJUilL/dSGfKYqyQleuEm5m4IBINW9uyaFl/T0Tjuv1:lRwGfARwGfKvvlehB2W9hT2","tlshash":"e0f2bf297b11ad53f8e46a3594e9d346e763aee0fee360a63d4c64443f312905d8ca83","first_seen":"2024-08-21T10:14:51.890281Z","last_seen":"2026-02-09T10:41:15.845526Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2773,"timings":{"blocked":2492,"dns":0,"connect":0,"send":0,"wait":279,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/images/signup/back2.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /images/signup/back2.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/template.css?v=1.0.330.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 215706\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:49 GMT\r\nETag: \"6908d8f5-34a9a\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":215706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 2658x644, components 3","md5":"596a7303fdff125863d2fe6759669aea","sha1":"c501bcc851dc5c9064bb494ce6908ba7a18d676b","sha256":"27f6b409e6b9e6887d15ca98a02f996464a6627bfe046598ca26b01e56dc2c49","sha512":"8000c84942e57a80ee2d9c3fdb68fbc71237168b40db65a2635d62b8cab1e53002bfdc86f590afde31c0b6c9b11bff3f218068f333f933b2cd83f8a86d2c9221","ssdeep":"6144:rPxMR6DqyUf3do1adyQNZ3xb8ZNB3gAzkiRzud:Tqsq5f3L8QNN4NBUJ","tlshash":"2424022125fd0d2ae79e19f3b60b9738dceab5594e982707fa192b24b144140df3ab43","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-05-29T11:48:11.971851Z","times_seen":61,"resource_available":false,"data":null}},"time_used":650,"timings":{"blocked":234,"dns":0,"connect":0,"send":0,"wait":265,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.com/premium?psystem_ignore","fqdn":"usenetclub.com","domain":"usenetclub.com","tld":"com"},"ip":{"addr":"172.67.186.216","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Dec 2025 15:56:48 GMT","end":"Sat, 07 Mar 2026 16:54:29 GMT"},"fingerprint":{"sha1":"E2:80:32:4B:4E:B7:2C:CD:28:DC:F5:63:19:C8:27:19:B5:6D:CB:DF","sha256":"68:02:5F:4F:C5:BF:A7:B2:8F:3C:B1:4A:C9:E9:6B:71:6D:36:8F:69:BE:D7:73:70:78:21:8F:AE:D9:D7:6C:E9"}}},"request":{"raw":"GET /premium?psystem_ignore HTTP/1.1\r\nHost: usenetclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 26 Dec 2025 17:28:12 GMT\r\ncontent-type: text/html\r\nlocation: https://usenetclub.bz/premium?psystem_ignore\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eeQn7IpONgkl74s%2BAlZp1PYduEnVi2Mr899nFZzRMD5VZMqFMVHyiN0%2FJ9k5jDdsgYXKDmNFHM1Cfs%2Fd7oPO%2FWETsSeSA1Xj8vrT%2B9tJ\"}]}\r\ncf-ray: 9b424b151cabb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53024,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T06:33:39.929127Z","times_seen":16406878,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":40,"dns":22,"connect":1,"send":0,"wait":151,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/plugins/toastr/toastr.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/plugins/toastr/toastr.min.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 5537\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:55 GMT\r\nETag: \"6908d8fb-15a1\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5537,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5215)","md5":"b36f28de584845317de40a7219c82b1c","sha1":"6de8657c8782561bc023478ab708179ed846db1a","sha256":"ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09","sha512":"54477e9eadb90a447aefa3bea4b0670d6d3d47b5505fd31d8a28f4e768150a9e72547de31ad1fbd07a3f514bf89890ec11d4efa91085660d0d2868a88c69d40b","ssdeep":"96:LozfdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrI:Mzf4BtcvvRqIQcNa74ccrI","tlshash":"f7b19384b220bb8b5b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T01:28:39Z","last_seen":"2026-06-14T04:06:07.015112Z","times_seen":5728,"resource_available":true,"data":null}},"time_used":997,"timings":{"blocked":772,"dns":0,"connect":0,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/5.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/5.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 30051\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-7563\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30051,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:00:42], baseline, precision 8, 176x150, components 3","md5":"a1cb3b4ec626e30befacab8e0f7b7bb4","sha1":"abce975d17f3dd96c8755f466e2258a7d143884a","sha256":"493212a2667629f4b7d3ffcfc63025f38f789dac0f55cc17a3671374ebf12656","sha512":"4ddfe266a028907d1ea9e7e551a5ffcff769c09572e3fb24696f4d6e77209e900c4cc3df0f380d04eaee8cad8b64474e5baa47ec1dcc8f1f902313fd2cb84df5","ssdeep":"768:yq3GfPiTq3GfBkT52Zhe1k6iYhnB0opcXyn:d3GfT3GfBkT5mwK6PNpcCn","tlshash":"0cd2ae00bb225d01fcec09b94cd9d3d2e367ab84beb721c675cc6501bbb5ba1dc98456","first_seen":"2024-08-21T10:14:51.910866Z","last_seen":"2026-02-09T10:41:15.858261Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2764,"timings":{"blocked":2456,"dns":0,"connect":0,"send":0,"wait":264,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/14.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/14.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 33524\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-82f4\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:01], progressive, precision 8, 176x150, components 3","md5":"b00751141aad4e7b17ba762079fdf37a","sha1":"e76a577add8789ab3dd142724bf2d30a77f1bd27","sha256":"e5305e6deb2605be94cb54d58bd5cad82d9058ac0617817c76c5e9396b436af1","sha512":"5fbf860f5ea0d6405811a91fc77625040dde9d31ed937c7f08496e54e976d79db01f7285c50a942d0311c38ceddbe45b52774ce2c4b0bdd43983051b672c11ca","ssdeep":"768:L6rHzGfTi66rHzGf89hSpoEgPb5HMgGsDi84mgDoJm:LeTGfneTGf8bSpoEKtHUmER","tlshash":"66e2af18bb954d55eddcb6b985ddd391f7230ac08ea310ca398dea217fb07808cd8646","first_seen":"2024-08-21T10:14:51.892261Z","last_seen":"2026-02-09T10:41:15.855624Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1739,"timings":{"blocked":1472,"dns":0,"connect":0,"send":0,"wait":265,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/girl-left2.png","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/girl-left2.png HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/offers/special_offer/style.css?v=1.0.05.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/png\r\nContent-Length: 77894\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 17:29:51 GMT\r\nETag: \"6908e68f-13046\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 107 x 415, 8-bit/color RGBA, non-interlaced","md5":"d81a3d09983bb7ed284f35ee0cdc1a7b","sha1":"c15506c537d0b79370efd5002ee6cea813b03a7c","sha256":"3107fa346171464740d8f3550b5d30bc582ad9081694ded607a5d25e379af41c","sha512":"bc63f07ae8bb5018c2e618901aac1c33227f8ad69836570db688022b4e10b5cadd0f2344e20dee850a27e8ff37eb0028bfb37f670de8e269f60934d1f4f9156d","ssdeep":"1536:UxUgonYyv2s55wNtTN+VJVMjL/td2DE95YSWsh2hLSBlo6+sAT46uWppAhJ:6UDlv2s/wXTkVJVMjpkAShhLw1+sQ46+","tlshash":"b27312565fc62fbb03867049836b9102aa4341b8a7bb326710c5f7733d89af814fd979","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-02-09T10:41:15.85163Z","times_seen":52,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":328,"dns":0,"connect":0,"send":0,"wait":300,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:17.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"POST /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetclub.bz/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 94\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":94,"data":"{\"logData\":\"{\\\"socket\\\":712,\\\"register\\\":0,\\\"widget\\\":2693,\\\"script\\\":2270,\\\"download\\\":423}\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-p5fw\r\naccess-control-allow-origin: https://usenetclub.bz\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Fri, 26 Dec 2025 17:28:17 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9b424b3689d576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fda44910deb1a460be4ac5d56d61d837","sha1":"f6d0c643351580307b2eaa6a7560e76965496bc7","sha256":"933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9","sha512":"57dda9aa7c29f960cd7948a4e4567844d3289fa729e9e388e7f4edcbdf16bf6a94536598b4f9ff8942849f1f96bd3c00bc24a75e748a36fbf2a145f63bf904c1","ssdeep":"","tlshash":"0e3000000000000000000000000000000000000000000000300000000000000000000c","first_seen":"2023-04-06T02:18:46Z","last_seen":"2026-05-10T02:19:39.188302Z","times_seen":38514,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/mytools.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/mytools.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 1166\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:52 GMT\r\nETag: \"6908d8f8-48e\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1166,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (708)","md5":"072952d99524de24ecc37cd7b03f4bcd","sha1":"6d0b5eee6c4bc5522401f03ebb36b3d804d18ec4","sha256":"cb519b70ffb87dcc53f777732a0585a078d7d2ce08ac7a701141b9e59e48d757","sha512":"579d902d1a91a0ed21f13a75df8d6e0a1fb941211ad4bf4e0d014f31a238f2a42a9db909e65c828d72b62edc49981f72049d2e94677c84e3ef05bc18891aad89","ssdeep":"","tlshash":"e8217f8288b13569982d1843f366eb31b6f3dcdfab190d15fa046c28688eb03c55e6cd","first_seen":"2023-03-10T19:39:08Z","last_seen":"2026-06-12T11:41:48.438169Z","times_seen":67,"resource_available":true,"data":null}},"time_used":814,"timings":{"blocked":586,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/12.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/12.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 36619\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-8f0b\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36619,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:06:09], baseline, precision 8, 176x150, components 3","md5":"4ee71a50b5eebecd7a87b1ff2cf4c9c6","sha1":"d1eb6af220709c988089cb15582ea894fc93a141","sha256":"84b73c44098be0ce05a7ec1480bcacca7c3d84e5e8769a249b92e2c9e98adb23","sha512":"8f3d99e79b479938485faf8e32753053aab7e7944d34e3ad187238601dbc5f3f592cdabb7fee3588981647c4dc6d9ddeb7a264ebd933f64edc161e70057d853f","ssdeep":"768:bLokutkKGfuijLokutkKGf8gig85hzkPyrQsU+hoaQc5u:bHKGfVHKGf8giL4GJVs","tlshash":"11f2c01c7b468d12fcd89a70c8fed782abe75de04e5341967eac18027fb23e19c59542","first_seen":"2024-08-21T10:14:51.918553Z","last_seen":"2026-02-09T10:41:15.870427Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1691,"timings":{"blocked":1375,"dns":0,"connect":0,"send":0,"wait":274,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/17.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/17.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 41205\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:32:00 GMT\r\nETag: \"6908d900-a0f5\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41205,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:34], progressive, precision 8, 176x150, components 3","md5":"02b69b17969954b155779122af159951","sha1":"3e6fb3dfd95fae1df7edf3f6eea4ec12eccecb3e","sha256":"3100e17242399391f8e2451ce5b4b711c9b5689b21927e32484d2ab14f89de53","sha512":"15066649f186d878070c92d1cebe6e2dbe2171cc3152ec5704f625bf0a06469babcadf69212aa9a673e745eb0651701379d6531f846bfde148d5ea8280bf3264","ssdeep":"768:OnHzOGfmiBnHzOGfKYnyYjK1N/BqcnQXBra6Mu:AiGfviGfKCvja/0cnQIju","tlshash":"c403d05dba029e51f9d5b9b858fad340e2732ed81d6399c77dcc5d823f911a40cce282","first_seen":"2024-08-21T10:14:51.891322Z","last_seen":"2026-02-09T10:41:15.860719Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2004,"timings":{"blocked":1695,"dns":0,"connect":0,"send":0,"wait":264,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/19.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/19.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 36379\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-8e1b\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36379,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:22:07], progressive, precision 8, 176x150, components 3","md5":"d155b1e8472c360d209f76f5633fcba5","sha1":"200a528f7f921b0e8eaba1c36d167a2aee9bdbf4","sha256":"6de85b4467b221081c25c8d9b32e32cd624d46490d4f1f5d4679e04a9654cc2e","sha512":"0c9f53e4b9c64213ae30697e0b6c3be7e9224e50d7f99eba915de60bfb854d2f330a4bf1f3ec18fef2e19282d00d16dd32dd6caf2c831bb5ce2e35831ff1ada9","ssdeep":"768:v3bGfmiz3bGfKsAyFOTekdN/a1oXPlVP8P7qxhyB/abAu:v3bGfJ3bGfKd9TewyuV9hzbAu","tlshash":"a5f2ae15b7a14d00f8d025b884fcd387a3a39ed46983594b3d9c3c82bf746d5dd9aa83","first_seen":"2024-08-21T10:14:51.895391Z","last_seen":"2026-02-09T10:41:15.853965Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2906,"timings":{"blocked":2633,"dns":0,"connect":0,"send":0,"wait":271,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/images/signup/signup-form-girl-left1.png","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /images/signup/signup-form-girl-left1.png HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/png\r\nContent-Length: 77894\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:49 GMT\r\nETag: \"6908d8f5-13046\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 107 x 415, 8-bit/color RGBA, non-interlaced","md5":"d81a3d09983bb7ed284f35ee0cdc1a7b","sha1":"c15506c537d0b79370efd5002ee6cea813b03a7c","sha256":"3107fa346171464740d8f3550b5d30bc582ad9081694ded607a5d25e379af41c","sha512":"bc63f07ae8bb5018c2e618901aac1c33227f8ad69836570db688022b4e10b5cadd0f2344e20dee850a27e8ff37eb0028bfb37f670de8e269f60934d1f4f9156d","ssdeep":"1536:UxUgonYyv2s55wNtTN+VJVMjL/td2DE95YSWsh2hLSBlo6+sAT46uWppAhJ:6UDlv2s/wXTkVJVMjpkAShhLw1+sQ46+","tlshash":"b27312565fc62fbb03867049836b9102aa4341b8a7bb326710c5f7733d89af814fd979","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-02-09T10:41:15.85163Z","times_seen":52,"resource_available":false,"data":null}},"time_used":3033,"timings":{"blocked":2700,"dns":0,"connect":0,"send":0,"wait":279,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"vsa3.tawk.to/s/?k=694ec5b083c0d2cea2a864ad\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YmQ5YWIzYzY1MjI0YzI2NDA1MTgyNjkiLCJ2aWQiOiI1YmQ5YWIzYzY1MjI0YzI2NDA1MTgyNjktY3VJeWlneUZPMTFyODluUVVrRUR6Iiwic2lkIjoiNjk0ZWM1YjA4M2MwZDJjZWEyYTg2NGFkIiwiaWF0IjoxNzY2NzcwMDk2LCJleHAiOjE3NjY3NzE4OTYsImp0aSI6InBRS2JDSm1xZzZHNVFSSDR4Z3F3QyJ9.LEFR0DkJd2NrweU63OlotaE4s-V66axlMefxDpKZrIVHk5IyCQbMbmf07-IjKigrBF6Wm0AdYcDv9UskXaGc3Q\u0026EIO=3\u0026transport=websocket\u0026__t=PjRj3gV","fqdn":"vsa3.