{"report_id":"21ce1bb4-6d85-44ae-9abb-3351f8d2141c","version":0,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-06-23T09:57:24Z","url":{"schema":"http","addr":"ils-usdt.xyz","fqdn":"ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"title":"Exchange | Premium USDT ⇄ ILS","dom":{"size":76466,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (38812)","md5":"f4f306c8864db9ba93053b8d0089f0a5","sha1":"8ffe65877e4a43f2a2151d9e06320ce8412d3aab","sha256":"b9823379218cbdde61a55206499591bb603acfd733450a8ee2f2c9e9214b381e","sha512":"eaf06c49c5fe917e30403d5fbee863d4fbb1c8b1387e7496cbfc896fe8416f44a47000ec6dbb4b7782fe3614ab5cdc58e0bb1d45d9a0fd2b59f288db6b9b4e9b","ssdeep":"1536:2ebx/c64Jysq7vbW0uZ91GrzrWnpqlhNwWZvttttftttt1tttt0BttttZyttttnm:2epiJ","tlshash":"3d73967433cc392da41b8b94f794f72c932de190ee1b906ca27c11616ed7dc8b967a84","dom_hash":"domhash65226eb6778ebd3db2cbfe788d1dda5e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ils-usdt.xyz","fqdn":"ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.1.1","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-28T09:57:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-23","alert":"Detects file containing Telegram Bot API","trigger":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"www.ils-usdt.xyz","ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-06-21","domain_rank":0,"first_seen":"2026-06-23T09:57:25.726623Z","last_seen":"2026-06-23T09:57:25.726623Z","alert_count":9,"request_count":7,"received_data":583321,"sent_data":3269,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"assets.emergent.sh","ip":{"addr":"54.240.174.12","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-06-14","domain_rank":0,"first_seen":"2025-10-15T16:59:18.626023Z","last_seen":"2026-06-21T01:44:03.770728Z","alert_count":0,"request_count":1,"received_data":19558,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"ipapi.co","ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-06-17T20:59:12.814462Z","alert_count":0,"request_count":1,"received_data":2497,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"us-assets.i.posthog.com","ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-01-23","domain_rank":57965,"first_seen":"2024-02-22T12:48:35Z","last_seen":"2026-06-18T08:15:29.71409Z","alert_count":0,"request_count":6,"received_data":493427,"sent_data":2938,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"api.telegram.org","ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":206724,"first_seen":"2015-06-25T10:09:00Z","last_seen":"2026-06-22T15:59:58.534838Z","alert_count":0,"request_count":2,"received_data":1251,"sent_data":1200,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-21T22:19:08.810882Z","alert_count":0,"request_count":7,"received_data":388607,"sent_data":4034,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ils-usdt.xyz","ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-06-21","domain_rank":0,"first_seen":"2026-06-23T09:57:25.722599Z","last_seen":"2026-06-23T09:57:25.722599Z","alert_count":1,"request_count":1,"received_data":341,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"us.i.posthog.com","ip":{"addr":"3.215.230.5","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2020-01-23","domain_rank":42193,"first_seen":"2024-02-22T12:48:36Z","last_seen":"2026-06-18T08:34:00.933054Z","alert_count":0,"request_count":3,"received_data":45613,"sent_data":1585,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":2,"received_data":21648,"sent_data":1064,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"md5":"98652a77bfeb994f8eae8bff1444bd2b","sha1":"cb4304d3bed97eecb272fc8d977602e438f0bffa","sha256":"325be39710b0bdd9b143ed984fa94df65488bcf498558542375e2b0cb972c0da","sha512":"a5e699cb9c04f1f16bf6e7ada7b0ee15f0f9dd8213162430bd2c22503372def266c8aa63a4cfde7d5bb8c00c1a6617bb7621a70194d72c94d9412b9d58e18ca6","size":506551,"token":"8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk","is_revoked":false,"bot":{"token":"8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk","user_id":"8985091533","username":"fangwen_8866_bot","first_name":"网站访问通知","last_name":"","chat":{"chat_id":"8500753537","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/web-vitals.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"40bad0569789999bcb1541198620fa48","sha1":"8e776d3c859d5fddda48614d07b57ac26657fe72","sha256":"eb3f494aa34624b6e9b1010d8a242de308dc344c0011f3686784c9b5977d9ea4","sha512":"5bc9d4e6237640cdb37a6bc48264c604ba37492b6113d699444a6b35b3dce1408d8b9eab9d306e4f6ec23384baf4b0f0f7a154d2e7092ddb6e9db8d4166b94f5","ssdeep":"96:t/CG4vzq4AQ6lXT2AWUlDmSpHmU9ef1yhyljTjPmVDD5LoNUKpwmDUePij:1CG7FNToU0jki1XljfCSGKp4yij","tlshash":"83d1e8f9af81d43812bed1ba90795153323567a1a509419ce23fffe018ac8c6635bf32","size":6460,"data":"","first_seen":"2026-06-19T11:10:18.47296Z","last_seen":"2026-06-26T20:21:29.843071Z","times_seen":498,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/posthog-recorder.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5438c96d315735fadb9879cf2cdc85cd","sha1":"ebad97bc3ff1835da256f84741526ff8b77ca518","sha256":"63040c5e72195e7e02ae8c654e5468b9f37848cbe5cc4300dd77bb1366ab7431","sha512":"ec691d0374d383ec9fce904225d4af39fef7c8229b11ace618feb4c6950f9a590a56b3325bc25fd2026538a223c06a298abc098b22b7020a9e94ef6ba654ea43","ssdeep":"3072:kxL4xa7FMZcGPOdkxYWwqrrMe9bf264yVqP:kxL4x4FxGPOdkxY3qrrMe96hH","tlshash":"87f34ccab765a03357e5512980af0203f2353619704a80a8f2aed9e9357c9c771b7f7e","size":157914,"data":"","first_seen":"2026-06-22T15:44:20.426719Z","last_seen":"2026-06-23T10:17:43.398989Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.emergent.sh/scripts/emergent-main.js","fqdn":"assets.emergent.sh","domain":"emergent.sh","tld":"sh"},"ip":{"addr":"54.240.174.12","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d509e6f6db7779da7ac19a653b6fa67","sha1":"3044f3e4ae0831e7bf9338316dc00f4e3b1f164e","sha256":"d44385a34c94f150e551d65d61953b869e2d092178381669d4d73f602770761f","sha512":"27aaafb9e1def6121a9a6b31ddb6fb73861bc12c62fd96a397fa2b95cd69057c431635936399e927c406af91f9ea911534bfe8ee78c79b797f7d96417ba7e680","ssdeep":"192:0j1rXaJq4F9cxfs5a6aJVg2E8FzCQfuV4HlT80Q5xmQalUwbCMLnzvXgqHO0bHOu:2rYZIdFWVA0ApLnzvwiMHZg6Q","tlshash":"1c82961649a10033492791ad2b8bb585323080471d52fcb8bfcd87983f9d56e9bf27ee","size":18985,"data