{"report_id":"c53e898f-919d-4e12-9a32-9e9f2aba7e1c","version":6,"status":"done","tags":[],"date":"2026-01-07T15:05:14Z","url":{"schema":"http","addr":"usdt915.com","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"104.21.21.117","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"title":"Blockchain Investment Project Website - Unlock Financial Freedom","dom":{"size":10908,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4205)","md5":"596ed352c08bfd9092febd1609c67925","sha1":"363457eedfc44b84d89260379e4fb091dc28e384","sha256":"cac51698ff8d29579c3c7d82f8ffea716efbaf0253efc308e9b2045133f36083","sha512":"9017cbd90ebda570909d56c1cc4498c99a913d6399053dddfb4aededee061096e7ed2b9307bcf42e4ece2e17537b50d1838e18d8364f32581736a88dd1fd7dd2","ssdeep":"192:g2T/bSaZpwVpbcesy34jZMsHgSDsigysrrxRco/zTJ:9wMJdFcrrxRco/zTJ","tlshash":"4d3230143844409912363f43f9d2d65da982730bc711d878b4bf57a99fc8ed98cb6c76","dom_hash":"domhash4712d56d81cc9f483775ba9c69a96cfb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usdt915.com","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"104.21.21.117","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T15:05:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"rtfsq.top","ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"domain_registered":"2025-06-20","domain_rank":0,"first_seen":"2025-12-27T02:50:01.751756Z","last_seen":"2026-01-03T22:01:19.897088Z","alert_count":1,"request_count":1,"received_data":220,"sent_data":397,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-01-05T02:41:01.3201Z","alert_count":0,"request_count":1,"received_data":354,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"apis.usdtifa.com","ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-28","domain_rank":0,"first_seen":"2024-10-26T21:39:02Z","last_seen":"2026-01-06T13:38:29.077097Z","alert_count":0,"request_count":2,"received_data":154248,"sent_data":1065,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"124.220.203.60","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-05T13:13:41.270215Z","alert_count":0,"request_count":1,"received_data":578,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"usdt915.com","ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":59,"request_count":59,"received_data":1319378,"sent_data":35152,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T23:16:57.988363Z","times_seen":98187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b0efbc289fa81555431fa55aecc16bdb","sha1":"c003e091a0c7577d31a08aecedfdf0fbf588a537","sha256":"3b4ede29d0c79d3efe1a1ff3cbfbd15653230a9b26d40b33bbb1f78b465d85b1","sha512":"3571fd6c4175cd3725b3072f73015426e759dde85199169e18bcee1292ebed1cebe10a929fe05561842703f59e82f528965fdff7cbe61b342040c3035ead5639","ssdeep":"","tlshash":"48e0618250e7295c0520816a354ec5171f6505b39e818d513c8c7765cff5e4bc05d858","size":420,"data":"","first_seen":"2025-04-05T05:04:23.897278Z","last_seen":"2026-06-05T23:43:56.968069Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/index-DcZrAb-o.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28ee8c25bbc5545a74782a7951b9a6fd","sha1":"2194b6108264af7ded37b7e0eee6387f4093b775","sha256":"4639c812ad55aa7e23890138b4f979c821075b2d3a17607044b736f3fb373be9","sha512":"4e2851f1fac247d5cb7ec79db7e1c856bb7b4577609301bb10b73d10b2fe00eee81302d0d206b2bb017ce53e33b2033a050957874065936881c9bf45a2ac223a","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+50ROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttKE","tlshash":"1a05af9a338a702106f536d2306e3631a3745e65f84ac0c876dcdeea25fbc056297f79","size":873735,"data":"","first_seen":"2026-01-04T07:38:56.489286Z","last_seen":"2026-03-08T15:12:25.595754Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0951a72701a995f6f19518ce49792325","sha1":"6995a4b50a7fd86a4fdf32657d5fbf60d39b8605","sha256":"59bb000eb5de16037c3cfd8c30b75845ad57f4564920866696ce1e9f1fe7f3fc","sha512":"14be3bb5051110025b856b2c17e66795a3c1bb0976e4ff738747edd8bbdfd1cda3ea1838184affafcfd5fdd5c03a29e6370a5f4709d7288aec1f135c8e22f0af","ssdeep":"","tlshash":"55014908a3f221a2912b74bc8b9f9614293040037508ef51bd9c5781bf9643486ebfc9","size":758,"data":"","first_seen":"2025-04-06T03:52:55.464031Z","last_seen":"2026-06-05T23:43:56.971169Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e267cc44511bdcfb9d6a29aa9e0f9e87","sha1":"7068144ccf89432eab5a1b51f1d7634ff629fa21","sha256":"5df8efa06d78c4e24760df1e0f34d1487deb5109f000bed21b225e9e84617782","sha512":"34223ca932af064d34bfb746454477f0edd1a28f495a12642b5e5b107a07029685ba89ebafbf0f12b035443fd0352d8b333dc969e7e63dea56f1271bf8056a52","ssdeep":"","tlshash":"7fa001a3cd57d739187d90282301594daca3068204224c84369f28421fc81006081983","size":72,"data":"","first_seen":"2025-08-26T17:30:33.459192Z","last_seen":"2026-06-05T23:43:56.981187Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e40cc2aab8d5d376280c17d363344fb7","sha1":"75c283226da7b59501ef980f3f8d8256a1425ea2","sha256":"187749c0617b275173ac1ef4e8273c2e95cb5ed334d3a1baa5235251ed02e545","sha512":"0518d6e4f074dd336768ae9d292bbb2baf2db8866645d7d938143fe77f3fdb283d47af41d852165a22ae63e9c11d4f41ca8762b253dac0ed14e17a77da098810","ssdeep":"","tlshash":"18e0d8736f5665744473e02e637f7720753b516b4250c9067a2c868c0fe0a87666d6c9","size":411,"data":"","first_seen":"2025-08-26T17:30:33.468213Z","last_seen":"2026-06-05T23:43:56.989253Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T00:16:58.843198Z","times_seen":15893,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"124.220.203.60","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:56.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:04:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Wed, 07 Jan 2026 15:34:58 GMT\r\ncache-control: max-age=1800\r\nset-cookie: __uni__uid=rBEQiWledhq3V54DAxKlAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-07T00:16:58.838566Z","times_seen":16197,"resource_available":false,"data":null}},"time_used":1929,"timings":{"blocked":689,"dns":41,"connect":243,"send":0,"wait":551,"receive":0,"ssl":403},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-5b\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=azsm7TAjMSRWvcsWsUK6QfPrTBHnZaVO9gyVoVoKp%2Bg7TWvfQeu3tGHHcJUo6YS7rUybdTQDEaQrfFqshWOKdlcjAhrnCaZPnA%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b75b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-06-06T22:30:21.851682Z","times_seen":1551,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-confirm.CZKi1fy0.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-confirm.CZKi1fy0.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-876\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2kWyqvkhTY3jCIkIbt4mRWI77OfzaywWu%2Bk72mqB%2BrbSWKlZUi73urfUJ4tKZ290RHJzTdtdN1sI2tjtu6sLAuKMDxilkU8rQw%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b7bb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2166,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2157)","md5":"b90ad9ec1500bae4bbef53e9938a498a","sha1":"258e8842494d8f0cfa7efa8162543faf0383a1ba","sha256":"47ebb75c45d09b00eea20a4f0c4afff1ccfa257178f13c1b64182a0cd070e17d","sha512":"2f949a4f4dbaf49d9cddd28c86561880763b573ff082a03a3ef91d302ab02aaa7359b1fb72938c2e4ef8d96cafdb62a85f89445a1ae0286d5ab0fb2e2604e76d","ssdeep":"","tlshash":"0841730dbe1c9271ea83a349d541652e723b2fbd72163a0ff0fc1c9e07b0c64b99525a","first_seen":"2026-01-04T07:38:56.318065Z","last_seen":"2026-03-08T15:12:25.559658Z","times_seen":12,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-popup-bottom.CgdlVUp-.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-popup-bottom.CgdlVUp-.