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"172.66.161.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /s/?k=694ec5b083c0d2cea2a864ad\u0026cver=0\u0026pop=false\u0026asver=0\u0026tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YmQ5YWIzYzY1MjI0YzI2NDA1MTgyNjkiLCJ2aWQiOiI1YmQ5YWIzYzY1MjI0YzI2NDA1MTgyNjktY3VJeWlneUZPMTFyODluUVVrRUR6Iiwic2lkIjoiNjk0ZWM1YjA4M2MwZDJjZWEyYTg2NGFkIiwiaWF0IjoxNzY2NzcwMDk2LCJleHAiOjE3NjY3NzE4OTYsImp0aSI6InBRS2JDSm1xZzZHNVFSSDR4Z3F3QyJ9.LEFR0DkJd2NrweU63OlotaE4s-V66axlMefxDpKZrIVHk5IyCQbMbmf07-IjKigrBF6Wm0AdYcDv9UskXaGc3Q\u0026EIO=3\u0026transport=websocket\u0026__t=PjRj3gV HTTP/1.1\r\nHost: vsa3.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://usenetclub.bz\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: OpOWfo6Fkvs5ntXkXWlTgw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Fri, 26 Dec 2025 17:28:17 GMT\r\nConnection: upgrade\r\nupgrade: websocket\r\nsec-websocket-accept: OVmPDSQJpsejbG12rNdwjucdWGU=\r\nsec-websocket-extensions: permessage-deflate\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 9b424b323e5056c4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T06:33:39.929127Z","times_seen":16406878,"resource_available":true,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":32,"connect":32,"send":0,"wait":483,"receive":1,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/night-mode.css","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/night-mode.css HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:27 GMT\r\netag: W/\"64ee2abb-2809\"\r\nexpires: Mon, 05 Jan 2026 09:08:27 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 1844385\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U0oYq7d6zJBI7jSxdhZsB6xI%2F4WSDOdb99lWfth5hCpjtjgGF9iwSXoxOCHOrCzDaNjFk3Oh1VANV86TZizm8wsCTIcuHpVyjf0O\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1b797056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"c332f884a4a1b723cd70eb56f739fa87","sha1":"e3489762b153b005c670b5efa373669a290f133d","sha256":"f6ed4d643476e65c9167a73f71e7e9ed0c9afa50889b94b3f852c58c15d998d1","sha512":"758be37d545f9878633803ec0f38cb7112adabaca1adbb513cf16f59f97915745024b8c404d625473296066a94cf1d448301ba68cbdcbfbb3092aaab190a32e7","ssdeep":"192:TWrJK6Qoj9hyyl49WMmhm1hgK4G8mNALNp:dyAWvK2p","tlshash":"8522b882ebf22fae2e226136434355a4fb5ec0c2d9ef6f7870fd129b2257241c631955","first_seen":"2023-11-20T23:07:08Z","last_seen":"2026-05-08T05:43:21.837609Z","times_seen":49,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/3.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/3.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 43592\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-aa48\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43592,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 04:59:44], baseline, precision 8, 176x150, components 3","md5":"4f410d489996a4d1ac61a2293563d3e1","sha1":"7599d7d5c197b0729890e3a5d15029db6b70dcc5","sha256":"58242ff60601f943074f088a34aac6f18f0a132fd3e5fc5824154d5723817453","sha512":"57fc264a1d4f8c95ee8589554b128900139ca7c97824b82a6c63ecf2bb1e2aee4338f21cb978daa3a16ae2735d274fd8cdf9b90eef12f0043c97b519b0dffb29","ssdeep":"768:jAMu6jGfpiVAMu6jGfq2Uwg0vpHHDnlJyrnKAFj1gIHswyt8nKocs:jAMu6jGfsAMu6jGfq2UwxxHjnlJcDgcf","tlshash":"0f13d099eb17cd61f6c0627009d9e602cb73fe985393729e35cc2a08bfb4395dc09a02","first_seen":"2024-08-21T10:14:51.909047Z","last_seen":"2026-02-09T10:41:15.84997Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2701,"timings":{"blocked":2423,"dns":0,"connect":0,"send":0,"wait":275,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/girl-right1.png","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/girl-right1.png HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/offers/special_offer/style.css?v=1.0.05.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/png\r\nContent-Length: 103896\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:54 GMT\r\nETag: \"6908d8fa-195d8\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":103896,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 165 x 500, 8-bit/color RGBA, non-interlaced","md5":"0f272e69d9aaa8e7288c1e4cb2824c1c","sha1":"8aee243f21c9d4ccba95e4d44a94940480a92194","sha256":"6f5d1aee6dc8da31fb15b884a2d9d5a301085a1ebdf5f0ca80c7ca736d3cd7fd","sha512":"a1c32c7553efa1dff2754eae8d52c65a84d6c200150c4c54ede042cf83df18a0f136f09cec159e0d98727662ef502d530a118f5861bff7da3df30c037ca6425c","ssdeep":"3072:KAD2z+b35uNcjbzGuFOruX/RBE/NiO6SRt1FBa:KlzO35icjnGiOKX/3ElP6SRy","tlshash":"c5a312caf711f7996e645851d4d80814c033979ffde2e86e315ee1e620508eda9831fe","first_seen":"2024-05-15T04:40:31Z","last_seen":"2026-02-09T10:41:15.847236Z","times_seen":48,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":280,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetmodels.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113543\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":82,"dns":5,"connect":9,"send":0,"wait":9,"receive":10,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/framework.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/framework.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:22 GMT\r\netag: W/\"64ee2ab6-53365\"\r\nexpires: Fri, 23 Jan 2026 02:24:16 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 313436\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHEdX%2Bm2o1HDmksHu%2B8Nf9MK9cl0XjdnMViOf9ANrzOphGXc4YBRZ6%2BCdwsrdP2MIPD0AWn%2F662%2Bt4LS%2FQP3rlrGGR3yxtVWc7ae\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bb9c156ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":340837,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"f28b7b2e4bbb5e71c210fe708432c8c4","sha1":"28f0a78686163398a48beba73df2e6e807309abe","sha256":"db8c7d69ddd3412a9f467b5a3a34cac6970301aa5f6aedd6d28e7b6948546901","sha512":"f891f320b182d49818c8171e2376f9030fd785ed35fcda9069e05a2fafbab5305b0e5e63f76bbba6653ba1db93dd043db2beaaf92af10054faade9e8e138ee26","ssdeep":"6144:309EaigthxiCKie8Kob+NUPsPM78sxsJJTFwyh/4SEEWk3gfsBtK:309EaigthxiCKiZb5h78j/Fgfsu","tlshash":"d074504dbaf73096a623713d8bef8009b1798447080ade14bd5c92d45fa093856bbff9","first_seen":"2023-03-08T04:57:24Z","last_seen":"2026-05-31T05:18:20.047449Z","times_seen":362,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/vipmodel-not_active.png","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/vipmodel-not_active.png HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3343\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:28:19 GMT\r\netag: \"64ee2ab3-d0f\"\r\nexpires: Sun, 25 Jan 2026 01:24:07 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 144246\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0x3MQO1vgvOh1WwCzIBvgmp2CxG7S7s1oLdx9p58kPPUfR6lVS3H%2BbhwfjdFgidiwG8xCHXQc8WkTRUqLvBLHM6MH7WbZqROU2Kv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bd9e256ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3343,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 65, 8-bit/color RGBA, non-interlaced","md5":"fa50b949ebd1903a2719620706730a90","sha1":"c4b195e32a87be76b3bc2d03b37853663c763d35","sha256":"2edb67fc0c80e345a21c2f9aa88e65f5e924c055ee34d1cad2f569f5cef3c893","sha512":"b90c3382f9f61b8a51cdf066af4c9aa8c28dccace3118895572c89f9797cdd021beb956f5de20716dd97bbc45322594cd9e93988e697da7bc00caafd4664cfc0","ssdeep":"","tlshash":"29611adbb801a8a1a94c9f057ef9e7535b37be80ea51a1c5adeecc0346213f1c92d0d5","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.840971Z","times_seen":46,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113545\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/map/worker.js?id=TWpnNU9EVTBNREEy\u00260.7623077593445677","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /map/worker.js?id=TWpnNU9EVTBNREEy\u00260.7623077593445677 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=eee3lah7ufk0q7ua0e4aovm0c2; expires=Fri, 24-Jul-2026 17:28:14 GMT; path=/; domain=.usenetclub.bz\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AMXaLUg3q9wDmQCSl%2BP6%2Fwub%2F6d%2FsmS0C6H7jWjCzMxy4T8S0i1lpU9uFrB2l4b0WUUR6f1rFZAjAOQOgLWkxfGbMqBMSRCTKxhX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b24891256ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":599,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"fc6fb34397bab3f2e5a1f1789eb48ee4","sha1":"fa27e86f5de316656075d843fb01169ea38a95e7","sha256":"174897154441890c4818f9c5098ea7831de267a00b8593a9d7e4be81d2e4fca9","sha512":"151dc4492af9aef450126f293d33cd5224b660e30f020596580c0d49155f5aa7f7a886dbc43a60d7ea23a73a2aaebb54727ba787d8ada0f573ca3b71b626a234","ssdeep":"","tlshash":"f9f02205b0190d6fc2aa3338f23b312b5d359221020b8456b6ce0dd677a02b986b6f4a","first_seen":"2025-12-26T17:28:43.911868Z","last_seen":"2025-12-26T17:28:43.911868Z","times_seen":1,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/fonts/Line-Awesome.ttf?15lwq9","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /fonts/Line-Awesome.ttf?15lwq9 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/styles/icons.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 134244\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:27:57 GMT\r\netag: \"64ee2a9d-20c64\"\r\nexpires: Sun, 04 Jan 2026 15:27:28 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 1908046\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5qcmKzNV1C3E2cMZqEAwXTbVArhPolpujNci2f7iIdnbt1cDiBbJE84xlGiAvcp40Pbcaz6NyDEGqvVW1sTguyPUaxAPFr%2FDA98v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b24e95d56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134244,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Line-Awesome","md5":"4d5a0ee16afdab1b9ec06d5a44a7c1e6","sha1":"56f066981e308f8b8f4ad4f1b630436fac8ea258","sha256":"9764f817fcc5382247153978479aae66fd231147b0f3900b56e0bef096ca4ac7","sha512":"d16f5eddb486ca3d5b010d21ab44113eaeceae3e7a16c3390a7d2649ba1729502fd54f1d39f6864282bf5faf7a8c3d0a634e8138fa2fcc6207386e141e8bc11c","ssdeep":"3072:yqsS5j53qNMb6nhPEKDvrOTG29cn/DgCvgC1Sj3kK04i7M+yssGclfqL2u:yjS5j53qNMb6nhPE48G29cnUCvgCK3k5","tlshash":"fcd35c07cbc7de46c422b7fd5c1b62664fcaf530a23f87ce66005e05ae8a5f04d54a9a","first_seen":"2023-08-08T17:58:22Z","last_seen":"2026-06-09T22:32:42.807121Z","times_seen":81,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/night-mode.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/night-mode.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 8769\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:52 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8f8-2241\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8769,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8769), with no line terminators","md5":"5df037b0099612e56bf5c12a86e02da6","sha1":"886cb30a9650c1032c714accc052d678a4941d42","sha256":"dd4eeb54589c9f6735488eb5fd73de66e057bea83412bf879cb8d9ebf73cdb0f","sha512":"a7df3e233bd504eed0184d8d27f4f3baf061798f922623f3fcf336079714a76362994432873b8061179394e8486b10399dfc89a15c47cd61df34a5b2558ad6b9","ssdeep":"96:Stavj3X+htqdrbJMhquqotoqZqXI6BOSV68EXVdSQnSd56awyFLAaFEvESynBFzH:StaVd3Cwho14LV68EfSa48PZ6sM","tlshash":"0902c983ade11fbe6e127037438769a8f65640c2e5ec6f76707d02ab3243385d2726d6","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.456978Z","times_seen":64,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/7.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/7.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 38326\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-95b6\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:03:06], baseline, precision 8, 176x150, components 3","md5":"d75ceffe5e6ad45c014322def15d536b","sha1":"768e4b9f7ca2b1fe5d78e9c4afd22b5fda897302","sha256":"b07ed7c1219d264006387b39eacd9296e5623551ca4a42a435a03d17bdb2a6b2","sha512":"1a9c7f3026189e8e77aa7d3539fbc6b4e715ea645849d35d6a59b58e873857daadf5a57080e22999f55a313de7bab8e7ef603ae871feb6f8ddd947421f92052c","ssdeep":"768:DdCOoMT9Gf3ipdCOoMT9GfVEth74Kw2kD5/R5g/8FTm1yqrDjjyn:hCQ9GfyCQ9GfVS/wT5/q8FTmECOn","tlshash":"1603d100ff626d51edd419b988dbd2459373ab0062a752c37d8d2f82bff03904c6955b","first_seen":"2024-08-21T10:14:51.911912Z","last_seen":"2026-02-09T10:41:15.853166Z","times_seen":46,"resource_available":false,"data":null}},"time_used":1373,"timings":{"blocked":1099,"dns":0,"connect":0,"send":0,"wait":271,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/account/status/","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:11.