":"","first_seen":"2026-06-18T16:40:57.304484Z","last_seen":"2026-06-26T16:35:41.959582Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1eb27b9120f461a107b77fd6a9ed1149","sha1":"0edf3a843ef46807a79e9333eb91db08c6065dc6","sha256":"1ce64c573e140d93e7b3635996bcbea0b9de221e5fd0814f2230f554be2018a6","sha512":"748ebbd7af4b22fc232434cf56e6bb27f6ce528a5a48bd0000047b7c3f3652de0075c4f2641e2a0e1ff442f15e0c46f2633d1a9fc1256a17b4aa7a499e9eab93","ssdeep":"","tlshash":"83d0970cca30ae5210962c6b3a0a7c0002e302889120a10331086c61fb618811d02303","size":222,"data":"","first_seen":"2026-02-23T12:33:52.63461Z","last_seen":"2026-06-26T16:35:41.993799Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"676da7b1e53763fd10daa8ebec30ce1f","sha1":"3b710ca98e1a2c3ce48b0568042f7836b41377b1","sha256":"fd06b7f14be8918d00706bfc9c7e3f9ae93e2f4a4273a1ded6185ea40f52ea6b","sha512":"7f4b588bc5a72479231ed127bcab1cf57044055afd66497e993d50aff18fd52cd2f98fdab3def0d119c77adaf45aeb5d3a730ceb607f51ec8a710889b2ca0c32","ssdeep":"","tlshash":"4d41630ef94778334b91fae174b65d8bcf5a16840338dd45e56280c99241eca862efbd","size":1970,"data":"","first_seen":"2026-02-11T03:08:25.567745Z","last_seen":"2026-06-25T20:36:19.673137Z","times_seen":244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"98652a77bfeb994f8eae8bff1444bd2b","sha1":"cb4304d3bed97eecb272fc8d977602e438f0bffa","sha256":"325be39710b0bdd9b143ed984fa94df65488bcf498558542375e2b0cb972c0da","sha512":"a5e699cb9c04f1f16bf6e7ada7b0ee15f0f9dd8213162430bd2c22503372def266c8aa63a4cfde7d5bb8c00c1a6617bb7621a70194d72c94d9412b9d58e18ca6","ssdeep":"6144:iqUe5EV6gJgJN+0Qcr1f4bVMbNYFfeV8dL7LcyWa4EDLiQKr3McvjolUlnuI542:VTtbNO7dL7LcyWaZDLiQA8mEe","tlshash":"93b47dd4b251b1681bb709d2847f4419b33e7a16740d8030f32dec9a36ac699b17ffa9","size":506551,"data":"","first_seen":"2026-06-23T09:57:29.584544Z","last_seen":"2026-06-23T09:58:30.305776Z","times_seen":4,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-23","alert":"Detects file containing Telegram Bot API","trigger":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/dead-clicks-autocapture.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"60fac29e4712c229038ece9718066a57","sha1":"7e75b16edff67d2713998c45b807aa0251eefb7b","sha256":"4a4ae8c4165ac8bf7fe71dbcb8b7237de3c74688aaa061b6a6321e342dfc7d3b","sha512":"ebf645bed430436d08dabd393b58c9ed18c68655b03bc64039440bae5489c87d0bc2f2a4987b42661e22a96556af18ca777d3d08462677079a515671b3d5c5b4","ssdeep":"384:ZjlS6fltqEYdkfgpvB568Hkjy5FWHUzk/6Z0+EUHTF6:ZwEB8HD5FUUzk/I0+EUHTF6","tlshash":"bb52fac8b650e2721adb095a807f0702f13a6a18654bcc24f155edcd74adb8251fbe7f","size":14500,"data":"","first_seen":"2026-06-22T15:44:20.414337Z","last_seen":"2026-06-23T10:53:58.192711Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/surveys.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"719d628e2d1fbaf4c26f33782cbc1b9f","sha1":"78228da71ab8d00a1c46b15bc2fd231f2357cb80","sha256":"46a76d7ad75b55688b54565afbd03cd8092440c0c44d20dc39a3e57d95296a2e","sha512":"b2bf163e1a92482e2914afd5ee9c8a72efff89e4fb1be6a1190a32972615c0c0d1e588aba226fb56c64cf2e8eda4ded3d11787ff540fae7bb2496a71c0f82296","ssdeep":"1536:d9/oVWud2F9fQvo7aTP09+k1IdxUSSPYdoDKPFWM:dxbuGqo7R57Adp4M","tlshash":"f2934cd5ba00f06e51eb80b810be5843f33d6b1afa0d4c54b1179c943dd6988a39ffa6","size":96801,"data":"","first_seen":"2026-06-22T15:44:20.381458Z","last_seen":"2026-06-24T15:04:59.574855Z","times_seen":196,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/f60b5aca-7a15-407e-a176-50ab354ec3b4","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"","is_inline":false,"md5":"90b8ffebf84eea5b4d43bbf88bb65041","sha1":"95b004eef5c66492d14e5ef15f07189c9aa88f1d","sha256":"952559adfd1d4fd0cfd141306cbfc139dad87b27859d12356ff9beffd86ecf0d","sha512":"5a12e7aecb00eac81a4fc91873a6c4ebcb56904b754d85192a76be73764d9d0267caeaeff19b0a8daf924ab55fd6f4e374bfbc2b920ab843841c4ce68ec93d93","ssdeep":"","tlshash":"e17151847eb3190800e3b3ae76af5208f13aad173286ed64bb5d53610f5a01575b7fe8","size":3709,"data":"","first_seen":"2026-06-19T14:03:36.439411Z","last_seen":"2026-06-26T20:03:38.102575Z","times_seen":113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1eb27b9120f461a107b77fd6a9ed1149","sha1":"0edf3a843ef46807a79e9333eb91db08c6065dc6","sha256":"1ce64c573e140d93e7b3635996bcbea0b9de221e5fd0814f2230f554be2018a6","sha512":"748ebbd7af4b22fc232434cf56e6bb27f6ce528a5a48bd0000047b7c3f3652de0075c4f2641e2a0e1ff442f15e0c46f2633d1a9fc1256a17b4aa7a499e9eab93","ssdeep":"","tlshash":"83d0970cca30ae5210962c6b3a0a7c0002e302889120a10331086c61fb618811d02303","size":222,"data":"","first_seen":"2026-02-23T12:33:52.63461Z","last_seen":"2026-06-26T16:35:41.993799Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"676da7b1e53763fd10daa8ebec30ce1f","sha1":"3b710ca98e1a2c3ce48b0568042f7836b41377b1","sha256":"fd06b7f14be8918d00706bfc9c7e3f9ae93e2f4a4273a1ded6185ea40f52ea6b","sha512":"7f4b588bc5a72479231ed127bcab1cf57044055afd66497e993d50aff18fd52cd2f98fdab3def0d119c77adaf45aeb5d3a730ceb607f51ec8a710889b2ca0c32","ssdeep":"","tlshash":"4d41630ef94778334b91fae174b65d8bcf5a16840338dd45e56280c99241eca862efbd","size":1970,"data":"","first_seen":"2026-02-11T03:08:25.567745Z","last_seen":"2026-06-25T20:36:19.673137Z","times_seen":244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/array.js","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffdb0f2bfc52d604a5f4a7053795ed10","sha1":"cfa2f7982c753289d8fb789038afdacea355075a","sha256":"b17f1d58ec538092f68dc2d7b3d659b675c00987eac4935dd3400ac44e63445f","sha512":"b26a3e8b510a1209b1f7ee1e80a98685343c1cc64f28b67d42a8e14395f7740602343c7f620cb9286c5dbe0e7a3ca4567580aa1e1a09514eff319e9655acdeb8","ssdeep":"3072:V3sR8nyt6+VXn7KCOyOFev8cdhc0zfiBfweO:V3sR8JgXnuCOyJ/dhc0+BfvO","tlshash":"9b24fa87b77ad03246e690a5d03a0103e32a7b4a6159c06cf36edccd359d58ab277f36","size":211638,"data":"","first_seen":"2026-06-22T15:56:13.447386Z","last_seen":"2026-06-23T11:07:14.260015Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/array/phc_xAvL2Iq4tFmANRE7kzbKwaSqp1HJjN7x48s3vr0CMjs/config.js","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b5888bf4718f3b67a3d9cc47f41bbe7","sha1":"24cd6e92dc7be07f39aa1e8dbe07489c811a989d","sha256":"d0b9ab2470bf717462eeea653d0c1c8a1a0eeee0f4fc3e2128b0e75afeab0276","sha512":"bb6083a3bfc4207cdac81419b6288f4457be90e65743e0bb2005e28d1d6e0dff18c0e82c3ec51dff951c7c9a152c4589f16d0a2d3e0b9bd278f5e646fa0d5060","ssdeep":"","tlshash":"8031872f1e1d2831aaaa5325e6d77f456ffe0233314c2848f8dc029452dd7db9987507","size":1566,"data":"","first_seen":"2026-04-14T07:13:14.744737Z","last_seen":"2026-06-26T05:57:27.460235Z","times_seen":239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"us.i.posthog.com/e/?