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-520\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W2OxhUbY%2F6FfpgcMF1zq9EZ2WlxHiVbN%2BH1Bf%2BszMS%2Fs46OtoppBC5eGOBj5LbA7GnHSCoERPutn%2BSOmG0%2B5UDjChHc3ZsaYSA%3D%3D\"}]}\r\ncf-ray: 9ba459adab87b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1312,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1311)","md5":"0eecde68cbd42c412bd4d60e69245b86","sha1":"821df9d67330105c276d3eb6b9eedea74bbea782","sha256":"a006b09b3ceb3245697dd97773b7f0de5f4598030a64e648f1c37e073be7e413","sha512":"38cd50bd821acd891ff1ab4a41efff6789b8801484e801db5cd9deda6d37b240e4c869134f8816c13534691d3689e395fb6b2ff5a4abd49497d4fed7ee6bb3eb","ssdeep":"","tlshash":"fa21f009381db033649b497c52600e001428cf6ceef43eeab6d160764b9989ca64db24","first_seen":"2026-01-04T07:38:56.373648Z","last_seen":"2026-03-08T15:12:25.537181Z","times_seen":12,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/index-C2R1XfRB.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:53.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/index-C2R1XfRB.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:53 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-79c7\"\r\nexpires: Thu, 08 Jan 2026 03:04:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8YlBvi4j9xZS0Np3Ze8iyEF5273N9WeMfC1EpSvJnS0ZuFjCTR1%2F%2FYUaSaGdJF4lkDCFXKuemrh0nHtIYm0ISjTY2xTh5RCHnA%3D%3D\"}]}\r\ncf-ray: 9ba459a49aaeb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31175,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (30950)","md5":"92b434074c6cf3e47cb9a2658db8ff08","sha1":"ea753d3fe316f85264e01edf521521958668a9b5","sha256":"4014fcaa52dda1b273304725500679ec91f70da9bd54c6fedc9c63a6fdfd382e","sha512":"b59cb7e09b90d2f7d5941e1d87bdcb210f324a997cf94887c8f9ddf59b02a712d80b6f0927d4475b7044f11c7ea01677a0345031273a8d82697305b2792af083","ssdeep":"384:qeDzFzaU5couyYDdnsf0VSxa15tVjaXeCcrUUf2GWthmohI:dDpOHFVdS+SE7wfcrzf2RDI","tlshash":"ace2c5bf598d14c873baca43e75077ec2d25f52ac362489ef067294ccdc72a31a5266c","first_seen":"2025-08-26T17:30:33.412092Z","last_seen":"2026-06-05T23:43:56.951239Z","times_seen":23,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":683,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rtfsq.top/1.1","fqdn":"rtfsq.top","domain":"rtfsq.top","tld":"top"},"ip":{"addr":"154.198.49.35","port":443,"asn":138995,"as":"Antbox Networks Limited","country":"Seychelles","country_code":"SC"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:53.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.rtfsq.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 23:23:46 GMT","end":"Mon, 02 Mar 2026 23:23:45 GMT"},"fingerprint":{"sha1":"44:D8:A2:09:D5:CE:EA:C9:55:12:2A:B8:78:4E:92:E7:12:AD:51:91","sha256":"41:C7:8B:8F:B7:71:56:D1:BF:C6:13:70:EE:EB:69:23:19:45:C5:56:EE:AC:6B:E0:51:B8:C7:AA:FB:FE:C2:28"}}},"request":{"raw":"GET /1.1 HTTP/1.1\r\nHost: rtfsq.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 07 Jan 2026 15:04:54 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T02:09:46.692243Z","times_seen":16200239,"resource_available":true,"data":null}},"time_used":1605,"timings":{"blocked":650,"dns":56,"connect":294,"send":0,"wait":296,"receive":0,"ssl":306},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"rtfsq.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-checkbox-7UAD-_pA.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-checkbox-7UAD-_pA.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-342\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hrIGtTMLr0ANXzvAlhAFdMnXKK7IRUk9L3S%2BUnsmo12pZPaSMjfnQDUAcMpngxGbf%2FXoY4CA2L8Ve6aFf57B8WzW1aJAVmo5lg%3D%3D\"}]}\r\ncf-ray: 9ba459ad7b6db512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (833)","md5":"1d133a333267da931a20d39afae27197","sha1":"9c1ef3abf336ec77b39598b7bca0158d9c1371d7","sha256":"3f115aead4f822dc2e19473faedf8f874eeeab803c7a8b278af6e5a394547196","sha512":"998e29f964a04a62bbefd183c08b6bdc2fcbe0ae92b362679ca01e5f70fa510ba732f25fa5bf8561dcbbb86dca3e1099b5dacb817b2e5f7a3eae44f43da2c4e6","ssdeep":"","tlshash":"fc01cc33fa882518a233c7013391decd563a8381d766061ab39069144ccf78e2ea7649","first_seen":"2025-08-26T17:30:33.400114Z","last_seen":"2026-06-05T23:43:56.921574Z","times_seen":22,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/transfer-BRg7NsZa.