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /account/status/ HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Accept-Encoding\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":42349,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (375), with CRLF line terminators","md5":"f3510fe48d20d5b0f8f1ee966891db95","sha1":"b1131402bcede087bab6f44855420dfe14cef04d","sha256":"5ccbbc8dc4eb316e5daae035535e5652f825c7509543190a94d5a47eef5ffce7","sha512":"3bbe78b236e152286b53e8670ec708a259c72eab3a1c1078fb23efc6b1715a20ddb014872f478711f3b08c865292b594adfc0617a1f13781075b1a5463436140","ssdeep":"768:mapppppppppUUSMKKqVRWzKqlkEIepdEx4HBP7PpQ4T:VpppppppppdKh6R6epdEe57PpQ4T","tlshash":"e113f01466da192b327362f64aa11b4ef9a0810fcb0784c571bc179bdffae149d43dac","first_seen":"2025-11-07T07:27:59.595025Z","last_seen":"2025-12-26T17:28:43.848069Z","times_seen":4,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":320,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/style.css?v=2.02.88","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/style.css?v=2.02.88 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Sat, 10 Aug 2024 00:25:20 GMT\r\netag: W/\"66b6b370-3bf7\"\r\nexpires: Mon, 19 Jan 2026 04:53:53 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 650059\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zvJ9sCpzHnWhkR9IyfnjOuOpL8W013aY%2BEpU%2F%2BCE3V7rgw5eT24Tt2Jo9E3ip9L0jgzuccHmnCGmYPGUNyPkVeP1nbOr1sJ5dl3R\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1b898d56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15351,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"efd697fb0f6ec6df6b64f7b07371d3ad","sha1":"391dddcb48947c79b2317c0ed0f18d542bb96e34","sha256":"045f2a8c9095cb040fa3028ca175e3369d04cd6e157fb7431fb383db95582ce3","sha512":"cf547dd27d6ae401242c684b6b607d15bd219e01a5cd0212dd0ecfd0028dbfce6fc6378fc600c0255aa352abe15638dafb1e9b61af97cdf86c147a6b7be8ac39","ssdeep":"192:KrTcRaK8VXj2bZKms73Dv2ZEBTVEVS7u65S7WS7PWR/4FBlT7oPI/EgidavHS/BW:VeVXj2MDO6SsAnPw4Cpy/5","tlshash":"6b626469da25210db233eae9bfb64f69dd340053db1702adb5e46108cbf913c1672bc9","first_seen":"2025-08-08T06:21:29.516776Z","last_seen":"2026-01-11T13:34:43.856114Z","times_seen":41,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/simplebar.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/simplebar.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:24 GMT\r\netag: W/\"64ee2ab8-24b9a\"\r\nexpires: Mon, 19 Jan 2026 18:52:52 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 599720\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oEOK46lgLzURjw8YAjZ%2BtKX7zCVwXUZzj1uxIOR0cgJ74XNf0YXQ8UOx85202oWHAm7jH%2FO6toe%2FZXbsJUBtuxjoWFONqWLNjHFB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bea0356ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150426,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"74c6c582c6bc6e2f900aa0741c4e6aeb","sha1":"c6c2968e8c1b4f01d06c5a76fc0db52f6411d9ef","sha256":"debf7e3134f924ee7dad356bee4184f8a8ec56c13873839c93dbbb75c0eef3a5","sha512":"3c6564a134c4ccf3722729b22b73b413a8b2707a2083d64b924414b691cd6175719a06229d033620970ea67d90bf7ac7efd58c8f6f107809d80dee505f920aa9","ssdeep":"3072:ZpLPboAJ5cbXH21VJDfSeuDJecIpUZaZA6i5ZkGHm8wKz:fLPboAJ5KXH2dDfSeeJecIpGaZA6ifkE","tlshash":"29e3b75a7ee261e2447771798b5f6104f638811b021de994bc9cd3e41fb0b3843baee9","first_seen":"2023-06-24T14:41:18Z","last_seen":"2026-06-05T23:03:08.015727Z","times_seen":581,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/languages/en_dev.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/languages/en_dev.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetclub.bz/\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/json\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"586d518585b166811a617b7f5060f71e\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300509\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b27ffe776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10639,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"586d518585b166811a617b7f5060f71e","sha1":"6ea81179776e5977ac49304b176923e61409393e","sha256":"2cc3a63ae0b79ab96b21a927c9f9a192ff287e877df5e54ee0b0dbe33debb900","sha512":"df7a3a88b5effe5f52c27897e20995a32973ae1b34aa260e42286833c68838afd61fcd0d4cc057ed5d8c941280e2e5167cdf394add607763363bdc96f4a099ac","ssdeep":"192:ImwHJ/LrnzPLEgVE1iN+xiDgGOy+HpVHnKWyay8V1K5Av+cE:sxLrnzXE1iN+xkDOy+Hp8/5Avy","tlshash":"18224369ce504ea702c29646399f35437624829b1f54382eb78891ac0f8ed6f71f77ce","first_seen":"2025-07-18T03:22:00.530906Z","last_seen":"2026-06-13T18:18:43.529078Z","times_seen":30250,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0d2b7c.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-2d0d2b7c.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"ecc9e5cf090bf5602a01763e2895acad\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300521\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31198d8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10938,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10938), with no line terminators","md5":"ecc9e5cf090bf5602a01763e2895acad","sha1":"1d07eaeecb0a31f0d95363694e803282518f81a3","sha256":"1cb6c04d780fb838f64fe8bad72bbc16ff24e2466f9ba3123471321f8342cc0a","sha512":"9ace38dcdfd09222ce1f2536d8e4acc781b0055d6ae35486922b86baa540befc98bd9a5bc67bb00b0ef09b9da16ec97b1fe3b2b676b1403cde8eb2c13981870b","ssdeep":"192:0CFny7CpmxwbZlR1cwr40v0zSrj5D6/L6LvGokD36b4hwseQ:08mChZlRNr40v0GF/LvV4hwsR","tlshash":"073295b7e0a1107ea316871c506fa610f61f6c8ab2161da6b67ab46f900ddcfc065f7c","first_seen":"2025-11-28T06:07:28.918411Z","last_seen":"2026-05-27T07:42:34.869974Z","times_seen":26442,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/fonts/Feather-Icons.ttf?7ncawf","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /fonts/Feather-Icons.ttf?7ncawf HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/styles/icons.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 65180\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:27:56 GMT\r\netag: \"64ee2a9c-fe9c\"\r\nexpires: Sat, 17 Jan 2026 07:20:10 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 814084\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kUUNAEhgU7ksD2qWRmpBhOX1B%2BNiZNGcGXAqg%2FVZ8Ldmc3rOIAowjtEBav306YEmi7DO4fnczC%2FbUrq48ovU8SqSe27omAVZBxfE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b2468fd56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65180,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Feather-Icons","md5":"3eb9decb545cb1d9bf6415db49050f51","sha1":"226a6783e54d86783c8d101b69c5aeea16461a38","sha256":"41feee4bd25fc0558549eaadbc6a9db100a07805d4a562c9e7dd1c12d6780fb3","sha512":"49bd30e69576bc0bdb20b74a75c4ea8f8c7e82ebe02b046501e5d8f63416c82ad3708582b7edae82e5a385ba6d63cc84411221842026968db4661112f3dccf60","ssdeep":"1536:EAAytdX9H3iGJjxOUVuPWvzjVfncx4RFAF5VC1PL2nl1GRztq9p6kCGrebQsaqee:EA3vX9H3iGJjxOUVuPazjVfncx4RFAFy","tlshash":"4e53196aa78bef4fdb679d7bb80161b24ee99435c32fb5475d851c024609cb80c583ce","first_seen":"2023-05-09T17:59:11Z","last_seen":"2026-06-13T03:45:25.42816Z","times_seen":450,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/signup/back2.jpg","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/signup/back2.jpg HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/styles/template.css?v=1.0.355\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 227996\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:28:50 GMT\r\netag: \"64ee2ad2-37a9c\"\r\nexpires: Tue, 20 Jan 2026 01:28:33 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 575981\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dmvg%2BWNnRMI4OYy7%2BxCZLoRjGfiAWJtwyQeYD2SGZbokbszsuOHo%2BDYpnZ7PWlqPk9mHuduSsTt0DRbUgNTTWXc0xzaIvmiNfVEg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b24e95c56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":227996,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2658x644, components 3","md5":"58a12bf5dc771eb476df21f4446019b5","sha1":"cc766ff33625b4e6b9510a900722985f33d6b329","sha256":"db5bbaaae33636d5b78f3cb1d2675ff8a37d7b38168b4818b9bf86676b8a7281","sha512":"4f22ae437fb4dcba4365694c50ed2bf53d36313b061835cde50530e212af1b828c7e5094ccadaf2859883ca292d726c4e6c9be62bd4e17e47ac6646c725c27b0","ssdeep":"6144:a1IB25/yxpXXWYEf09A+6G8AgnzBF9UrQ/t:a1IF/XxEf0qm8AGzBMAt","tlshash":"9824128f50a3b8f9f3dfce2b7a22ad4536f19094ee6d91a84540931f4d215b92704cbe","first_seen":"2024-05-15T04:40:31Z","last_seen":"2026-01-11T13:34:43.898219Z","times_seen":41,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/widget-settings?propertyId=5bd9ab3c65224c2640518269\u0026widgetId=default\u0026sv=null","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /v1/widget-settings?propertyId=5bd9ab3c65224c2640518269\u0026widgetId=default\u0026sv=null HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetclub.bz/\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-k4fg\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: GET,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, max-age=7200, s-maxage=1800\r\netag: W/\"2-22-0\"\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 1432\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\ncf-ray: 9b424b27ffe476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2579,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2695f2adf27db422a75573bd940cbeda","sha1":"c96cea3c7ad6277063fad36c146d8f40cd5ea68c","sha256":"e8b6b1b04fe28f468d669c5961ea5cd8b2119d12fbe803e7a151bfe02b4027a1","sha512":"ac4d3c02002d1638855941ac42efe2bcee3bc8f4587d3fd1b22264fa63c8f0b7deba37c4d16231a9e928e03d44d6175734a4b875729b73ca06992b62901e70f5","ssdeep":"","tlshash":"ee5155248a1a5d79a3cac25371da7a13ae3dd037d384590de1ac4e2cd3eb58c1212b8f","first_seen":"2025-08-08T06:21:29.555801Z","last_seen":"2026-01-11T13:34:43.849292Z","times_seen":39,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/css/max-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/css/max-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 23 Dec 2025 05:56:15 GMT\r\netag: W/\"a35b82146e32cd2ec43b3eb8a4926580\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b3239d08deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":100291,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a35b82146e32cd2ec43b3eb8a4926580","sha1":"3a63c7d642cd8906a52f6c3079ef6a4bb02e13d8","sha256":"4faf1e149eef70dc39b511ff58f489525c8f64e206ae008273978a9bc412647a","sha512":"c0265c5788ef8f93a93a3cf69dd66493f647fd84ccbf693817fefc0c7b64b26d2282574890787fb9a3cc0541ffd0e6fbbbe9e03308cf04483b801445b4338235","ssdeep":"1536:f/Uifm7kUdwddCri3iLc0Lg261F2BBCrikauV3cGiH27PNWE98MGfU0nPROpmi0U:jauVLmi0V0d+tKaK","tlshash":"e6a399b2e56710cc7363c22692c1faac1029e370c757caa6f827767d4bc25963562f9c","first_seen":"2025-12-19T07:47:26.371188Z","last_seen":"2026-01-16T01:10:38.050486Z","times_seen":2700,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/style.css?v=1.0.05.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/style.css?v=1.0.05.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 19641\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 17:30:33 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908e6b9-4cb9\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19641,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19641), with no line terminators","md5":"3e1a834fbe648a0a0aaa1c63ca62db89","sha1":"d33b4722f07b1b4b6aaf14ab83cf1ef2c693cde4","sha256":"8eb027497cbe1a832b1c6fbfc0b98acc4428cbd540ebf59310e5926024f8ec1b","sha512":"4b0b0ef237c8ce5eac939a3b1433dcf17e152f6f3fb75eef603e470d919c7e08636e8afc3af3ffc0739c4a15885683e0ff684b8f2010380a1d7ac470d8ac0947","ssdeep":"384:i8LblRhA6eekEhXr/NMuPWhVOgu9yI1JU2QS4TQ/lyBkktD9KLLwyF57rvp0ANeC:vLRRhA6eekEhXrFMuPWhVOgu9yI1JU2X","tlshash":"579230909aa5021d33d763b395cd628c5c78580be3230cefb178215cea066e69bf7979","first_seen":"2025-11-07T07:27:59.517911Z","last_seen":"2026-02-09T10:41:15.830093Z","times_seen":30,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":74,"dns":0,"connect":42,"send":0,"wait":276,"receive":44,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/9.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/9.