_=1782208620925\u0026ver=1.392.0\u0026compression=gzip-js","fqdn":"us.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"3.215.230.5","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.948Z","timestamp":1782208620948,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:93:A0:4B:D8:27:D0:2A:1E:35:71:6C:A2:1C:2A:2C:2E:E1:A7:D7","sha256":"2A:1F:69:7F:28:B0:DA:BD:59:C5:0F:27:B3:35:6D:E9:5B:8B:A2:4A:F8:89:F1:F0:10:CD:CD:8F:62:8E:07:E6"}}},"request":{"raw":"POST /e/?_=1782208620925\u0026ver=1.392.0\u0026compression=gzip-js HTTP/1.1\r\nHost: us.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\ncontent-type: text/plain\r\nReferer: https://www.ils-usdt.xyz/\r\nContent-Length: 845\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: https://www.ils-usdt.xyz\r\naccess-control-allow-credentials: true\r\nx-envoy-upstream-service-time: 22\r\nserver: envoy\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15,"size_decoded":425,"mime_type":"application/json","magic":"JSON text data","md5":"c86a47ac0d792e37182689c73fcbf6ad","sha1":"8fd92e4671341e79f0a3529ac5e9d59d38db9e78","sha256":"0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1","sha512":"827cafe34edc64ac15f9bb3d269d338f8161a08d174071ed415b8a9e78d0672327e09034445292f90b81f5a063c8606d36ee66b20e0fff0446130303d598a8d3","ssdeep":"","tlshash":"1b600000000000030fc00c00000cc03c3ff30fc0003f00c0030fc0300c030c0c00c000","first_seen":"2023-04-06T21:35:05Z","last_seen":"2026-06-26T19:41:58.656701Z","times_seen":37336,"resource_available":false,"data":null}},"time_used":408,"timings":{"blocked":-1,"dns":4,"connect":93,"send":0,"wait":119,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/surveys.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:01.050Z","timestamp":1782208621050,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /static/surveys.js?v=1.392.0 HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/javascript\r\ncf-ray: a102a0499a9c0b51-OSL\r\ncf-cache-status: MISS\r\nx-amz-version-id: WJ9J9Mss0Sg1s0lzXYpyTuKkTIkbX9xc\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nx-amz-server-side-encryption: AES256\r\nlast-modified: Mon, 22 Jun 2026 15:27:12 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\naccess-control-allow-methods: POST, GET, DELETE, PUT\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nx-amz-id-2: 6syUAY6gpDcPFtODlHqGfDQdphx0Dd5m3HN4v6vvw2LsklhFDyRRZGC0PEmcpep4o7TRFWd9657ClOWPPX8aDrx8z8K5sGnh\r\nx-amz-request-id: 6C05CE0KM471BNDH\r\netag: W/\"719d628e2d1fbaf4c26f33782cbc1b9f\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":96801,"size_decoded":33287,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"719d628e2d1fbaf4c26f33782cbc1b9f","sha1":"78228da71ab8d00a1c46b15bc2fd231f2357cb80","sha256":"46a76d7ad75b55688b54565afbd03cd8092440c0c44d20dc39a3e57d95296a2e","sha512":"b2bf163e1a92482e2914afd5ee9c8a72efff89e4fb1be6a1190a32972615c0c0d1e588aba226fb56c64cf2e8eda4ded3d11787ff540fae7bb2496a71c0f82296","ssdeep":"1536:d9/oVWud2F9fQvo7aTP09+k1IdxUSSPYdoDKPFWM:dxbuGqo7R57Adp4M","tlshash":"f2934cd5ba00f06e51eb80b810be5843f33d6b1afa0d4c54b1179c943dd6988a39ffa6","first_seen":"2026-06-22T15:44:20.381458Z","last_seen":"2026-06-24T15:04:59.574855Z","times_seen":196,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/dead-clicks-autocapture.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:01.051Z","timestamp":1782208621051,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /static/dead-clicks-autocapture.js?v=1.392.0 HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/javascript\r\ncf-ray: a102a0499a9e0b51-OSL\r\ncf-cache-status: MISS\r\nx-amz-version-id: 5KEJPLNkga_q4_yArOM3jtVEzFEfoc_1\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nx-amz-server-side-encryption: AES256\r\nlast-modified: Mon, 22 Jun 2026 15:27:12 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\naccess-control-allow-methods: POST, GET, DELETE, PUT\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nx-amz-id-2: 6hxMBNQkPPEBjhT/J3BOs7kZnd0aQA98mjs5zPdWmuUhR+4gR92caWyy/hr1Wgd7DD6P99TCKsQ=\r\nx-amz-request-id: 6C094X1WYJFNYH24\r\netag: W/\"60fac29e4712c229038ece9718066a57\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":14500,"size_decoded":6300,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14447)","md5":"60fac29e4712c229038ece9718066a57","sha1":"7e75b16edff67d2713998c45b807aa0251eefb7b","sha256":"4a4ae8c4165ac8bf7fe71dbcb8b7237de3c74688aaa061b6a6321e342dfc7d3b","sha512":"ebf645bed430436d08dabd393b58c9ed18c68655b03bc64039440bae5489c87d0bc2f2a4987b42661e22a96556af18ca777d3d08462677079a515671b3d5c5b4","ssdeep":"384:ZjlS6fltqEYdkfgpvB568Hkjy5FWHUzk/6Z0+EUHTF6:ZwEB8HD5FUUzk/I0+EUHTF6","tlshash":"bb52fac8b650e2721adb095a807f0702f13a6a18654bcc24f155edcd74adb8251fbe7f","first_seen":"2026-06-22T15:44:20.414337Z","last_seen":"2026-06-23T10:53:58.192711Z","times_seen":46,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.348Z","timestamp":1782208620348,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 23 Jun 2026 09:57:00 GMT\r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17689,"size_decoded":1563,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"30e76aaeae29f594433bc728a08b4d8f","sha1":"ac1b677b4d702295e7802802376ddd8c84acbc13","sha256":"395e51e3dc84faf99710da8cf316e573703addd6eb598e1b334eff76653e820d","sha512":"93b1661d34210abbdb2c6cca46bb229254b615ba07c05dbcadb65199b9d1e61e18dbb4302236e89188ddc34be20528f503f6140358f82385b1f0e621f93ec4d8","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kV:8KYXuM0p2+g7GQK","tlshash":"b1828892002ba400ab971dc233cf7f3aaece10896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T05:09:40.151737Z","last_seen":"2026-06-26T19:01:54.668182Z","times_seen":4570,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.876Z","timestamp":1782208620876,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"POST /bot8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/json\r\nContent-Length: 