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/transfer-BRg7NsZa.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-568\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nHj9RYmt2odVSXYUldoWJ%2FWDWSCJpb4%2FL4Wg9sGoNBp0QRLJP%2FvyWQRsWyF9v9WmcD0RIkb8drjhB0w8iigUkTDH84RZGVTLOA%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b72b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1384,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1383)","md5":"8732b3e9351dbf0b861b02335c964d20","sha1":"6cad70740f42e02a06acdd1d47acc4397644e789","sha256":"d0fcdcfeb22f78ed82a487b1713e7102184a57059d7a278b811ba1a2a3970a8c","sha512":"ac3ad5cd570bf9a4c872df2c1f6f9ce2eafaf9cb843cadd1397e8eadadbd2d7aa77d147cae133564c8a5d68fcd8ac935340df1571fdd45966ab8da23915a8010","ssdeep":"","tlshash":"0c21475df54c2d6664b7db0a18f287cd9922b6b6c801565dbc6b3b10ccab3c3241678e","first_seen":"2025-12-31T19:20:07.098297Z","last_seen":"2026-06-05T23:43:56.951965Z","times_seen":17,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-auth.O6aQRiEh.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-auth.O6aQRiEh.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-20a\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RLOHJSld0m9PwZvOK133%2Bs3eYtrDh0T6ewmuaMVlq3hTCgOaQb7bsKmAgoBbMtwJl%2FWmHh06yWahggPzvLc0EKaWJzCqUdr%2F9w%3D%3D\"}]}\r\ncf-ray: 9ba459adbb90b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (511)","md5":"edcaf3e657dd80dabe9becb3a27ca814","sha1":"63616b2ae780d062e87b61eaaf51fa8484057f06","sha256":"bbc2df21eaa08288507c0de9134c609375e4cf123accee61601561ce5d23491e","sha512":"b965b0680db5dbad080ae3e6daf4e45126e09826457c28c7a8d01e8805f53b8081360585cde9666211ec5a995da55bf2567b6a11b8eacecdd2b0d69e0d26549d","ssdeep":"","tlshash":"68f0054d3c64c63001c068d85611a81040292d5c667a78c7e1df65ed0a7906ec81df1a","first_seen":"2026-01-04T07:38:56.367866Z","last_seen":"2026-03-08T15:12:25.555365Z","times_seen":12,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-stat._gfGVicY.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-stat._gfGVicY.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b39\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FNz02TT1h8x9on8iE0UWJh%2BAFPqgf8shqXEtE51gF4qMMAiQHBuCtznvEEt1br4lOEPEfmzS2ao%2BZbyG3mQ1%2BwG0kvwHGmslPQ%3D%3D\"}]}\r\ncf-ray: 9ba459adab88b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2873,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2834)","md5":"95a9410ef94036eebd23b32d2cd13295","sha1":"39151ad3e138aab415b315c536cdcfc176e03c38","sha256":"865ddbfc42705393037ebe542af4cbd02639721c299acd2d6f96bf27ea368d15","sha512":"361a5e084566d62b2b04636678c0840c5c0f562b0f3f05fad79514d2d5a33ff85d287e354dffd3e41cd1aa1e8375059a9b07461515779e1942ecca212948b42c","ssdeep":"","tlshash":"9d514104752cc47b1892e01e65d0441bb2ab1ccd86b4753f65f6987e13e9c1864adfaa","first_seen":"2026-01-04T07:38:56.347472Z","last_seen":"2026-03-08T15:12:25.515963Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/InputPayPwdModal.Egr7JNzI.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/InputPayPwdModal.Egr7JNzI.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-999\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E56NRu3%2FekMqRLmquI%2Bk3ob4qWvNT%2F3UTl80AO1Fy4OrBxAC1XTG15bug6AXXSCZyKtqwgB%2FYIWA0obS6%2FHgC50QH7IO%2BHuXtQ%3D%3D\"}]}\r\ncf-ray: 9ba459adbb8cb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2456)","md5":"75033e20cbb2c275b74abe7c8621a291","sha1":"35a562afdc88e7fac00a316f3ecb4eeaef7f61f7","sha256":"3ba60caf1948a5dca9f8bf8bce08ff6dc66439ac713af8891c4b93e013f5fbda","sha512":"e16176490ee741d77321dcb783e2295f139a7f660e21a64be0ad530a67667f6247f78b0661110cd21920ae4682d134587eb5cd9213198064acb1db623321305f","ssdeep":"","tlshash":"6b51440a2e3cef399416a178f0816805b414549d8f46ab58f7fc0e5a0bafc56837fb25","first_seen":"2026-01-04T07:38:56.365Z","last_seen":"2026-03-08T15:12:25.526124Z","times_seen":12,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-confirm-CVVpLVF0.