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 43032\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-a818\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43032,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:03:59], baseline, precision 8, 176x150, components 3","md5":"5f138c47d06a94cb3a5a7e6abe0acf7e","sha1":"c623fe9169daa92106d1f186a433389a25186d56","sha256":"e70c3f038ab9e8435cbd08929a001e2ac7572867a4b2f70444961b626231023e","sha512":"1e6dc75ec9b041e685be8f97c940c9c0f50697f66045b76015a2fddf7742abd41038dcb421b9f3f0c33365792161440dc023098600c4c9c77e10e00476de46d3","ssdeep":"768:IfLV7dGfKiyfLV7dGfanw2ousA7TrSGcQ+/6rsiB43ioV7kt8DsYCoXrsTyn:IDVBGf4DVBGfanwNuXTrPcfks335VIt0","tlshash":"1013c0e5a7a36dbaf9c162baa0c6d2c293176f50b5b3a291744cb543ff733804c58507","first_seen":"2024-08-21T10:14:51.914605Z","last_seen":"2026-02-09T10:41:15.87757Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1538,"timings":{"blocked":1178,"dns":0,"connect":0,"send":0,"wait":277,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/plugins/toastr/toastr.min.css?v=1.0.01","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/plugins/toastr/toastr.min.css?v=1.0.01 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:30:16 GMT\r\netag: W/\"64ee2b28-1a56\"\r\nexpires: Mon, 05 Jan 2026 05:42:38 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 1856735\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GJ28O4nQZYURVSNqrjw75urlZx%2BuIUq3Fy%2BlBqruCTVoKbZd26C9Qn0ciy8geChch1c508iMeqMblJPZ5IC9ub0NPs7ScjlZgrhd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1b899256ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6742,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6455), with CR line terminators","md5":"5876ad95f95180419f8d66226d0892de","sha1":"09a44932722b26cf8abb90055a485b833bb89d21","sha256":"129293a5a0727fab8f9f956baef5b75c7484e083d694a97cfbae4e7459b60cfe","sha512":"47fa590c577991058a9ef33895408a20aef1fda8a325a75066798f1bc47edbba716bb49a74d5de8ff48c30ca91897be34d4584ce9a6b692c305ace244b621140","ssdeep":"192:u0sKZ6yjY1SqvKbBY8syRttzGjVMSbO68:u0s4pYR8PtMMSb78","tlshash":"6ad17431db812629fed3811ef45966092e1be1b3e6ed5dae650fa1acc2c67d05c33284","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.439948Z","times_seen":64,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/images/favicon.ico","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:13.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 25939\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:48 GMT\r\nETag: \"6908d8f4-6553\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25939,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"2c64c13fa0b8bd043ab66ed0807180a5","sha1":"8345611f9f805568b2a71fb6b58f9af1f91f21a8","sha256":"882a6445c39697d0b1a8e3c0775a0db832c8d6e5370414456a4ab4232cf3df85","sha512":"64217cab45c73039a6471d4302e72aa92b57a341465e1849a5519dbf274e6541806d3495f35f08084141bddc8bd1eed5b762a8b49770417a32c4528640a2a487","ssdeep":"384:Vjt4E6qaudbduqAgLD0VXNXCXWcgqQs+GMQGfUi2cNVPraTVgr0+uOAf98d:xt4+a04qdsXCGcxGPUuz2A0TLyd","tlshash":"adc2d0266fd82396c8ff2b15a0ac7a578c875046d12e3b69d33759212f148f3d9370e5","first_seen":"2024-08-21T10:14:51.920763Z","last_seen":"2026-02-09T10:41:15.872856Z","times_seen":49,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/js.cookie.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/js.cookie.min.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 1875\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-753\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1709)","md5":"01ed3a4cbcdac67a227bee91fddfd59f","sha1":"5d713bd0c24c7c42c3df7f9d2bc23448640092ca","sha256":"40e4123aaebb5e68c8eafe564f1217b07a421e38a1ff4c2b0501ec3287b3d36c","sha512":"a80242dfd0403d548af839cb4dd8b8885da07304c228f85c54389ee9987b307352308b03bbaf8331a8d6f962989bea760ac03f55184022103659c0cd739147cb","ssdeep":"","tlshash":"ae31b5c8304538994aaf1221a32f178ff0798e49bc8dc94a834898f07e36a0b4193fe5","first_seen":"2023-03-10T09:34:01Z","last_seen":"2026-06-12T11:41:48.44814Z","times_seen":109,"resource_available":true,"data":null}},"time_used":866,"timings":{"blocked":661,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/6.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/6.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 32960\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-80c0\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32960,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:47], progressive, precision 8, 176x150, components 3","md5":"490daa0ab4031d3c25689626385f3b70","sha1":"4df748fe036efdd14810bca80353c295f762977f","sha256":"a2848821a454d3c1eb96acb51e0f12a320e9247983e15a44090893b39a87cd68","sha512":"1c0bd8bfb6535d7f3c056309f127159494fc639987c12bd46b691ce5360ac18881cd8d781d89ebcdafc7ce7667edf8142d92a70d54f2c40c0288b0c811fdade7","ssdeep":"768:MtOBJafGfKiXtOBJafGfKxtyi+aOHdw+Y69Yyyn5cRKtk:McB0GfdcB0GfKTE1O6Mn5cRwk","tlshash":"17e29e157b91dc62f8d8a27884fce786a3734ee42f6329ca748db900fb612c54dc9587","first_seen":"2024-08-21T10:14:51.894324Z","last_seen":"2026-02-09T10:41:15.8235Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1379,"timings":{"blocked":1099,"dns":0,"connect":0,"send":0,"wait":277,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/8.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/8.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 48011\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-bb8b\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48011,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:03:32], baseline, precision 8, 176x150, components 3","md5":"5d499401bd468c74d5d259b8c8089969","sha1":"6f129dcb83a67cf7677d1f5c45f9267b3a09d49c","sha256":"94e3137f5cc1cccc03494e7ad4ed277c53e299e5dc85a0d23dd832b7cd56a2ee","sha512":"d5ac73415b86c51b350711883ca585f9bfa6adcc8a050cdab51a18c74d63ba4120e3bd1cce756a1b0418cc0aaf0738b666f57f2cb5b418c01d32ef1135887c9a","ssdeep":"768:lTis09RVGfpidTis09RVGfXqw2KJwHwToblxoZvTyeWwtnRAcEm4pdF/sfx4Qv0W:7qRVGfgqRVGfXqw3WQkzs7yfw4Fm6F/Q","tlshash":"e923d02477a14c62fce6257588a9d2836fa32fcc3b676245b4cc7d01bf322859d6c663","first_seen":"2024-08-21T10:14:51.915438Z","last_seen":"2026-02-09T10:41:15.82744Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1422,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":275,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/fonts/Feather-Icons.ttf?7ncawf","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /fonts/Feather-Icons.ttf?7ncawf HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/icons.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 65180\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:46 GMT\r\nETag: \"6908d8f2-fe9c\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65180,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Feather-Icons","md5":"3eb9decb545cb1d9bf6415db49050f51","sha1":"226a6783e54d86783c8d101b69c5aeea16461a38","sha256":"41feee4bd25fc0558549eaadbc6a9db100a07805d4a562c9e7dd1c12d6780fb3","sha512":"49bd30e69576bc0bdb20b74a75c4ea8f8c7e82ebe02b046501e5d8f63416c82ad3708582b7edae82e5a385ba6d63cc84411221842026968db4661112f3dccf60","ssdeep":"1536:EAAytdX9H3iGJjxOUVuPWvzjVfncx4RFAF5VC1PL2nl1GRztq9p6kCGrebQsaqee:EA3vX9H3iGJjxOUVuPazjVfncx4RFAFy","tlshash":"4e53196aa78bef4fdb679d7bb80161b24ee99435c32fb5475d851c024609cb80c583ce","first_seen":"2023-05-09T17:59:11Z","last_seen":"2026-06-13T03:45:25.42816Z","times_seen":450,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":259,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetmodels.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113543\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":153,"dns":0,"connect":21,"send":0,"wait":8,"receive":5,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/account/status/","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /account/status/ HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: PHPSESSID=fr7oca6tuau7jh1bbb4qk1o351; expires=Fri, 24-Jul-2026 17:28:13 GMT; path=/; domain=.usenetclub.bz\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yeSRGUmEgWRU5H%2BGPpmqx%2BgfcqSgp%2FIQIDPsG33pkEyBTJ%2FgVVDy7DzYL%2FWl7yGVU%2BcP3%2FZOFdP5zkygFIN8RXBdbSclLAA1vuPo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b424b1cfaee56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T06:33:39.929127Z","times_seen":16406878,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"OPTIONS /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://usenetclub.bz/\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-n0tp\r\naccess-control-allow-origin: https://usenetclub.bz\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9b424b2e38b576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T06:33:39.929127Z","times_seen":16406878,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-4fe9d5dd.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-4fe9d5dd.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"8249fafc9a9fbe0f75d4bef0aae2305a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b3129918deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1000,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1000), with no line terminators","md5":"8249fafc9a9fbe0f75d4bef0aae2305a","sha1":"fab6dda0967dfbaf8ba0cfe5cfade8e150d1735d","sha256":"69b650b4d6479fd29987836a9b74147aade85cc9c50024bcacd5dfb2cb793e8d","sha512":"d0bc9a750061e5b4b761db081656b0e1e655126a413aaa22e87ce14cdfaeac34d532acd08eb0d61274707212871f6d84369b8b2a1a6d3e6c3bfd3d4167afa865","ssdeep":"","tlshash":"f9110248f056b8fcdc8af64288df143034627d4a898cf9e6f5f0aad405555ab312bb5f","first_seen":"2025-04-29T08:39:38.372752Z","last_seen":"2026-06-14T06:10:31.655036Z","times_seen":44281,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/16.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/16.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 32960\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-80c0\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32960,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:21:47], progressive, precision 8, 176x150, components 3","md5":"490daa0ab4031d3c25689626385f3b70","sha1":"4df748fe036efdd14810bca80353c295f762977f","sha256":"a2848821a454d3c1eb96acb51e0f12a320e9247983e15a44090893b39a87cd68","sha512":"1c0bd8bfb6535d7f3c056309f127159494fc639987c12bd46b691ce5360ac18881cd8d781d89ebcdafc7ce7667edf8142d92a70d54f2c40c0288b0c811fdade7","ssdeep":"768:MtOBJafGfKiXtOBJafGfKxtyi+aOHdw+Y69Yyyn5cRKtk:McB0GfdcB0GfKTE1O6Mn5cRwk","tlshash":"17e29e157b91dc62f8d8a27884fce786a3734ee42f6329ca748db900fb612c54dc9587","first_seen":"2024-08-21T10:14:51.894324Z","last_seen":"2026-02-09T10:41:15.8235Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1966,"timings":{"blocked":1689,"dns":0,"connect":0,"send":0,"wait":274,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/framework.css","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/framework.css HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:26 GMT\r\netag: W/\"64ee2aba-5bc65\"\r\nexpires: Mon, 19 Jan 2026 18:52:52 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 599720\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IjAd7J%2FnZS7j6o3p2Rp1e%2FV32Uoss6DvTbkEVFNswckKU%2FZ7FfdMhSlgkj61lHuXTjhA0YYjRVtvCWUiAvpJY3culCDBigLtSZTK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1b797856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":375909,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (409)","md5":"cf4d1daa1c727ee7d8432d803429b559","sha1":"03b546eb7e7946ceeab67ed6fe0308c54b6b64c0","sha256":"32f679126f7ada2cfef1fb4cf93debd038c2192c366bc00f2a81ae99fd6e2811","sha512":"5c75819198ce603dcc7941b7c3d53b88aae6aec3bd6bffe3e1dceb1e3722fe8367fd9be26d2bcc95d2ae9bb8fe0c62e365a58a6ccfb6389638b3521b6db2b3c9","ssdeep":"6144:Rq65p2xO+/OeCb2Lu8hpnS7FQQsyIAfroS:QU2xO+/OeCiLu8hpnuFQQsyIAjL","tlshash":"bb8421d5a29276fe953301a6906ab5fbf7991fc2a13a6dab7bdd01c04f047830132d8d","first_seen":"2024-08-21T10:14:51.933727Z","last_seen":"2026-01-11T13:34:43.873592Z","times_seen":42,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/main.js?v=2.1.67","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/main.js?v=2.1.67 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:23 GMT\r\netag: W/\"64ee2ab7-6029\"\r\nexpires: Tue, 06 Jan 2026 03:06:12 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 1779720\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HamYdONNAtvCwtN9PFkoinBXAquHZYs7Dqvu96wizKDtuYqWSjEEw59CzB9RsTII394Tz5zdb2mcg9P5q%2F6uTvhWDU3vsGa4lzs7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bfa0556ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24617,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"25374fb0719def72cb6c6cfea9aaf07d","sha1":"65cdd3bc9bfb77b230163c659e415ced626d9b5d","sha256":"2a21d83a5ba9fda40af92d51f8ef1406b6cdc478500caae9d153ff4396695b55","sha512":"36b69f830dc8870f4bec625b3a2f934dfbc09b9bf8daaa226ed39e92ee75cc9f4e60b43a4015dd702a2e211b374f04442d7d5eb754a32bcc34f09386deaa4891","ssdeep":"384:KxkLOwpjQHkFDn+4VYswqh6g0i+GuCQpOzfvCcBokp/:KKQHkFxOswqyi+GuOzWkp/","tlshash":"62b286c0bf1f265f81d7f37550bd6444ee3cc135824695f4b8f94048aad468863aeeae","first_seen":"2024-08-21T10:14:51.936536Z","last_seen":"2026-01-11T13:34:43.852718Z","times_seen":42,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-common.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-common.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"2b2897743e3549a2cef30483faf5754f\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300509\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b2669dfb521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240941,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65458)","md5":"2b2897743e3549a2cef30483faf5754f","sha1":"5a390b0b6ac574399766e9bda0927793a8b42a7f","sha256":"f78377f66d231fcff1d7834d79592ef71151bedda75125d5288562a2ec5713fb","sha512":"43f6827aa6b3dc7cad8b60dcda0db49a69fcc23031539766cb8a0841c996676a65d1fbfb8de617a42144637cab27b60f2a016be91cfa6b25b3d63eba640afda1","ssdeep":"3072:I4MYggYqWzhT9dyWFW1Wn+fM4fOccErQYIMPdLMz9o115:kyWFW1W+fM4fYkBLMz9215","tlshash":"b434c69df186b47606a37130501f320af23a685ab45ac494f636d8e1bd789cea133f7d","first_seen":"2025-12-23T06:37:52.990778Z","last_seen":"2025-12-29T09:53:34.561414Z","times_seen":472,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-app.