165\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.30.1\r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/json\r\ncontent-length: 532\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":532,"size_decoded":917,"mime_type":"application/json","magic":"JSON text data","md5":"3719ea98339aed8cd49f49f59529597a","sha1":"8b87b25a7169372f95272f2885f1d4f9ade4584a","sha256":"231ab5bce636baa36754f1b4fc835e8375c88f42428403f06801c060483bf4e5","sha512":"0db62cd29d52e50ba2c1367dfb072210043bb818bbbe93631256f775a72b998c1697dbb9f9d3373658198d223b17ceb59ac4fd6e9aab85211030295dfedad676","ssdeep":"","tlshash":"58f0c06d47456d6e509defdcccda3daa848d612311c9dc388295a86d7660064e10e813","first_seen":"2026-06-23T09:57:29.582898Z","last_seen":"2026-06-23T09:57:29.582898Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/array/phc_xAvL2Iq4tFmANRE7kzbKwaSqp1HJjN7x48s3vr0CMjs/config.js","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.902Z","timestamp":1782208620902,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /array/phc_xAvL2Iq4tFmANRE7kzbKwaSqp1HJjN7x48s3vr0CMjs/config.js HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/javascript\r\ncache-control: public, max-age=300\r\nvary: Origin, Referer,origin, access-control-request-method, access-control-request-headers, Accept-Encoding\r\naccess-control-allow-origin: https://www.ils-usdt.xyz\r\naccess-control-allow-credentials: true\r\nx-envoy-upstream-service-time: 24\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nlast-modified: Tue, 23 Jun 2026 09:57:01 GMT\r\ncf-cache-status: MISS\r\ncf-ray: a102a048a9ce0b51-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":1566,"size_decoded":1405,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1367)","md5":"2b5888bf4718f3b67a3d9cc47f41bbe7","sha1":"24cd6e92dc7be07f39aa1e8dbe07489c811a989d","sha256":"d0b9ab2470bf717462eeea653d0c1c8a1a0eeee0f4fc3e2128b0e75afeab0276","sha512":"bb6083a3bfc4207cdac81419b6288f4457be90e65743e0bb2005e28d1d6e0dff18c0e82c3ec51dff951c7c9a152c4589f16d0a2d3e0b9bd278f5e646fa0d5060","ssdeep":"","tlshash":"8031872f1e1d2831aaaa5325e6d77f456ffe0233314c2848f8dc029452dd7db9987507","first_seen":"2026-04-14T07:13:14.744737Z","last_seen":"2026-06-26T05:57:27.460235Z","times_seen":239,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us.i.posthog.com/i/v0/e/?_=1782208629221\u0026ver=1.392.0\u0026compression=gzip-js","fqdn":"us.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"3.215.230.5","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:09.228Z","timestamp":1782208629228,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:93:A0:4B:D8:27:D0:2A:1E:35:71:6C:A2:1C:2A:2C:2E:E1:A7:D7","sha256":"2A:1F:69:7F:28:B0:DA:BD:59:C5:0F:27:B3:35:6D:E9:5B:8B:A2:4A:F8:89:F1:F0:10:CD:CD:8F:62:8E:07:E6"}}},"request":{"raw":"POST /i/v0/e/?_=1782208629221\u0026ver=1.392.0\u0026compression=gzip-js HTTP/1.1\r\nHost: us.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\ncontent-type: text/plain\r\nReferer: https://www.ils-usdt.xyz/\r\nContent-Length: 5342\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:09 GMT\r\ncontent-type: application/json\r\ncontent-length: 15\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: https://www.ils-usdt.xyz\r\naccess-control-allow-credentials: true\r\nx-envoy-upstream-service-time: 24\r\nserver: envoy\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":15,"size_decoded":425,"mime_type":"application/json","magic":"JSON text data","md5":"c86a47ac0d792e37182689c73fcbf6ad","sha1":"8fd92e4671341e79f0a3529ac5e9d59d38db9e78","sha256":"0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1","sha512":"827cafe34edc64ac15f9bb3d269d338f8161a08d174071ed415b8a9e78d0672327e09034445292f90b81f5a063c8606d36ee66b20e0fff0446130303d598a8d3","ssdeep":"","tlshash":"1b600000000000030fc00c00000cc03c3ff30fc0003f00c0030fc0300c030c0c00c000","first_seen":"2023-04-06T21:35:05Z","last_seen":"2026-06-26T19:41:58.656701Z","times_seen":37336,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.312Z","timestamp":1782208620312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /static/js/main.4f6d6acf.js HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 7069\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"main.4f6d6acf.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\netag: W/\"98652a77bfeb994f8eae8bff1444bd2b\"\r\nlast-modified: Tue, 23 Jun 2026 07:59:10 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::ms5tn-1782208620318-e94d5d9d0a23\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":506551,"size_decoded":159111,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65465)","md5":"98652a77bfeb994f8eae8bff1444bd2b","sha1":"cb4304d3bed97eecb272fc8d977602e438f0bffa","sha256":"325be39710b0bdd9b143ed984fa94df65488bcf498558542375e2b0cb972c0da","sha512":"a5e699cb9c04f1f16bf6e7ada7b0ee15f0f9dd8213162430bd2c22503372def266c8aa63a4cfde7d5bb8c00c1a6617bb7621a70194d72c94d9412b9d58e18ca6","ssdeep":"6144:iqUe5EV6gJgJN+0Qcr1f4bVMbNYFfeV8dL7LcyWa4EDLiQKr3McvjolUlnuI542:VTtbNO7dL7LcyWaZDLiQA8mEe","tlshash":"93b47dd4b251b1681bb709d2847f4419b33e7a16740d8030f32dec9a36ac699b17ffa9","first_seen":"2026-06-23T09:57:29.584544Z","last_seen":"2026-06-23T09:58:30.305776Z","times_seen":4,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-23","alert":"Detects file containing Telegram Bot API","trigger":"www.ils-usdt.xyz/static/js/main.4f6d6acf.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/api/config","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.549Z","timestamp":1782208620549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json\r\ndate: Tue, 23 Jun 2026 09:56:57 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::7cmn2-1782208620555-b3893ea7446f\r\ncontent-length: 186\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":186,"size_decoded":512,"mime_type":"application/json","magic":"JSON text data","md5":"5e593d798a0b7b60a11b1fde80e56b42","sha1":"0521bd108e05193e48ada401e886faa395d85292","sha256":"1354623206e5a40be74e0e8acb0f26b4142d540948b42aa291335cfa8fc415af","sha512":"a5f354cbc3a6101dd3616394fa6b64ae23d9e5e49171f734cd015b087261942530cfd37d917ea0310b042bf2ebd935fa7e76cfb8c58493f3b36dc6bafbe643bd","ssdeep":"","tlshash":"82c012fb73102075e30c41e6380476ceec22909ffcf0d88de0c08ee05494ea1201c431","first_seen":"2026-06-23T09:57:29.585629Z","last_seen":"2026-06-23T09:58:26.933309Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.617Z","timestamp":1782208620617,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 