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-confirm-CVVpLVF0.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-cd5\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SEHNb%2B6ObQ3jFWcLXE1y9k5Uc2I50lg937ZjelPzW85J2%2FNDLUiOPiFzCfQkBOh78LHSv3DU0zrnlc5tSaJu6FDdurQu8wkTVQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad1b54b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3285,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3284)","md5":"4218a36f7a6fccc299ffb3577bca67ae","sha1":"dd996d34c9100398526782d5af26887184ae3c38","sha256":"ae5f566f4f2fbfb0d3ce7aa0a5941a934f9483719e107b1c184cb1ed77d63601","sha512":"4c1ec008efdc5e5ee2e280c8890bd89a315dac3fe55fd4ca2c9659314c789bf9b382c59f7a6795ee423078d5a6f0fa82aa14971493303526fc584762f18febc8","ssdeep":"","tlshash":"27618f20ae692c848277c661aec05e49d379eb877af6094f7a4c4c134e8711e15fefe4","first_seen":"2025-08-26T17:30:33.418855Z","last_seen":"2026-06-05T23:43:56.912692Z","times_seen":21,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-popup-D2Okk1oU.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-popup-D2Okk1oU.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-10a3\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rPNemnKS4nrnF%2FQjbkqIb6m6M4Pjjq04Yi7gTC99BN9auCsNgGC1jpH%2BcI%2BMVjDlwKpn3EVfr3g9eOtWjGNQI%2FPUCGADBi2b%2FA%3D%3D\"}]}\r\ncf-ray: 9ba459ad3b5cb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4259,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4258)","md5":"06fcd30ff5c377c4a2f9f9f3ebfe3adb","sha1":"de7ecd01b1875701a718f6a23b13b42098eedcbe","sha256":"0afd9914f132bf3d55d12ad6b79db6a7759c03ca76fc0cf5721e027ac1b1f31d","sha512":"ddf5528973b5af2bd222c1c70f559eeb4e03950c583846b024d74695801159b855d3e250196077c0efa68283579470f0f8c62461d881caab4c2fb43f5751702c","ssdeep":"96:u/l9Nh+ecD+wB9u/BifBAoBESBOojkbHIDD2GA:iNMTD+wB9u/BifBAoBESBOojkbHIDD2p","tlshash":"c791c134abcd202cc0bfd37165d05e8a4276e79ebb660f2f61a50d134aa354d316afe4","first_seen":"2025-08-26T17:30:33.439943Z","last_seen":"2026-06-05T23:43:56.963607Z","times_seen":22,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/index-DcZrAb-o.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:53.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/index-DcZrAb-o.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:53 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d5507\"\r\nexpires: Thu, 08 Jan 2026 03:04:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kXkSsUr0LI8er4JL%2FIVgogFNu%2Fj23NP5H%2BIsFa0elFn4p52uDx6Qdg8XLkTkzbuSffbNXaRJByRGC42vy4u6TdzAFgR6CkbwdA%3D%3D\"}]}\r\ncf-ray: 9ba459a49aadb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873735,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (26861)","md5":"18997818039c7385a6f8d9cf7085c1ef","sha1":"7ae3199506e9fb287456f4d85977f7ee9556aacc","sha256":"7466b682eafc38c969d4841b1704e01defcc5b82c7f63c86cf6384b6f72fdd12","sha512":"6aca4360ad0cba2488b1d65e50a18c8727216c990938b6a364a19167f1fec4ed372a50936e1652d2d79186237f95f7872c9b77d93f2459061409486696c11156","ssdeep":"24576:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK0sPfwuwuT4hJAmX+5IJROIH9/pvm4:OOhsHDvQtgcUJ3f5/oGrr9BomjmVttK4","tlshash":"fb159e947397b32106e935e1306b073263745a62f44ac04c7aacdde925efca4329bf79","first_seen":"2026-01-07T15:05:22.706702Z","last_seen":"2026-01-07T15:05:22.706702Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":702,"receive":512,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-banner-B1KD8OCE.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-banner-B1KD8OCE.