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-app.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300510\r\nx-content-type-options: nosniff\r\ncf-cache-status: HIT\r\netag: W/\"e736e189edb5d0d9d5b8e7f23dd9114a\"\r\ncontent-encoding: br\r\ncf-ray: 9b424b2669e3b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"e736e189edb5d0d9d5b8e7f23dd9114a","sha1":"bcabee193f13756fa9154fc492fe420c47140343","sha256":"13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd","sha512":"ea972884c185633ea238bdacea6ac9da0e0e92f88588cd85c214514c3597bc7d811c4dc4cd35b671dd2db97179bedceb38bd5d200abb9653fbcaeac2ca6ec7b5","ssdeep":"","tlshash":"a0c080ac1496fc9c1674154a8377f54a5cd510108055141015d851a11311546560c54d","first_seen":"2023-03-07T01:02:46Z","last_seen":"2026-06-14T06:10:31.63038Z","times_seen":86144,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/jquery-3.3.1.min.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/jquery-3.3.1.min.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:23 GMT\r\netag: W/\"64ee2ab7-1538f\"\r\nexpires: Fri, 23 Jan 2026 02:24:16 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 313436\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vwv1AFay%2FZzO0MAPX3JggMJTh2FgUSlVyHE1uIDao1xYNTGByXZhnKzAbHi3h8S7aXHy%2F5t9w6mxFH2IrMjbOQOZ%2BUmyBgt0HOU7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bb9c056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-14T06:31:01.621173Z","times_seen":135095,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/languages/en.json","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/languages/en.json HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetclub.bz/\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/json\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"4662c7c182dfe30065936bfa05f8c773\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300509\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b27ffe676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11595,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4662c7c182dfe30065936bfa05f8c773","sha1":"d1f155c335c31be5947ef8ebf82be1eee2782fc2","sha256":"2d2d85dfc80ec4f42d12bea574d59879d269b5c06557cf888367fbfa9036fe47","sha512":"abd2530371ef02602814b0bed360225c0530615c5db002d61511bca5e8cda0d8da2bd288631ee02da5fbf952b31bd4380284dcd56838277b52654f7d13dc6229","ssdeep":"192:wmr65/bLHzPrquLUVid+BCzfF+npqpe9svKGC6KEt1aZwf1E:fCbLHzxUVid+BEfF+np59L3Zwfi","tlshash":"ed323169ce504ea702d29646399f35437624829b1f54342eb78c91ac0f8ec6fa1f77ce","first_seen":"2025-06-18T04:11:24.033166Z","last_seen":"2026-06-13T18:18:43.521253Z","times_seen":49916,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/framework.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/framework.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 192040\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-2ee28\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192040,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3114)","md5":"51e6bbb769079eee54193d87f5249fa2","sha1":"17b4e0c71c9109b7ac6cac71badf225c256d3480","sha256":"15ae8fb27af125b3c7f8890b5c987a356cdef5e6668c176f88742af6e2c5afd0","sha512":"66af74e47d8fc8e0fc563c07c42516b5cf1502503a1892d2895062d2b51752f1460a686e823ac8e685ac991fe4f31f2be46aa8406077d4292fb5b66d4ce435bb","ssdeep":"3072:Zc+bS2TLkRmFzfFTYLVDa5lj/rJJZCYO36n9VY3:bVTLkRmFLj/Fm2c","tlshash":"0b14c8c9b381b069c6db6276502f1a0eb23aa4c5940ac058f578d4c57e75e09e13bffe","first_seen":"2023-04-24T21:09:38Z","last_seen":"2026-06-12T11:41:48.454182Z","times_seen":66,"resource_available":true,"data":null}},"time_used":782,"timings":{"blocked":390,"dns":0,"connect":0,"send":0,"wait":258,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/notify.css?v=1.0.4","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/notify.css?v=1.0.4 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Mon, 18 Sep 2023 18:43:30 GMT\r\netag: W/\"65089a52-21db\"\r\nexpires: Tue, 20 Jan 2026 06:41:09 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 557224\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6eMQNf%2F2rfki3VXit7MiwJSoZC8zsuGoprAgGp1SaALTujFxgeytMkAKZk%2FWCbWNlBmoOVkpubAnazWgpg4slvLLNws16bqFibQt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1ba9b856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8667,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"84101a5ff0a60896f8d193445b3572f3","sha1":"e80c84e8cd7e249aeaf9388ce42736b4a48faa1b","sha256":"f802d55fdca6db03e5593d7cb27817c1e01a83bb711b7ee5858840f8a1652896","sha512":"92b3494b3aae5334965c80df48e5eb1fdad88a1dc0bbefccfeadb0ef8801b6849bf497e744066f66628cfc509b0fe793a2dddd80e13af838fb0a3d3a16de5589","ssdeep":"96:onmCVq6SvIVBCd3jBW1BhIij+tZOgY59ZkT4D3j05PnI+bydjGeWCIvlzoYe4JPe:S/QnY5j44D3N2ydrhIlYf5","tlshash":"9202105d79171085d33aa398ebfa4b199d195143fe0309eef3d1210d87cca6c069bbda","first_seen":"2025-08-08T06:21:29.486213Z","last_seen":"2026-01-11T13:34:43.881991Z","times_seen":41,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/icons.css","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/icons.css HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:26 GMT\r\netag: W/\"64ee2aba-27a6f\"\r\nexpires: Sat, 24 Jan 2026 02:10:35 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 227857\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6wutpPXIpFbWFwGutupScfQBu%2BP8MF8rWBCF6QS9LFDQQwGCw7XjzoftzspxQ1MpN4W9GXOL%2Fh3576TxO0p7gTF20RjiScPJSmDL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bb9bb56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162415,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a30df7bb5b2c6be81afeccb796fa1de4","sha1":"b176538e95ccafc2343b88cac4e9886f7a3f56a2","sha256":"0286d62ea1d98557af990f78068fb0dc90f33d330b4f84e32818eb0f3a56a2e7","sha512":"751f1b63f94a7969b11c1400a0bfd730ecae0e3cf98dd91459d173e420a4fcab100ce730b7fbf407404f53753ce41a5c06f4835d9267d7e7d4195345f574b1d4","ssdeep":"768:akDNwlbq+yvTMC+3F+bvJyIfM+oYOd61U5kMcRaUdtfuzrKRh5QiV2fZdSG1j1uX:lDO/h3+wyM/61DwRfLXjns3","tlshash":"4df331eca8f841802740e4a027cb7254b751f16bcd458d1ef2d3aaaedfd524689e63dc","first_seen":"2023-05-22T09:09:35Z","last_seen":"2026-06-12T11:41:48.461495Z","times_seen":284,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/v1/session/start","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"POST /v1/session/start HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetclub.bz/\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 263\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":263,"data":"{\"p\":\"5bd9ab3c65224c2640518269\",\"w\":\"default\",\"platform\":\"desktop\",\"tzo\":0,\"url\":\"https://usenetclub.bz/premium?psystem_ignore\",\"referrer\":\"https://usenetmodels.cc/\",\"vss\":\"\",\"user\":{\"email\":\"\",\"name\":\"\"},\"consent\":false,\"wss\":\"min\",\"uik\":\"IIa_z0MbmTWzhnNDT6lFS\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-7r2c\r\naccess-control-allow-origin: https://usenetclub.bz\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9b424b2f59578deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1033,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b174fcad24b2f00f0448d4fd1a3a048d","sha1":"431794e4e2b24f8093b5815fd4299a04ed3eef2c","sha256":"882cc1a48a22953e6e28b5c64f3a920711a0c2293e9555a9b14698626eadd607","sha512":"4024e0f57ca5192f849ec4c00a5de4cdb5b29872a345ddb81a3ecb8a79c55c7c81cc7dbac350441e59465a6e98843753b4a63758c86bc44269e4cf6414ff8134","ssdeep":"","tlshash":"5d11a8161f8c4f56b71e2b5d49d13c8527cda5e364c84028d1d40d8a69bf3ba35415ba","first_seen":"2025-12-26T17:28:43.969944Z","last_seen":"2025-12-26T17:28:43.969944Z","times_seen":1,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"va.tawk.to/log-performance/v3","fqdn":"va.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:17.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"OPTIONS /log-performance/v3 HTTP/1.1\r\nHost: va.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://usenetclub.bz/\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nx-served-by: visitor-application-preemptive-p5fw\r\naccess-control-allow-origin: https://usenetclub.bz\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 3600\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: content-type,x-tawk-token\r\ncache-control: public, s-maxage=600, max-age=600\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ndate: Fri, 26 Dec 2025 17:28:17 GMT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncontent-encoding: br\r\ncf-ray: 9b424b35895376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-14T06:33:39.929127Z","times_seen":16406878,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/user.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/user.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 225\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-e1\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"105a7cc139fa3ca9f393344f7bca22eb","sha1":"5d89cf27d62e9fe5911432fa2ed4e42f2d650efc","sha256":"7686e5819694aeca81184fc9cce92fc80986108856e512425482c3a0a597ae9a","sha512":"6f4babb706414795d07e7d395b153f7417458dab566bb8fe1307e81aeb9123db74d91753914472a533bda8e2652a6b20e45374e3443017136b8cd6447ccdaa14","ssdeep":"","tlshash":"22d0a759fd125a06dc51453c5c3a172d4e122ad5a5123b20d2f248e4d738ccee515d9d","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-01-11T13:34:43.828164Z","times_seen":44,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":463,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/13.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/13.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 41944\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-a3d8\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41944,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:07:07], baseline, precision 8, 176x150, components 3","md5":"93b2bfa94f57873d2e1b90190fb558dc","sha1":"2805f40443e9c699f0b0b6e9dc2fdf820933e065","sha256":"e9353f1bb8465cab11ad912858525741bbfe34549bd8758965ff63d475e5739c","sha512":"18d5a333c8e1bf4c28da08a6d80f3b90a0fb0e56d8ea102dd5adb783d828063dd5019f80f56fb9c796195fa04cd5f4e22e8703ad21358ec084a23e87ddf42958","ssdeep":"768:IYqw5VGfNijYqw5VGfFQ52EF+KFbYVgJNUIFybV6VoU/0jfyyn:I1sVGfU1sVGfFQ5BMgvUNwVok0Vn","tlshash":"d813c070bbe19e23f8d135b589bcdb0296335ed07a871383799dae04bfb0a96cc48155","first_seen":"2024-08-21T10:14:51.91964Z","last_seen":"2026-02-09T10:41:15.859103Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1767,"timings":{"blocked":1419,"dns":0,"connect":0,"send":0,"wait":305,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/template.css?v=1.0.355","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/template.css?v=1.0.355 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Mon, 09 Jun 2025 00:08:10 GMT\r\netag: W/\"684625ea-31a7d\"\r\nexpires: Tue, 20 Jan 2026 00:03:54 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 581059\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fniwmp7aTYn2YaVA4d07fnesVD6rFe7egvZ90U9urs9dq3DgEY%2F1fJLHs%2B4hdX9S0e%2BlUEvSyJuIy5Zqx30lfgsuF39nwFuT0ihX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1b797f56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203389,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"efb919fd273f5a554ced3fbb5593d666","sha1":"b316d7d3a6bb15bba62164d8daf93e7b7dae13d5","sha256":"d6e822f771de09c6ba8f19637051073c20201103eef0ff8595e34e940a024cb3","sha512":"5ad7fd22831412e5e4a60a8805b2a9a5bd68009762d347ccc114537642dafec1272def649a327931cccb660819c74caa55f2e6473d688592f69a792038148521","ssdeep":"1536:/3fyrV0F0K4N9ZxaA6YUSCcRNzSnIbXxlHVfZ/QQxQVuQPiI:eUSCcRNzYgHVlwiI","tlshash":"941483a9ee8211067373d7a8e7b35779ff290013cb0206b9baf17158d784298596decc","first_seen":"2025-08-08T06:21:29.517901Z","last_seen":"2026-01-11T13:34:43.888812Z","times_seen":41,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/css/min-widget.css","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/css/min-widget.css HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 23 Dec 2025 05:56:15 GMT\r\netag: W/\"af9830eef563b4df395870a483ce549c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31e9c58deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36092,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (36049)","md5":"af9830eef563b4df395870a483ce549c","sha1":"2c678a245c7b8984569447c9bbfe182583ef7e56","sha256":"5d919993a3fe6ec4c27ec6696b643900c02b95584a4a21a518eb8809edf12531","sha512":"16416617f0c79b40d196c1a7df699f1e01a130e3df75a4f437b4adfc04fa666ac7987d080bbfe759b849bd81860e6bab5b2af02356a8814f0dd1fa9a64b726d4","ssdeep":"384:uTTacuVZNgxYe4fbgL3w23U3xi7vxEbXR+ziLwH0Lg26/tFTiBB6TX3DYC8:yeyna+ziLwH0Lg261F2BBCX3DZ8","tlshash":"47f2bef1f4b700c8b363c122c3d5f67c6459b770ca86ce92f427666c49e16a63581abc","first_seen":"2025-05-21T12:18:34.219676Z","last_seen":"2026-06-14T06:10:31.706316Z","times_seen":44164,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/10.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/10.