01:47:53 GMT\r\nexpires: Fri, 18 Jun 2027 01:47:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 461347\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-26T19:28:44.43631Z","times_seen":219542,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":37,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.620Z","timestamp":1782208620620,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Jun 2026 12:22:18 GMT\r\nexpires: Mon, 21 Jun 2027 12:22:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 164082\r\nlast-modified: Tue, 09 Sep 2025 18:33:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":84924,"size_decoded":85737,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84924, version 1.0","md5":"f5b588b5cfef2173838149769c8a0269","sha1":"5312086a01f8e8299094ddee5819b9727a19cae2","sha256":"b8811a6cd6f7e0707dfc9e9e6f1daf5f6f450b51e887e163945a9ade91c2720f","sha512":"05d5271c633bbe102775c0b6df9c5e110dae3a2517061714bb5c26ec66a00f8e1b62961135ec96962e7ccaf3942d8e32bd86f42558cbac8ee16ff6c333117886","ssdeep":"1536:PABWz4rSN/GzH27xN5UR1OnX+uyRsd1osLZBi/JGyQI01xDj+C:PAG4rCGa7L5UR1OnX+fGd/VB03QI+xP","tlshash":"378302b4ae71b3968f1c7fe46396273c2a7bdf41053950aeae44e16787f00dba148784","first_seen":"2025-05-29T19:39:57.235915Z","last_seen":"2026-06-26T19:28:44.437077Z","times_seen":16464,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":50,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.625Z","timestamp":1782208620625,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Jun 2026 12:22:18 GMT\r\nexpires: Mon, 21 Jun 2027 12:22:18 GMT\r\ncache-control: public, max-age=31536000\r\nage: 164082\r\nlast-modified: Tue, 09 Sep 2025 18:33:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":84924,"size_decoded":85737,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84924, version 1.0","md5":"f5b588b5cfef2173838149769c8a0269","sha1":"5312086a01f8e8299094ddee5819b9727a19cae2","sha256":"b8811a6cd6f7e0707dfc9e9e6f1daf5f6f450b51e887e163945a9ade91c2720f","sha512":"05d5271c633bbe102775c0b6df9c5e110dae3a2517061714bb5c26ec66a00f8e1b62961135ec96962e7ccaf3942d8e32bd86f42558cbac8ee16ff6c333117886","ssdeep":"1536:PABWz4rSN/GzH27xN5UR1OnX+uyRsd1osLZBi/JGyQI01xDj+C:PAG4rCGa7L5UR1OnX+fGd/VB03QI+xP","tlshash":"378302b4ae71b3968f1c7fe46396273c2a7bdf41053950aeae44e16787f00dba148784","first_seen":"2025-05-29T19:39:57.235915Z","last_seen":"2026-06-26T19:28:44.437077Z","times_seen":16464,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":42,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.emergent.sh/scripts/emergent-main.js","fqdn":"assets.emergent.sh","domain":"emergent.sh","tld":"sh"},"ip":{"addr":"54.240.174.12","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.311Z","timestamp":1782208620311,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"assets.emergent.sh","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 17 Sep 2025 00:00:00 GMT","end":"Fri, 16 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"32:7F:85:1D:EE:8D:63:A0:65:71:AB:DB:CE:D9:4D:23:E6:8D:C9:93","sha256":"D9:37:38:24:9C:9E:D3:58:DC:D1:82:40:0B:A1:B1:14:E0:DF:6D:C2:A7:7C:13:92:56:B7:24:0A:16:32:B6:CB"}}},"request":{"raw":"GET /scripts/emergent-main.js HTTP/1.1\r\nHost: assets.emergent.sh\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript\r\nlast-modified: Thu, 18 Jun 2026 14:04:15 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: jyB3I5Q7s9yxaEzemXVB443kJ4X72eZQ\r\ncontent-encoding: gzip\r\ndate: Mon, 22 Jun 2026 14:08:51 GMT\r\netag: W/\"7959b4996fa8c5d01998df94ad7dd751\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 96MlmLYLGZg51Lm0GD7ZkjwE2BtPP0vY9dR8-2uDBVwSu0ISpJmjdQ==\r\nage: 71290\r\nvary: Accept-Encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":18987,"size_decoded":6024,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"3d509e6f6db7779da7ac19a653b6fa67","sha1":"3044f3e4ae0831e7bf9338316dc00f4e3b1f164e","sha256":"d44385a34c94f150e551d65d61953b869e2d092178381669d4d73f602770761f","sha512":"27aaafb9e1def6121a9a6b31ddb6fb73861bc12c62fd96a397fa2b95cd69057c431635936399e927c406af91f9ea911534bfe8ee78c79b797f7d96417ba7e680","ssdeep":"192:0j1rXaJq4F9cxfs5a6aJVg2E8FzCQfuV4HlT80Q5xmQalUwbCMLnzvXgqHO0bHOu:2rYZIdFWVA0ApLnzvwiMHZg6Q","tlshash":"1c82961649a10033492791ad2b8bb585323080471d52fcb8bfcd87983f9d56e9bf27ee","first_seen":"2026-06-18T16:40:57.304484Z","last_seen":"2026-06-26T16:35:41.959582Z","times_seen":67,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":32,"connect":1,"send":0,"wait":2,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/static/css/main.54babbb1.css","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.314Z","timestamp":1782208620314,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /static/css/main.54babbb1.css HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 7070\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"main.54babbb1.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\netag: W/\"e9485b84211af80b79ce382bdbc1b5c0\"\r\nlast-modified: Tue, 23 Jun 2026 07:59:10 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::hqncz-1782208620319-2b807949c8c7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":68795,"size_decoded":13484,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (63157)","md5":"e9485b84211af80b79ce382bdbc1b5c0","sha1":"c6e92b93db990000effc7ba794117e0696ce49cf","sha256":"590d2b9854f8300b87e744df61a05ca6afbe0f5803f65a830b352609fee843f6","sha512":"cf9d07e4ae08e8577af32c55ce936de4c7f8dca8e9be87182ea75b53030966d787493d7cfdaf6128779a2283115ee6612acbc37a56a6640f012217081808ed6a","ssdeep":"1536:aFsofh7+HY5VaxYF6ccw5G6jaDPgvl9DNtnG/Wxm7hbbH0E:aFsofh7+MVaxYBcw5G6jaDPgvl9DNtns","tlshash":"d263a52aa958503f7c23a1f8c3dcb9ec511af0c0dd3b07f9b996512467e36f529ab604","first_seen":"2026-06-23T09:57:29.588227Z","last_seen":"2026-06-23T09:58:30.301328Z","times_seen":4,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/api/config","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.566Z","timestamp":1782208620566,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json\r\ndate: Tue, 23 Jun 2026 09:56:57 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::mk57f-1782208620572-3eae2376c628\r\ncontent-length: 186\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":186,"size_decoded":512,"mime_type":"application/json","magic":"JSON text data","md5":"5e593d798a0b7b60a11b1fde80e56b42","sha1":"0521bd108e05193e48ada401e886faa395d85292","sha256":"1354623206e5a40be74e0e8acb0f26b4142d540948b42aa291335cfa8fc415af","sha512":"a5f354cbc3a6101dd3616394fa6b64ae23d9e5e49171f734cd015b087261942530cfd37d917ea0310b042bf2ebd935fa7e76cfb8c58493f3b36dc6bafbe643bd","ssdeep":"","tlshash":"82c012fb73102075e30c41e6380476ceec22909ffcf0d88de0c08ee05494ea1201c431","first_seen":"2026-06-23T09:57:29.585629Z","last_seen":"2026-06-23T09:58:26.933309Z","times_seen":2,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.846Z","timestamp":1782208620846,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18940\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 21 Jun 2026 16:06:51 GMT\r\nexpires: Mon, 21 Jun 2027 16:06:51 GMT\r\ncache-control: public, max-age=31536000\r\nage: 150609\r\nlast-modified: Tue, 09 Sep 2025 18:33:46 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18940,"size_decoded":19753,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18940, version 1.0","md5":"5c8b2708e9cd88a6c9e2172fd1a09d80","sha1":"f8da9a4c7fe5fbb441e8e1e2587f8e7e8e25bf8b","sha256":"20fc1e117a255531a9f1bfc780fa9827a22820f8e07560b155323dff5fd908f2","sha512":"d56292486b6274e3d0d5a00cfa19573469ac4d4173fbdc786cdede8d9e18b8eecba8aa647a115b32770feea0ac2d59c54092642863d4cc2ea725560435c6b780","ssdeep":"384:B5OeSmylzizCljGvu0333XLJyBo9/fsItLbLvAsik1LJ57o:BTylizClUpH9mo1UIt/Lykpno","tlshash":"3c82e0a7f1a24589d84b87c02098e7546967b70821d6acea411be4d90bdbf5e20ad32e","first_seen":"2025-09-12T00:27:30.877732Z","last_seen":"2026-06-26T19:27:02.014459Z","times_seen":2631,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/favicon.svg","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.878Z","timestamp":1782208620878,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 62080\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"favicon.svg\"\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\netag: W/\"3e11659b202b9db24eb6d99075d9ea41\"\r\nlast-modified: Mon, 22 Jun 2026 16:42:20 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::mvj8b-1782208621045-bdcc2aea47cc\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1198,"size_decoded":1026,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e11659b202b9db24eb6d99075d9ea41","sha1":"56dcd50cf75e77df8738a1e1fb339b9c35fe096e","sha256":"a47eee267a4424e6174d7c3d8702be43b507340438266709ac1985578a8b4c74","sha512":"62d0152ff4f55f992f790b1db6fff101a4d7d8a78f1cacc1c3e78efd9367d8ac3ac9c9152708bcb91d9162d8f6457c3687cd898a152c0ef5dee4eae6a46ef733","ssdeep":"","tlshash":"e021dd55c6c94966e801831bdb18f429123f478326468724787e2b396f9479b27ab3ec","first_seen":"2026-06-23T09:57:29.589812Z","last_seen":"2026-06-23T09:58:30.303062Z","times_seen":4,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.879Z","timestamp":1782208620879,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"OPTIONS /bot8985091533:AAE72fpF3qP7tZ9Az9JVEQZ2YNuUwE6rIUk/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://www.ils-usdt.xyz/\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\nserver: nginx/1.30.1\r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":334,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T19:34:36.207607Z","times_seen":16740905,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":0,"connect":23,"send":0,"wait":22,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/api/config","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.570Z","timestamp":1782208620570,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: application/json\r\ndate: Tue, 23 Jun 2026 09:56:57 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::4lxt7-1782208620576-f5ae3c471feb\r\ncontent-length: 186\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":186,"size_decoded":512,"mime_type":"application/json","magic":"JSON text data","md5":"5e593d798a0b7b60a11b1fde80e56b42","sha1":"0521bd108e05193e48ada401e886faa395d85292","sha256":"1354623206e5a40be74e0e8acb0f26b4142d540948b42aa291335cfa8fc415af","sha512":"a5f354cbc3a6101dd3616394fa6b64ae23d9e5e49171f734cd015b087261942530cfd37d917ea0310b042bf2ebd935fa7e76cfb8c58493f3b36dc6bafbe643bd","ssdeep":"","tlshash":"82c012fb73102075e30c41e6380476ceec22909ffcf0d88de0c08ee05494ea1201c431","first_seen":"2026-06-23T09:57:29.585629Z","last_seen":"2026-06-23T09:58:26.933309Z","times_seen":2,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.616Z","timestamp":1782208620616,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 01:47:53 GMT\r\nexpires: Fri, 18 Jun 2027 01:47:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 461347\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-26T19:28:44.43631Z","times_seen":219542,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":32,"send":0,"wait":19,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us.i.posthog.com/flags/?v=2\u0026_=1782208621051\u0026ver=1.392.0\u0026compression=base64","fqdn":"us.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"3.215.230.5","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:01.056Z","timestamp":1782208621056,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:93:A0:4B:D8:27:D0:2A:1E:35:71:6C:A2:1C:2A:2C:2E:E1:A7:D7","sha256":"2A:1F:69:7F:28:B0:DA:BD:59:C5:0F:27:B3:35:6D:E9:5B:8B:A2:4A:F8:89:F1:F0:10:CD:CD:8F:62:8E:07:E6"}}},"request":{"raw":"POST /flags/?v=2\u0026_=1782208621051\u0026ver=1.392.0\u0026compression=base64 HTTP/1.1\r\nHost: us.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\ncontent-type: application/x-www-form-urlencoded\r\nReferer: https://www.ils-usdt.xyz/\r\nContent-Length: 1293\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/json\r\nvary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding\r\naccess-control-allow-origin: https://www.ils-usdt.xyz\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: x-posthog-rate-limit-warning\r\nx-envoy-upstream-service-time: 27\r\ncontent-encoding: gzip\r\nserver: envoy\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44271,"size_decoded":7385,"mime_type":"application/json","magic":"JSON text data","md5":"5b66b4f39ca10848a1879b6fbf0d019b","sha1":"87cc340f03d40a4b4b16ca2688bdfe8652b91e3e","sha256":"a2db02f1ae9d789d38e3f07b3181886191bf4a6158cc8036921c6b34d114239a","sha512":"2d4fed5b4f83deda6e9a12f374ba9db2cb68b7a4e08db3ba9ebf9f940ce51426889d651bcabb33ce111271875fb0da270bfb2dfd39148430a6b9d0280ceee72c","ssdeep":"768:OWVx4420DsfYzXBk/Si4CmBBErDrfWUmaX:OWl20DqYzXBk/Si4CmB+rDrfWUmaX","tlshash":"e5133831ac14f9b7658fc3a088adfe164b7e277b0a514c500c469a3c43a76f5ba2bc75","first_seen":"2026-06-23T09:57:29.591252Z","last_seen":"2026-06-23T09:57:29.591252Z","times_seen":1,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":0,"dns":0,"connect":92,"send":0,"wait":123,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.ils-usdt.xyz/","fqdn":"www.ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.16.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-23T09:56:59.698Z","timestamp":1782208619698,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:44 GMT","end":"Sat, 19 Sep 2026 11:32:43 GMT"},"fingerprint":{"sha1":"FB:AE:A6:16:33:F5:A5:C2:C2:3E:A0:52:98:03:29:CB:77:20:F9:04","sha256":"BA:A1:BB:B6:8C:55:EF:F5:83:1A:04:50:9A:A2:92:EA:5C:57:88:2B:9F:EA:2E:66:D6:8F:07:95:CA:89:7F:C3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 62081\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index.html\"\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 23 Jun 2026 09:56:59 GMT\r\netag: W/\"c995ca13e0db6ed27e46ddcf485e6cd9\"\r\nlast-modified: Mon, 22 Jun 2026 16:42:18 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::92g27-1782208619861-d9a40708024a\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3204,"size_decoded":2155,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3202), with no line terminators","md5":"c995ca13e0db6ed27e46ddcf485e6cd9","sha1":"e8f60d22cf54f2f7f065d8d4fd06772c1c84cd11","sha256":"8c4e1f232a3ae25033f638667880a47425b5526ab5f0978247f7d1c2473af428","sha512":"d076cb1df24572f9291a63b994365b9996e5b66f51cf2290faf0e6bb37943edf08f5018aaf9066173ee130ba2f8b567278be2a2f4756a6ff08014cf6387ab94f","ssdeep":"","tlshash":"f261a40eed02e83347a0f6e279b6b80ecb5e06884734dd41f5a140c98690ec6891af6d","first_seen":"2026-06-23T09:57:29.592148Z","last_seen":"2026-06-23T09:58:30.304046Z","times_seen":4,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":123,"connect":1,"send":0,"wait":13,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"www.ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.572Z","timestamp":1782208620572,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 05:11:37 GMT","end":"Sun, 13 Sep 2026 06:11:34 GMT"},"fingerprint":{"sha1":"CE:63:0D:F2:C0:D2:04:93:CA:AE:0D:AA:ED:9F:31:01:7A:BC:69:40","sha256":"0D:2E:E4:8D:BD:B6:76:95:B5:BD:B8:C5:CE:61:98:B9:6E:81:B5:4B:16:5C:C0:0C:C9:FB:54:0B:B4:A6:7C:65"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: GET, HEAD, OPTIONS, OPTIONS, POST\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://www.ils-usdt.xyz\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NGFCGbJlQ33IM4ZjNocMkkA8cAmASxklURueq%2BZnY0%2FAgy%2BSoVk4vX2jBpzlyB2GGLKpoglbGir6w0YOiyTJcik%2B0oNMt9jFJJxt0yw19YyNopH0WOyo%2FQYz\"}]}\r\ncontent-encoding: br\r\ncf-ray: a102a046ad2c56c9-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":740,"size_decoded":2108,"mime_type":"application/json","magic":"JSON text data","md5":"d2af8351f20ddbf5b2dd20e207a1cef8","sha1":"320e39a537d22eb872fd51219487845fbc7ed793","sha256":"847f90de7d1ee517a339c14ad8df1ff72221f972c2f38d1c0994aa7e88e91fc0","sha512":"f49b84ce692f58fdb320a179feab901b308f8ba2d32ec903a7969c1d8635c5f8c87c8453d7d0d431acf97bd141405bf756ba000616449852442d10e987d95dc2","ssdeep":"","tlshash":"3501df68e4780f7b9cb8135870786817113422175e563a8e7bd4a74d0f8d8bf30b135e","first_seen":"2026-06-12T21:51:12.464949Z","last_seen":"2026-06-26T20:00:07.299805Z","times_seen":605,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":4,"connect":3,"send":0,"wait":246,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/posthog-recorder.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:01.046Z","timestamp":1782208621046,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /static/posthog-recorder.js?v=1.392.0 HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/javascript\r\ncf-ray: a102a0498a970b51-OSL\r\ncf-cache-status: MISS\r\nx-amz-version-id: KsJkA6Fb_v3feAaj7J.NOTIrWGjmMwTZ\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nx-amz-server-side-encryption: AES256\r\nlast-modified: Mon, 22 Jun 2026 15:27:12 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\naccess-control-allow-methods: POST, GET, DELETE, PUT\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nx-amz-id-2: +FsbO2wu4l+vfFygVXZaDRUIbTxtAPWBUvOULhpeQB3PvTvmX+YOcROtOcYQbjt4/x771bNOO2Q=\r\nx-amz-request-id: 6C07YN6GEYHJ9G0S\r\netag: W/\"5438c96d315735fadb9879cf2cdc85cd\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":157914,"size_decoded":52159,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5438c96d315735fadb9879cf2cdc85cd","sha1":"ebad97bc3ff1835da256f84741526ff8b77ca518","sha256":"63040c5e72195e7e02ae8c654e5468b9f37848cbe5cc4300dd77bb1366ab7431","sha512":"ec691d0374d383ec9fce904225d4af39fef7c8229b11ace618feb4c6950f9a590a56b3325bc25fd2026538a223c06a298abc098b22b7020a9e94ef6ba654ea43","ssdeep":"3072:kxL4xa7FMZcGPOdkxYWwqrrMe9bf264yVqP:kxL4x4FxGPOdkxY3qrrMe96hH","tlshash":"87f34ccab765a03357e5512980af0203f2353619704a80a8f2aed9e9357c9c771b7f7e","first_seen":"2026-06-22T15:44:20.426719Z","last_seen":"2026-06-23T10:17:43.398989Z","times_seen":31,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.308Z","timestamp":1782208620308,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Inter:wght@600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 23 Jun 2026 09:57:00 GMT\r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2591,"size_decoded":1319,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6047a041c56fc1275ceea606848dc0c8","sha1":"f0d19dbc2cec6c1c8289b577d68060115a5d98f9","sha256":"6f3fe784a8b0168bff4615d82d9e49b7fd85eaa4e5f3e5e2ea6e32bfb902ccd2","sha512":"62430268b9a04bf5edd6accda5a05513580388e26327eb693878e7352d899ad211f4e14beb9ee2518ad1e85e3ba681208f10f0083997062c7e0de2efafdeef5d","ssdeep":"","tlshash":"4351af91002ba500ab871dd673cf3f35aece72482085c5b95bfd0dc59cdae26036978e","first_seen":"2025-09-17T10:36:36.253362Z","last_seen":"2026-06-26T05:57:27.463886Z","times_seen":728,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":36,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.622Z","timestamp":1782208620622,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 