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 40828\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:58 GMT\r\nETag: \"6908d8fe-9f7c\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40828,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:05:08], baseline, precision 8, 176x150, components 3","md5":"07f0baf6e6da5c5711a036d895eb35db","sha1":"687cd8f989e5c46ee7f46f45ed5364acc4ae828e","sha256":"93ceade9514c9f820347a262ae23469cc30283d0de9a09da86be30e43364a491","sha512":"8f40b1b84190884b62d176ae3017e32a3eacb7686b9961017fc375aef32d9fca9e496e2d8c51fde695f769361c24c7ffd425df78cc76451bf99c8a786ff2181a","ssdeep":"768:LFgKGfGikgKGfym52ir/BbXCX4kv/MYoy1VI7I6o9NUyn:LbGfwGfym5FhCX4oMYM7Cn","tlshash":"1f03d08ca7b28d46fdd52af695eac3809623df845343038bbc8e5c427b349d84d8d647","first_seen":"2024-08-21T10:14:51.916368Z","last_seen":"2026-02-09T10:41:15.841418Z","times_seen":47,"resource_available":false,"data":null}},"time_used":1475,"timings":{"blocked":1212,"dns":0,"connect":0,"send":0,"wait":261,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-vendors.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-vendors.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"3ba3b60c9fe8b0293f45614de5463010\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300509\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b2669dbb521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":324094,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"3ba3b60c9fe8b0293f45614de5463010","sha1":"e2d7813078665eb6caf38e0cc138ef2e121c4575","sha256":"77f3fe8aa8c5c84a3a4162fe9a5ebbdf998a2980729c0d9f64467c0e39e4fe4c","sha512":"49cb83047110db506b4e1cabd9322f32d4e97770b009dda8d6150ae34c93bf4ce3cbbbce9b33027d02722a15ef7d58b8178b33ef4d6a0a92684cb2d6fdaeb2c6","ssdeep":"3072:NTX1gABPVhOj6y1ekyYadM/9LJFMoZm+odXsJ5Ar6VKkOP6x/:FGABPVhO5wdKJbMo4sJ5Ar6kSx/","tlshash":"25644bc8f183b0b606e6a1a5009f5207737a151968ed8498f574dfe968e8e5c633bf3c","first_seen":"2025-10-27T09:17:33.308043Z","last_seen":"2026-02-01T02:00:04.952968Z","times_seen":9308,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/template.css?v=1.0.330.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/template.css?v=1.0.330.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 144782\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8f9-2358e\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144782,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e8b5d506c1178697015afb293367bfec","sha1":"fbcd7dff36fb144ef4b82a0c77b1134c6ec6aa57","sha256":"45b6cf726a8edf9ed1f3705748d5aecbcde77a536b8a84e549d2546954584fb3","sha512":"9f997ff206b54c4495e75cf272bc7c1cd6fdeb9bfabf38cbbd0d3a86321754ae46b2d50d271ee4fb7f120ca1e6fe24d92994f1e5dbe9d545133e74e22aa597b9","ssdeep":"3072:OK3Dqi8o5JKMNhX9cNNSd5mP7o5uU5L2nutdfFTw:z3DjhX9cNNSd5mP7o5uU5LYuTFTw","tlshash":"80e39493f5d1211cf06bc259e4c1babc353e8502d7231beaf5677369cb8a2d62563a0c","first_seen":"2024-05-15T04:40:30Z","last_seen":"2026-06-12T11:41:48.454801Z","times_seen":62,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":68,"dns":1,"connect":43,"send":0,"wait":269,"receive":135,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/client.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/client.min.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 56213\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-db95\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56213,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33423)","md5":"5cd887b37bb83ac75da426773ab7d90c","sha1":"700dc1267e009a5013ae5bc6372863d30e512b3f","sha256":"67750f50258e66c35909534bc8b6f78484fddbb4c403d27ef821702d45a7adbf","sha512":"8e4744050d11ed95ac73fbcd28debe52c269188869b7fa26d6a8133f09e979a84d265d9dc520f42e62d2c5ce4226b99be1767dad9de266a250ec5cc1847d1456","ssdeep":"1536:31Yyen8fRr5MBp8++GsyKlgyeFAqU4Ojl24b7y4hz6XBAh:lYye8fRNA+GsstqNy2znh","tlshash":"7f435baeb1ca723657b631c5913f54053b7a4529488cd058fab2c890bd78e9e007bf7e","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.458629Z","times_seen":93,"resource_available":true,"data":null}},"time_used":947,"timings":{"blocked":635,"dns":0,"connect":0,"send":0,"wait":266,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/fire.webp","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/fire.webp HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/webp\r\nContent-Length: 28716\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nETag: \"6908d8f9-702c\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28716,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e702ee0921737f0a9d145c68b059854f","sha1":"52fb55db8605b47d8f3c438da9eb7a014e93a256","sha256":"fe69a49a05c30ae9bf1612019ba06e07dab05e33328fb4c708ad5cd1fd01ca03","sha512":"172cde3a96df9ad58525eafd5f14f64ac0c40b6ba96923da6c2b10a0add94a765adcafe3a63b370b409489306aab63703d357af322febfbfa3b8466052e9e789","ssdeep":"768:c062zDhgtwXsi9HqFFrEVmhmhgPftM7K14OIX:bhXW6JDIhmkftOKJIX","tlshash":"96d2e17b2e48d26dd45a9f1163820bdf8fd00ae2fe9070b915542cc64db46e7cf15789","first_seen":"2024-05-15T04:40:30Z","last_seen":"2026-05-29T11:48:11.960308Z","times_seen":61,"resource_available":false,"data":null}},"time_used":2446,"timings":{"blocked":2179,"dns":0,"connect":0,"send":0,"wait":261,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/simplebar.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/simplebar.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 71764\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:52 GMT\r\nETag: \"6908d8f8-11854\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71764,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3425)","md5":"bf8eced6aa61b2f59c40d6cb53a08152","sha1":"713fc2a5440b876dd0db12e2b8dadaebfbf72bc7","sha256":"d70fe0d8bbd578b47b1a77d4707c24fa5ef5080a4fb1b64720a888ca7012f0b2","sha512":"f8496ca866f433809ed52c3a5d515d45d019bff4564f26f7e70e87016745daee304c0c0f8a3488d5387abbe99be6bc3ebbf0d1722180999358746d92e239e89d","ssdeep":"1536:eYH+yNlD00CHi3ucGvrob2qPq+qb1Kyi4j5UGwu6oc+71S:eG+yUU3ucGvroRy9e","tlshash":"70630a997781f07782eba269c03f170ab339a492511cd098fa7cdad95db0e04476bb3d","first_seen":"2023-04-24T21:09:38Z","last_seen":"2026-06-12T11:41:48.445177Z","times_seen":64,"resource_available":true,"data":null}},"time_used":2177,"timings":{"blocked":794,"dns":0,"connect":0,"send":0,"wait":1289,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/styles/plugins/toastr/toastr.min.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /styles/plugins/toastr/toastr.min.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:30:16 GMT\r\netag: W/\"64ee2b28-15a1\"\r\nexpires: Sun, 25 Jan 2026 03:39:07 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 136146\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lz%2BuLitvsWig%2Fmad%2Fx1pXz0rwRrP52TSRWzrst5zvGgt3xGaW2p2G2vjuuUO2FHuZNljot%2FcPEB2HFyNJCnIUXpfFihr%2BOlYLDBL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bc9d956ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5537,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5215)","md5":"b36f28de584845317de40a7219c82b1c","sha1":"6de8657c8782561bc023478ab708179ed846db1a","sha256":"ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09","sha512":"54477e9eadb90a447aefa3bea4b0670d6d3d47b5505fd31d8a28f4e768150a9e72547de31ad1fbd07a3f514bf89890ec11d4efa91085660d0d2868a88c69d40b","ssdeep":"96:LozfdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrI:Mzf4BtcvvRqIQcNa74ccrI","tlshash":"f7b19384b220bb8b5b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T01:28:39Z","last_seen":"2026-06-14T04:06:07.015112Z","times_seen":5728,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/logoclub.svg","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/logoclub.svg HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:28:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 27 Dec 2025 02:13:56 GMT\r\ncache-control: max-age=2678400\r\nage: 2646856\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y5SihP9ULOqg9He8Y0vAlRN18d0vZXuqap344QIgfbXplcxYU97bKPmb4KsNfPEiY7ccA0Y9Hxhhg%2F3VHP987n3jjtadTEYaXzGB\"}]}\r\netag: W/\"64ee2aae-ccd\"\r\ncontent-encoding: br\r\ncf-ray: 9b424b1bd9e856ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3277,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"04e2a1e275e22614148144f3783c1cfb","sha1":"4d9ddd1d6f9c03331310edbfd4233bff080bef48","sha256":"3b64044111b2465295136d1df6e3d31f25f161eb0347c6f09c5024d0204c1b0a","sha512":"e40078baf61bf55e7b3e530c41137ffa22c55d88879353610b32922d474138c8b352d28d55eabbbb8c357ccc5815d0ae7ceb688e7c131e91612b9ecd935dbe5a","ssdeep":"","tlshash":"c0610eb9162941f3a09b4b44dbe8358521aca6c3f0eae2d89763246b1d35eef40bc711","first_seen":"2024-05-15T04:40:31Z","last_seen":"2026-02-09T10:41:15.875231Z","times_seen":49,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/bell-0.png?v=17","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/bell-0.png?v=17 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 4496\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 18 Sep 2023 16:58:59 GMT\r\netag: \"650881d3-1190\"\r\nexpires: Tue, 06 Jan 2026 00:35:22 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 1788771\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kjCZ4KgJ1nrSP9MuWJBq4nWL2KVkjEjKYclYCI58AwU5iTkSg6UHmCJJp9zWhB4zu1EhxBAQQFTeJSShV3rMXBqyZXg3oDV5n7gq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1be9ef56ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"e7187b6df041aa91ea9da90e8d837b6e","sha1":"8f2b057ce472b8cd7f640ec562f99796872ce7f1","sha256":"9e67fc2bff4e38ac270417f83dd948f58e062a2b9d684ea2319780b2c287b071","sha512":"05c84d2ff9c992b55905f6c79096285014ce374fec9f0a7767146cbd59d83eacdc85e59d6ced6aba2a1c2b502a6f6f8d065a51bd4422c34c9f42296abb796aae","ssdeep":"96:EknGLWpoeTkKkPRHncoHh2H7ghHGmS5NGA6GpLOVf59ghVrrvk555dd46:Ekn3eHcoQY606rzkr/f","tlshash":"ec91e80deb11be50466d9a826de6a16b2b7713d8d292f050acd8ce425a701ffcc0e5cb","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-01-11T13:34:43.884568Z","times_seen":45,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/images/bell-2.png?v=17","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /images/bell-2.png?v=17 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 4144\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 18 Sep 2023 16:58:59 GMT\r\netag: \"650881d3-1030\"\r\nexpires: Fri, 23 Jan 2026 07:06:59 GMT\r\ncache-control: max-age=2678400\r\naccept-ranges: bytes\r\nage: 296474\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2FjOQMCQ1p9ViTH6VETOOqrfia3qMHQe72C8DRdipYUoLsoJvyhapdZAH%2F84v%2FDfEJ5aFSyQMMhPkLfJfT5%2BiJJK7wYlYuyzS6lg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1be9f056ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"ba0812ac8b7ac5df4e7beed0f4d59bfa","sha1":"5b95a5ec4f5c0bdf1ba1edf45353722c7a08a50b","sha256":"a63e24423f704457a4f0c5000daaaa8db516395dc6cba43cc5078f9fd37d8c91","sha512":"ee4ab0ed6fe45fc9b279553e2eb5633056acc465751551373d224410c762432a2a31335b401232c2e8e2a2876c9049e022dcf13b3af64f121e010f5cc81b063c","ssdeep":"96:EknGLWpoWix0kPRHncoHpryH7gLHoroS5NGA6Gp0qWZg81LzyHrG1WYdVddjz:Ekn2lHco5y+CHOj+LGhzddn","tlshash":"7181f909fe12ad501e4d5a476af7928717b70ad0ab97f884acddce1395110fecc1a2cb","first_seen":"2023-10-21T10:15:13Z","last_seen":"2026-01-11T13:34:43.901004Z","times_seen":45,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/5bd9ab3c65224c2640518269/default","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /5bd9ab3c65224c2640518269/default HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:14 GMT\r\ncontent-type: application/x-javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=7200, s-maxage=3600\r\netag: W/\"stable-v4-694a2ed6f00\"\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 940\r\ncf-cache-status: HIT\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9b424b24d80fb521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2121,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"942d2d08da33f79c23c2e34086c328c7","sha1":"c494d0fef4d055e96705c52ab78e239248e87074","sha256":"1b92666b500fe6a859035ba282d2eba353c83c039714c06991e2104474302016","sha512":"62c8d0ef88264fdf08a5ecccb4e91237dce13eafd838278bf8353515e1143eb8c3ff3a7fc10e4380a28398649a7986115d063a2a24c61063bd2f1ae6b9c07b8d","ssdeep":"","tlshash":"a64123f25b8f5d52522410d88efefa0e357b70e644dc5cb2470c0c017699abd6a9ee3a","first_seen":"2025-12-23T07:18:48.895189Z","last_seen":"2025-12-29T02:24:37.878454Z","times_seen":13,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":39,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-main.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-main.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300510\r\nx-content-type-options: nosniff\r\ncf-cache-status: HIT\r\netag: W/\"da5bb1dc647470204df0e49f5afac2de\"\r\ncontent-encoding: br\r\ncf-ray: 9b424b2659d0b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"da5bb1dc647470204df0e49f5afac2de","sha1":"f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8","sha256":"705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c","sha512":"d9c0eda8c93df421f8147960ff4b00f8eacd8791b8386b020f04d0478c6b7a4328767a82b52b8cfbb7c3a44cb55cec488c2d1008670bee709d67d8bdbd887c39","ssdeep":"","tlshash":"d4b09b6c1057f86955e8064ed3b7f65d1d961050811104301658a1753321143c61c55b","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-14T06:10:31.706846Z","times_seen":86107,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-vendor.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-vendor.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"3b341e35b39f6195793ecaf5db7c1d63\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300509\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b2659d2b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82913,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65472)","md5":"3b341e35b39f6195793ecaf5db7c1d63","sha1":"3ef56ed9ac8bfbf5347dc4592653703f59763083","sha256":"548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305","sha512":"6b222121b74ffeabd4de7b69f354ad25283d0989376e8e3f6d97f829e28175291eab0a535ca77c22d3f65595250ad9ad3909525c2eb74bf9783f4955c3d7cde2","ssdeep":"768:kURUFvX9zXAfE4dm9+fuDosXRfMySUHM1ONdYO31hY6d/o6cyO4fefHvSAW64F:kURUZXGfzd1uU+8ODY6JORfHBWJF","tlshash":"b483e6dcb295b57117ab20b5417f050bf33a7815a80ac0a4f266f4da7c7848ea06bf7d","first_seen":"2024-03-08T05:46:53Z","last_seen":"2026-06-14T06:10:31.579268Z","times_seen":59629,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-6289ff8e.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-6289ff8e.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"bad82a9d17b70394dcb479ee1743ba1a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300520\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b31499f8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105985,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bad82a9d17b70394dcb479ee1743ba1a","sha1":"2c009dc2598c21f77f2e6f7acc4d47f146cfdeae","sha256":"655009c5e2dd85e9e5d763a0b9daffda4908bae06d495f30359acf4bc00049e2","sha512":"850449a8987328d3ee69c24d6521621c4793128a2e0e89649f8b5ec3d51b02185e71bc7298e1e7e727883c13b166c31a20fe7945878a90ee63e9576b2623064c","ssdeep":"1536:BigMTWFu196wufn32jGDdgaOFUWbaGlDluK1MFYTdZPfx3u4V5pfYMrlSf:4nmuTilGhmsx3u4V5pPrlSf","tlshash":"66a30a6ef091b47d8993d26120af3212f3353d55a919d0a8f234cdf859d89c9a127f3e","first_seen":"2025-12-23T06:37:53.054872Z","last_seen":"2025-12-29T09:53:34.58718Z","times_seen":438,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-chunk-2d0c8092.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:16.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-chunk-2d0c8092.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 26 Dec 2025 17:28:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"bc08ba58d0fa542b65ee2eba4590ab8a\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300521\r\nvary: accept-encoding\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b3159a18deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5261,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5261), with no line terminators","md5":"bc08ba58d0fa542b65ee2eba4590ab8a","sha1":"774df0e93dbd05e0ba1e1ab52bc036e80298093f","sha256":"6ee957cffb57b80853eaea9a8c315840ff1c2fb8dd4c7f3dbb422f26b4da9119","sha512":"429e84bceb591c0d74af034515dae68cb6cd3a0d7450037cd2b10681035796c2267210c28bf01010e50130ad18aee142e1e75096bb62cab02a4728ba47de502c","ssdeep":"96:zNC9Hqt7pEma7hY/rcKXJBPDRIv6hJQ7i16p3n4vkjvxQcsD:zKHhNYNLRIvgx43nVY","tlshash":"f5b1859af247b456c156225150ef3b1df33a281ca61ccdc4a66965f218784cba077b39","first_seen":"2025-12-23T06:37:53.070649Z","last_seen":"2025-12-29T09:53:34.561942Z","times_seen":442,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:300,400,600,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 26 Dec 2025 17:28:10 GMT\r\ndate: Fri, 26 Dec 2025 17:28:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23176,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"49148aa6aa83030c8107b048340b6d45","sha1":"0120fa4085b32b021b14aeae199e5dfade9bbf78","sha256":"c9232eb823d220300177aba31f7efd6e78e0ccdef46558336f8ede5a6efbfdc4","sha512":"2e5514ec03270ebe0019fbafead0722e2ab5e87b3ddc3e2c6a2beab2ab4ca36d6fa22835e6a88827eaba8f0fc9f0819a94e69fe3049539a389076b6baa8521fd","ssdeep":"192:NCddw24WrqKnbqGIwV4Mrz7xCAAN21/rqbnbqGIwV4RazqbCuuH2PlrqxnbqGIw3:0AYqY4tjXqY4ahhqY4tU8qY4Z","tlshash":"3ba22ba00027185063431de623de7e34ee0fa2657048d0766bfd8b9beedad6963b435d","first_seen":"2025-09-17T06:09:26.673739Z","last_seen":"2026-06-14T06:27:13.671052Z","times_seen":15196,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":101,"dns":0,"connect":15,"send":0,"wait":35,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/plugins/toastr/toastr.min.css?v=1.0.01.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/plugins/toastr/toastr.min.css?v=1.0.01.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 6742\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:55 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8fb-1a56\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6742,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6455), with CR line terminators","md5":"5876ad95f95180419f8d66226d0892de","sha1":"09a44932722b26cf8abb90055a485b833bb89d21","sha256":"129293a5a0727fab8f9f956baef5b75c7484e083d694a97cfbae4e7459b60cfe","sha512":"47fa590c577991058a9ef33895408a20aef1fda8a325a75066798f1bc47edbba716bb49a74d5de8ff48c30ca91897be34d4584ce9a6b692c305ace244b621140","ssdeep":"192:u0sKZ6yjY1SqvKbBY8syRttzGjVMSbO68:u0s4pYR8PtMMSb78","tlshash":"6ad17431db812629fed3811ef45966092e1be1b3e6ed5dae650fa1acc2c67d05c33284","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.439948Z","times_seen":64,"resource_available":false,"data":null}},"time_used":388,"timings":{"blocked":75,"dns":1,"connect":44,"send":0,"wait":211,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/icons.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/icons.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 162415\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8f9-27a6f\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162415,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a30df7bb5b2c6be81afeccb796fa1de4","sha1":"b176538e95ccafc2343b88cac4e9886f7a3f56a2","sha256":"0286d62ea1d98557af990f78068fb0dc90f33d330b4f84e32818eb0f3a56a2e7","sha512":"751f1b63f94a7969b11c1400a0bfd730ecae0e3cf98dd91459d173e420a4fcab100ce730b7fbf407404f53753ce41a5c06f4835d9267d7e7d4195345f574b1d4","ssdeep":"768:akDNwlbq+yvTMC+3F+bvJyIfM+oYOd61U5kMcRaUdtfuzrKRh5QiV2fZdSG1j1uX:lDO/h3+wyM/61DwRfLXjns3","tlshash":"4df331eca8f841802740e4a027cb7254b751f16bcd458d1ef2d3aaaedfd524689e63dc","first_seen":"2023-05-22T09:09:35Z","last_seen":"2026-06-12T11:41:48.461495Z","times_seen":284,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":173,"dns":0,"connect":0,"send":0,"wait":282,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/2.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/2.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 40447\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-9dff\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 04:59:21], progressive, precision 8, 176x150, components 3","md5":"9c355f9f156e647236c4097c5ec24d2a","sha1":"536f456697e9387e9671eb85c16f247785249aa7","sha256":"dce738faddc87256785c675d5cefd98395edb4f4f26253ba26fd05d99f387820","sha512":"a68684cee4d696ce8a4f453b92ef8df9ecab37c2a7fc3271ceb6ebeed8d5efdb6fc3e97b917fd4e84c48d50974b6d6161bc8004b0e7778c519d7adc853266f8e","ssdeep":"768:wSDBGfUiySDBGfUtp4ZM2et2J2O76H/xm0X+ufCqf2Qkf9Q:wsGfSsGfUtv2et2J2OafXXLpT","tlshash":"af03c08867c2ef53fdd05e717898d7c5e3a1ab088be391827acca911bf713b64c49245","first_seen":"2024-08-21T10:14:51.908236Z","last_seen":"2026-02-09T10:41:15.852425Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2667,"timings":{"blocked":2393,"dns":0,"connect":0,"send":0,"wait":269,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/4.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/4.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 37078\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-90d6\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37078,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:00:07], baseline, precision 8, 176x150, components 3","md5":"20ada196265d320504a15915d9c4fb12","sha1":"bcfe3ad353f067fd66850528cb31bd86163e085a","sha256":"1eda27716d72aa791513addb7d4a5bb872b948367185527c1d029ac67c8c6bc8","sha512":"6f48aa24d6e170315a42ce8aaf6bb7afcdb9a54d17c0d239ac43cc9a7358d21e89f311154ef690b94086e97c67af1ae90132b4c352f08fff609182b91a95f325","ssdeep":"768:g3RDGfHil3RDGfhTwLyYN6oW0Iin70AN7quBNcs:8DGfeDGfhTwW2W0h0SqK6s","tlshash":"3ef2c010b767dc96f4d3fab98499d6632723bfa8a5a353c6bc4cad007fb23815c54902","first_seen":"2024-08-21T10:14:51.909886Z","last_seen":"2026-02-09T10:41:15.876748Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2713,"timings":{"blocked":2435,"dns":0,"connect":0,"send":0,"wait":275,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/site.js?v=2.0.7","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/site.js?v=2.0.7 HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 17274\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:52 GMT\r\nETag: \"6908d8f8-437a\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17274,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1481)","md5":"143be4ca33096ecdde0e814e7a66bcb3","sha1":"bde4812cbd6ecce2d11b54c735674c6d33916f58","sha256":"fd9d27a52961111be18402b89ffb9d831cf1b4fe83a16808c081fae17a32e444","sha512":"b7f3c7ee7fd377c4aac2d7bb8bb0229722c132981b92897b37433b8d020a750bb5da4a8731991a7fe8757e3edb0ff357c1d46ead034a3dfcfa6b09aede272ba3","ssdeep":"384:dACQ24pW9LyL4LI/nD83sTD+6VjO/JM7TN+E5O4qS4O6m:SCQ8GwI/nA8TD+6VjO/JM7TN+EA43Am","tlshash":"3272095df250f43785a22364502f13a03f7a1d428903e498dd76d588ab29fa5e87ff3a","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.464304Z","times_seen":66,"resource_available":true,"data":null}},"time_used":774,"timings":{"blocked":513,"dns":0,"connect":0,"send":0,"wait":259,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/images/logoclub.svg?v=1","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /images/logoclub.svg?v=1 HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 3277\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:48 GMT\r\nETag: \"6908d8f4-ccd\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3277,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"04e2a1e275e22614148144f3783c1cfb","sha1":"4d9ddd1d6f9c03331310edbfd4233bff080bef48","sha256":"3b64044111b2465295136d1df6e3d31f25f161eb0347c6f09c5024d0204c1b0a","sha512":"e40078baf61bf55e7b3e530c41137ffa22c55d88879353610b32922d474138c8b352d28d55eabbbb8c357ccc5815d0ae7ceb688e7c131e91612b9ecd935dbe5a","ssdeep":"","tlshash":"c0610eb9162941f3a09b4b44dbe8358521aca6c3f0eae2d89763246b1d35eef40bc711","first_seen":"2024-05-15T04:40:31Z","last_seen":"2026-02-09T10:41:15.875231Z","times_seen":49,"resource_available":false,"data":null}},"time_used":1962,"timings":{"blocked":1749,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/premium?psystem_ignore","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /premium?psystem_ignore HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usenetmodels.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Accept-Encoding\r\nset-cookie: PHPSESSID=3bb3asgd1gqee1fqe7nekb9qn0; expires=Fri, 24-Jul-2026 17:28:12 GMT; path=/; domain=.usenetclub.bz\n_mcs_=5e4301cd-7404-2408-6ac3-00001125bf9a; expires=Mon, 24-Dec-2035 17:28:13 GMT\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HneSzZsEk6YT0QG2jcrZANZ2gNqeRNOC%2Bo%2BLOqBP%2B4u06dLGyij3TVvF1rYbES5OP3m1hgRlRAH8BTz79BTR7ysKxGNt%2F87hwELW\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b424b165d050b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53024,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11398), with CRLF, LF line terminators","md5":"f1d2de3097f0bbdd29eab9bc3de793b4","sha1":"29f5cad08d5aa879885f532f14f858c431be763d","sha256":"e1c8fc17c321db7b2902f20bf1cb6e73b0d7515f3a0ec56e6dac8f6e9e3f0a30","sha512":"0a0055b17b5ca2a5fd8790379966a1695335c06cba69e7b05fcce760d97a9456a4038048bafdab84de6ad598e4f2992be25e23573ae94418fd71c15de80d0dfe","ssdeep":"1536:xadJZABbXfrx642HMsgInRKqKWAvNCJ7EHhTf8Rag4f:xadJZABbXfrx642HM3OUqKjvNZtX","tlshash":"fc33fa6665f33537516380e67a61271abba1844bcb1b8e6072fc039d4fe6f85dd0328e","first_seen":"2025-12-26T17:28:43.98983Z","last_seen":"2025-12-26T17:28:43.98983Z","times_seen":1,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":39,"dns":22,"connect":1,"send":0,"wait":701,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:14.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Dec 2025 09:55:49 GMT\r\nexpires: Fri, 25 Dec 2026 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 113545\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-14T06:32:50.652281Z","times_seen":285246,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":9,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/user.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/user.