01:47:53 GMT\r\nexpires: Fri, 18 Jun 2027 01:47:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 461347\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-26T19:28:44.43631Z","times_seen":219542,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":31,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/web-vitals.js?v=1.392.0","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:01.053Z","timestamp":1782208621053,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /static/web-vitals.js?v=1.392.0 HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:01 GMT\r\ncontent-type: application/javascript\r\ncf-ray: a102a0499aa10b51-OSL\r\ncf-cache-status: MISS\r\nx-amz-version-id: ndFSIjz2Fm83FIcTBJaIqV3y2c_2TmVF\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nx-amz-server-side-encryption: AES256\r\nlast-modified: Mon, 22 Jun 2026 15:27:12 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\naccess-control-allow-methods: POST, GET, DELETE, PUT\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nx-amz-id-2: fXSOYLzpQxLoE/LNqnk+jIu5h4n+4momzgIvlIw2L7JKVFGL+HHhHPZzbKgtDO1XJ/bN3u4z+umAXrnWFyPE2uZwhjXTGJH2\r\nx-amz-request-id: 6C0C9FPTGMEKHFMB\r\netag: W/\"40bad0569789999bcb1541198620fa48\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6460,"size_decoded":3421,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6420)","md5":"40bad0569789999bcb1541198620fa48","sha1":"8e776d3c859d5fddda48614d07b57ac26657fe72","sha256":"eb3f494aa34624b6e9b1010d8a242de308dc344c0011f3686784c9b5977d9ea4","sha512":"5bc9d4e6237640cdb37a6bc48264c604ba37492b6113d699444a6b35b3dce1408d8b9eab9d306e4f6ec23384baf4b0f0f7a154d2e7092ddb6e9db8d4166b94f5","ssdeep":"96:t/CG4vzq4AQ6lXT2AWUlDmSpHmU9ef1yhyljTjPmVDD5LoNUKpwmDUePij:1CG7FNToU0jki1XljfCSGKp4yij","tlshash":"83d1e8f9af81d43812bed1ba90795153323567a1a509419ce23fffe018ac8c6635bf32","first_seen":"2026-06-19T11:10:18.47296Z","last_seen":"2026-06-26T20:21:29.843071Z","times_seen":498,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ils-usdt.xyz/","fqdn":"ils-usdt.xyz","domain":"ils-usdt.xyz","tld":"xyz"},"ip":{"addr":"216.150.1.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-23T09:56:59.376Z","timestamp":1782208619376,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ils-usdt.xyz","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 11:32:11 GMT","end":"Sat, 19 Sep 2026 11:32:10 GMT"},"fingerprint":{"sha1":"47:CD:B7:32:24:0B:E1:78:1E:E4:EE:56:1F:26:C9:40:42:35:66:15","sha256":"60:8E:16:47:4B:76:EF:49:91:39:55:2F:BA:8C:12:11:37:58:6E:3F:F9:7E:C8:21:BB:CF:9C:DF:5E:82:8E:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ils-usdt.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 308 \r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html\r\ndate: Tue, 23 Jun 2026 09:56:59 GMT\r\nlocation: https://www.ils-usdt.xyz/\r\nrefresh: 0;url=https://www.ils-usdt.xyz/\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-id: arn1::77lxv-1782208619678-3e9b7d1d3c67\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"308","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T19:34:36.207607Z","times_seen":16740905,"resource_available":true,"data":null}},"time_used":305,"timings":{"blocked":0,"dns":263,"connect":1,"send":0,"wait":11,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"ils-usdt.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"us-assets.i.posthog.com/static/array.js","fqdn":"us-assets.i.posthog.com","domain":"posthog.com","tld":"com"},"ip":{"addr":"104.20.17.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.457Z","timestamp":1782208620457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.i.posthog.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 21:41:31 GMT","end":"Sun, 16 Aug 2026 22:41:30 GMT"},"fingerprint":{"sha1":"65:54:A8:E7:4A:54:52:B8:AD:56:6E:86:56:B4:80:CE:AE:0D:DE:6C","sha256":"26:C1:37:27:1D:31:15:CA:10:5E:F2:91:E8:1C:A7:AA:B5:DE:94:21:D8:9A:4A:1B:63:2A:D2:B5:87:38:6D:B8"}}},"request":{"raw":"GET /static/array.js HTTP/1.1\r\nHost: us-assets.i.posthog.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.ils-usdt.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Tue, 23 Jun 2026 09:57:00 GMT\r\ncontent-type: application/javascript\r\ncf-ray: a102a045f8160b51-OSL\r\ncf-cache-status: MISS\r\nx-amz-version-id: 5pXs40xReW.I71RKQxU0f.8Qm_QDtosE\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nx-amz-server-side-encryption: AES256\r\nlast-modified: Mon, 22 Jun 2026 15:27:12 GMT\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\naccess-control-allow-methods: POST, GET, DELETE, PUT\r\naccess-control-expose-headers: ETag\r\naccess-control-max-age: 3000\r\nx-amz-id-2: DH83hA1dNsfHiMVf5KmICW/oxN23N4MWlwJBNb/sUhU/MQmeGhSo2pgr+omeLCpuNFuxx+Qk/Eog2HzYxp3NED9kBQ6vTR62\r\nx-amz-request-id: JY0K2J60CTQFJABT\r\netag: W/\"ffdb0f2bfc52d604a5f4a7053795ed10\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":211638,"size_decoded":70468,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators","md5":"ffdb0f2bfc52d604a5f4a7053795ed10","sha1":"cfa2f7982c753289d8fb789038afdacea355075a","sha256":"b17f1d58ec538092f68dc2d7b3d659b675c00987eac4935dd3400ac44e63445f","sha512":"b26a3e8b510a1209b1f7ee1e80a98685343c1cc64f28b67d42a8e14395f7740602343c7f620cb9286c5dbe0e7a3ca4567580aa1e1a09514eff319e9655acdeb8","ssdeep":"3072:V3sR8nyt6+VXn7KCOyOFev8cdhc0zfiBfweO:V3sR8JgXnuCOyJ/dhc0+BfvO","tlshash":"9b24fa87b77ad03246e690a5d03a0103e32a7b4a6159c06cf36edccd359d58ab277f36","first_seen":"2026-06-22T15:56:13.447386Z","last_seen":"2026-06-23T11:07:14.260015Z","times_seen":32,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":3,"connect":1,"send":0,"wait":166,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.ils-usdt.xyz/","date":"2026-06-23T09:57:00.623Z","timestamp":1782208620623,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://www.ils-usdt.xyz\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 01:47:53 GMT\r\nexpires: Fri, 18 Jun 2027 01:47:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 461347\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-26T19:28:44.43631Z","times_seen":219542,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":24,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}