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 29 Aug 2023 17:28:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Sat, 17 Jan 2026 04:58:14 GMT\r\ncache-control: max-age=2678400\r\nage: 822599\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YexnefYyx86juRqtZISy9q8jKPUo8nOs4MnYpDCeuYwbA8WEsdFfC42Ujs7wBUvm6WdVjQslJm43iIxKzTXIKxgTDQCWcSJOOKeS\"}]}\r\netag: W/\"64ee2ab8-fa\"\r\ncontent-encoding: br\r\ncf-ray: 9b424b1bb9c456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":250,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"7796330536a9317605e4f430f4cbda92","sha1":"1e75508e8bf3a9ee2a0cd0f0954995338f7bdea3","sha256":"d154d56c858b1b6cbd1d79ddfa7df0e34fd2257daa95fc25e7606bf7e7098674","sha512":"db9b6434ddad1b8d0606edb82c19fdc34087ba782e00c004d6c10799d106afc967687f81cdfb8d4e4b458cf687de4383733f727a3296fdbad02911ccc2eae7ff","ssdeep":"","tlshash":"a4d02e18ff162e21d821207c8874735e0a022ac4ba013a24a2f1a890e628ebeb201c9c","first_seen":"2024-08-21T10:14:51.953549Z","last_seen":"2026-01-11T13:34:43.908103Z","times_seen":43,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/site.js?v=2.0.7","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/site.js?v=2.0.7 HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:24 GMT\r\netag: W/\"64ee2ab8-5ba5\"\r\nexpires: Mon, 19 Jan 2026 02:20:56 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 659236\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IqDMg4dcAJeu%2F6CvsAAyLlaJCYvHYFCnSU2yP5LemHG9gHh%2BK02oJLPTruA%2FW1JoUEGXgHL%2BvtbH1DHaDEUjRepMbEKC9fPe8%2F1H\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bb9c956ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23461,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7318400fcb3c4857867971ccd36dcec3","sha1":"b48d400f6b9d245e385e22bea3d7dd458427ae34","sha256":"1e1a4c1ecd7c1e173c127cdcee92b344af0994926324e127abca7a90d000648b","sha512":"3a935af94e0215f6aff0bd5e66e4773684625cc5ef943c06027f8149ee46466262ebaa388e254e01c0d8a4be31e7a614bf7c50cfd4066edbe2bc27442d8ddc81","ssdeep":"384:1fy44qiL7eL6LqcKJ6fa5+AIMdKxTAQkzBow/OCx7TKQWJOUKBhVJH8:lU7yuqwfa5+pMdKxTAQkzBow/OCx7TK5","tlshash":"04b20948f75ca43789323224992f51c4377d5823a806dcae7cad80887f91a3d667fd7a","first_seen":"2024-08-21T10:14:51.960771Z","last_seen":"2026-01-11T13:34:43.846562Z","times_seen":42,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/20.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/20.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 35643\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:59 GMT\r\nETag: \"6908d8ff-8b3b\"\r\nExpires: Mon, 26 Jan 2026 17:28:13 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35643,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2024:06:22 22:22:16], progressive, precision 8, 176x150, components 3","md5":"68a141911f879b81d2d8ad93526852e0","sha1":"63a00a8aa5e33aa756a0c376917a8719a70bf7d8","sha256":"393445a73c687cbf51e12df54a3598698b82b5df5105ddd431f0d19579d69561","sha512":"f761f4e3e07f3bd1ed23224786e337493aee69a8d86f253cab95c3261de09b7f2514db9212755d2bdb8f825dde85db40137428f8933f29ef016a491638ec1d9e","ssdeep":"768:+W+3f+GfJi6W+3f+GfKVfyfEkiPn+kcI4Iy4cHnsZu4TF9uPPF7lBz:+l2Gf7l2GfK9uEjn+PiyvVEDQ7lN","tlshash":"4ef2bf01fa06ae51f9d97a3059e9e3d1e7b38fd85d63a288388c3c447f723899c99543","first_seen":"2024-08-21T10:14:51.897527Z","last_seen":"2026-02-09T10:41:15.864495Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2923,"timings":{"blocked":2655,"dns":0,"connect":0,"send":0,"wait":267,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/main.js?v=2.1.67","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/main.js?v=2.1.67 HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 16056\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-3eb8\"\r\nExpires: Mon, 26 Jan 2026 17:28:11 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16056,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1935)","md5":"3fa04ba21ec5cddc208971b58cb5377a","sha1":"d6dfb8b1e9b21e299ab6a354894b21c0b06d9841","sha256":"953950eff1a4c69480adc6fe4786b7a2a3a104f3c6c0be7698b276195c92638e","sha512":"68045109eaf8fe6425f161335b32a39afccbd63e0b4eaf16d41d7c8a133dde8f633d28460755ad8ecd9e91577f41e9a50fc37cbc33199fdfb18a1c155494ee43","ssdeep":"384:NF9YW/mGS+IqwKhtMadNKqlz4T+h9spZ1gIo7AMEr7:zqW/mGSatMadPz44CpZo1Ef","tlshash":"2672d698b61025a7c1d73eba60ef850536320971da4ac464e0b7005d6fe9fc8f673b6e","first_seen":"2024-05-15T04:40:30Z","last_seen":"2026-06-12T11:41:48.446934Z","times_seen":62,"resource_available":true,"data":null}},"time_used":1167,"timings":{"blocked":844,"dns":0,"connect":0,"send":0,"wait":281,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetclub.bz/scripts/mytools.js","fqdn":"usenetclub.bz","domain":"usenetclub.bz","tld":"bz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:13.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetclub.bz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:31:25 GMT","end":"Tue, 03 Mar 2026 17:29:57 GMT"},"fingerprint":{"sha1":"AB:3C:1B:45:0A:69:8E:D7:3C:6B:E4:4C:D5:A2:B0:FD:EC:EE:CA:1F","sha256":"DF:E8:F8:5A:F2:FD:4E:2B:CC:7B:C9:3D:FF:53:B6:31:88:F6:47:76:BE:A8:76:9D:D3:8C:2A:9F:4A:69:B2:57"}}},"request":{"raw":"GET /scripts/mytools.js HTTP/1.1\r\nHost: usenetclub.bz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/premium?psystem_ignore\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 29 Aug 2023 17:28:23 GMT\r\netag: W/\"64ee2ab7-579\"\r\nexpires: Tue, 20 Jan 2026 02:38:01 GMT\r\ncache-control: max-age=2678400\r\ncontent-encoding: gzip\r\nage: 571811\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SFJXTz25qpc%2FvxpbnG1D8MlRFATAQJ%2Fc1tipjdZaA7lBBSej74j9Q8sTVU67jEoMtQHAc%2F0FcvWNc8rCEMc%2Fso75wwuApNgDxhR5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b424b1bc9d456ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1401,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"73acb0a250004b3066f41baa27cbf3d4","sha1":"322cb31e4b1a9614fc4e2d90f766ba0297552c78","sha256":"85859fa892d17e881ac4be8627aabac2df63dfc7b9cf4b41b099afe8eb3f1aa6","sha512":"f0f6ca4f621516e43ca7d095fede08bef7b60d4ffc99da0e157d398fda0306e34612c3807047d2bf8579e09681ee0d9e0edacd525c6184876118cff46e6df67b","ssdeep":"","tlshash":"de21c2c5cbb82154d52d0046eb25e766b57b5cef6f0d0c2bfe446934248d726c62cae2","first_seen":"2023-03-07T01:32:46Z","last_seen":"2026-01-11T13:34:43.866665Z","times_seen":47,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"embed.tawk.to/_s/v4/app/694a2ed6f00/js/twk-runtime.js","fqdn":"embed.tawk.to","domain":"tawk.to","tld":"to"},"ip":{"addr":"104.20.42.169","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetclub.bz/premium?psystem_ignore","date":"2025-12-26T17:28:15.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tawk.to","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 06:22:46 GMT","end":"Fri, 06 Feb 2026 07:22:44 GMT"},"fingerprint":{"sha1":"80:D7:06:65:13:56:54:73:0D:47:F1:D0:52:10:4E:1D:6C:FF:43:9F","sha256":"91:03:5F:82:EA:3B:36:7D:F4:58:B6:53:88:29:F4:6C:56:48:B9:C0:D3:BA:54:7A:DD:2D:C9:F4:D4:DB:5E:9F"}}},"request":{"raw":"GET /_s/v4/app/694a2ed6f00/js/twk-runtime.js HTTP/1.1\r\nHost: embed.tawk.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://usenetclub.bz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetclub.bz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Dec 2025 17:28:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 23 Dec 2025 05:56:16 GMT\r\netag: W/\"01fe9ca4844935c71356c695b694083c\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=2592000, immutable\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\nage: 300510\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\ncf-ray: 9b424b2669e2b521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2306,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2306), with no line terminators","md5":"01fe9ca4844935c71356c695b694083c","sha1":"dd95007770446aa2862a6b50c0ff3d80add31be8","sha256":"0756202cafd3048f29ae14916d3b3b3726b79e2fda619c42c6cede05d16390d4","sha512":"3950b4362992126cd0b45e49d3da2d34c831951352d6971084d0bc425f40ad5ceb290895749c7db30e026dea7ff86586e9e1adfb056bccdb875955e7b60f303c","ssdeep":"","tlshash":"3e4183d936e8f9b6434318e1043f9016f6352976097be8c0531dd4f5bc78c49815afb6","first_seen":"2025-12-23T06:37:53.062154Z","last_seen":"2025-12-29T09:53:34.547112Z","times_seen":472,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/framework.css","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/framework.css HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:10 GMT\r\nContent-Type: text/css\r\nContent-Length: 263434\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:53 GMT\r\nVary: Accept-Encoding, Accept-Encoding\r\nETag: \"6908d8f9-4050a\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":263434,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7bddf5308989c1e1e49589bb92d084bc","sha1":"21aaa5384b528eff1be04812da0929fdfee89742","sha256":"9f9051139d0dcc2176080cb3ddd3f36660a6a2c2105dd73b55b0e0b329e19373","sha512":"edc6c67aa68f6970ead2d9b339ebb03bad5f061c4d5a99d29998c84266ee10f77893a75240f015cee4e357d8d453e901422218b6f4d406107c4c7edc3046718d","ssdeep":"768:Rv6lx325489K0neqyIwRybhmocBQiV3cStEsBjPCets6SjsbsQsZBGsJh81Ushj/:dWk9K0n8Ryc3cg9bIkSbjRB8QC","tlshash":"07443094a24075ff8d73059ba0a8b5fdf7998d41a2362ee7bbee82c14e047470135c9e","first_seen":"2023-08-16T00:45:21Z","last_seen":"2026-06-12T11:41:48.439338Z","times_seen":66,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":66,"dns":1,"connect":42,"send":0,"wait":273,"receive":185,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/js/jquery-3.3.1.min.js","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /js/jquery-3.3.1.min.js HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:11 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 86927\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:51 GMT\r\nETag: \"6908d8f7-1538f\"\r\nExpires: Mon, 26 Jan 2026 17:28:10 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-06-14T06:31:01.621173Z","times_seen":135095,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":282,"dns":0,"connect":0,"send":0,"wait":266,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/assets/offers/special_offer/cinema_2a/1.jpg","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:10.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /assets/offers/special_offer/cinema_2a/1.jpg HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 41438\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:58 GMT\r\nETag: \"6908d8fe-a1de\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41438,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.1 (Windows), datetime=2023:07:10 05:06:38], baseline, precision 8, 176x150, components 3","md5":"0e9a8d50fd6c6c557afd7ab7d7e629b2","sha1":"9ae6fb34a1328541f43b326cb2e3bb6545b9d229","sha256":"2480b5d997b1a04aa9237bd0777cdf77e5ed2eb832723ed6d0f704ec41c5da2e","sha512":"9ad462f4497250848bf48f90c89ecbe4c0eda3ba3bfe74f06afbca393512b882977ab4fde8a2e6a50db65ab0414025f3363a289171e52492e1a0b07467a0bf21","ssdeep":"768:rb1svyGfEis1svyGfF8U52Ru9fLXZKmPelW6EkK60vkmSAHdraxI6yn:rbfGf8fGfFZ5geXkmWk6fK6r5crNhn","tlshash":"b913c0613b22dd21f8c876b99de9c5918b732f9427bb649e7c8c68007f612e2cd095c1","first_seen":"2024-08-21T10:14:51.902081Z","last_seen":"2026-02-09T10:41:15.825594Z","times_seen":47,"resource_available":false,"data":null}},"time_used":2645,"timings":{"blocked":2352,"dns":0,"connect":0,"send":0,"wait":269,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usenetmodels.cc/fonts/Line-Awesome.ttf?15lwq9","fqdn":"usenetmodels.cc","domain":"usenetmodels.cc","tld":"cc"},"ip":{"addr":"80.76.42.10","port":443,"asn":212913,"as":"FOP Hornostay Mykhaylo Ivanovych","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usenetmodels.cc/","date":"2025-12-26T17:28:12.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usenetmodels.cc","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 31 Oct 2025 00:00:00 GMT","end":"Sat, 31 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:C1:4B:70:67:56:C4:70:EA:BE:CF:5D:3E:8E:49:80:50:33:DD:FD","sha256":"1B:8D:D8:55:9B:16:9B:AE:2F:84:98:94:C8:DB:0B:61:96:C4:01:66:4E:48:83:2C:AB:8F:AF:4D:3B:E3:6D:18"}}},"request":{"raw":"GET /fonts/Line-Awesome.ttf?15lwq9 HTTP/1.1\r\nHost: usenetmodels.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usenetmodels.cc/assets/icons.css\r\nCookie: _mcj_=3992332955\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 26 Dec 2025 17:28:12 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 134244\r\nConnection: keep-alive\r\nLast-Modified: Mon, 03 Nov 2025 16:31:46 GMT\r\nETag: \"6908d8f2-20c64\"\r\nExpires: Mon, 26 Jan 2026 17:28:12 GMT\r\nCache-Control: max-age=2678400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":134244,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Line-Awesome","md5":"4d5a0ee16afdab1b9ec06d5a44a7c1e6","sha1":"56f066981e308f8b8f4ad4f1b630436fac8ea258","sha256":"9764f817fcc5382247153978479aae66fd231147b0f3900b56e0bef096ca4ac7","sha512":"d16f5eddb486ca3d5b010d21ab44113eaeceae3e7a16c3390a7d2649ba1729502fd54f1d39f6864282bf5faf7a8c3d0a634e8138fa2fcc6207386e141e8bc11c","ssdeep":"3072:yqsS5j53qNMb6nhPEKDvrOTG29cn/DgCvgC1Sj3kK04i7M+yssGclfqL2u:yjS5j53qNMb6nhPE48G29cnUCvgCK3k5","tlshash":"fcd35c07cbc7de46c422b7fd5c1b62664fcaf530a23f87ce66005e05ae8a5f04d54a9a","first_seen":"2023-08-08T17:58:22Z","last_seen":"2026-06-09T22:32:42.807121Z","times_seen":81,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":275,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-26","alert":"Sinkholed","trigger":"usenetmodels.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}