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-81b\"\r\nexpires: Thu, 08 Jan 2026 03:04:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Eh4x50wvUeJf67bOexyFb50VoVb3GicOlOYslEfZFHKamPRhdMM%2BMna7ffksVjdcEfDMgn909hVurY6rauZmVrHetxdWroWFOw%3D%3D\"}]}\r\ncf-ray: 9ba459ad0b51b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2075,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2074)","md5":"12c9420c9ee1805a5a956e6b5f1f5c18","sha1":"ba25371146382376916a6195037fdfba8ae361bf","sha256":"73e4d379d8db798beafdd7dbaa4215ef0b9bfed3fa37057ce464b3072b699023","sha512":"facc5735d2b1329eb247c38cb34659843203756dad339dc9c1e92ccc99511a9f7f4b461fd0debbb236a8cf1ff9d791bfa7026b86803baf8d0246a1cda6ff322f","ssdeep":"","tlshash":"b841892cbc4d3f14957bc72615fa49cc0229b6beb723053d21e3b565aa0be822e02074","first_seen":"2025-08-26T17:30:33.376377Z","last_seen":"2026-06-05T23:43:56.95343Z","times_seen":21,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-money-DEKo3EMj.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-money-DEKo3EMj.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1fb\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6vQf1BZF98YuMdkDSeGeIYfxpYQyNoYQId5ELopqJCUOtPwjlG3vDVwO6aZweFyf6JxvtJf4EDc4kwIBsWtAhWjTqhCoaj8HHA%3D%3D\"}]}\r\ncf-ray: 9ba459ad7b69b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":507,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (506)","md5":"1ec6a4f0444037a6b44b2a56d62f8120","sha1":"affa6da1860222fe4c4dbc1835b3311775cdafdf","sha256":"c054f4bb46d90822b76fad8d952402cae3ac9c39abb03bef2091f6b0a76570bb","sha512":"2ac2092c0bb97e180253f6e958287c951ea46f464a60071737ac5fa634824d6182478ed13d74ed52686ea05b4569e71e76f3c5af7cb97224c1d9fa50849401f8","ssdeep":"","tlshash":"f6f09ee07bb41f00db3f6d18296727a2d6323e836de143b48351a3a44e5b179150e988","first_seen":"2025-08-26T17:30:33.438038Z","last_seen":"2026-06-05T23:43:56.940303Z","times_seen":22,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/z-paging.DUMsuOiK.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/z-paging.DUMsuOiK.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459ad9b7cb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"9a9fe1ee1c068cd9044a0bd372bea57a","sha1":"bbbab563268330a8f756f730c9ad8aaf4ea4ed69","sha256":"9ff54bcf84b2e794dc1c5508039759f6c21312381b2e66f422a055f8f53c853f","sha512":"773e599c1e96e6da2bdad563ad438fa6b2be47752f8c5af4e1e24b564815db9be3bdb8fc3ad6a962b3179f08e7a236c4096d7988fada9764b2b07e789e801157","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4I77RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruB771l0eP","tlshash":"42e17672b5f5127600a382d23295eb6a7ae0c213cbff5594b3ddc2632f9ee819903194","first_seen":"2026-01-07T15:05:22.710951Z","last_seen":"2026-01-07T15:05:22.710951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/mp-html.Qpmgo793.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/mp-html.Qpmgo793.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459adab84b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"98051e4d92c3377dac4c6052982177b2","sha1":"7c8b8ffeb242cb712ead7ba68e250114ebc6adf9","sha256":"53c396e4775f84f40905831ace377090731707fb354de5eaaf9f205554979704","sha512":"750e1757bb52048c79e0c60828495e141cb05d0b7450a73dda68928e5f46b313386ba41aa8af5acf489a1d54d7025b95627c2e4210509871e8554a7b5aaaaf0d","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4IB7RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruBB71l0eP","tlshash":"e9e17672b5f5127600a382d23295eb5a7ae0c213cbff5594b3ddc2632f9ee819903194","first_seen":"2026-01-07T15:05:22.712797Z","last_seen":"2026-01-07T15:05:22.712797Z","times_seen":1,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-drawer.BEnl_qrG.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-drawer.BEnl_qrG.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-4aa\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OmDEsXNLI2jnxkySnSI4zT8dTy71%2Fjc61pRpfvjGDPcohIbVxTxe1l0x1C85%2BOwUEvVpCrjlne08HC%2F4y8RlM%2F%2B%2FEaAwnj55Ew%3D%3D\"}]}\r\ncf-ray: 9ba459adbb8eb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1194,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1193)","md5":"6aad1e42ffbad02e3263243334d806b5","sha1":"f3b1701aa4bd168ef77b7722ff8d25c8ff836ecf","sha256":"62c1618ce9d65feef3c4ce891d6492a71facab2c6bdacd27f11be9d3b58c27fd","sha512":"960ed30b5620df0c65839a56aa0f920fd79d3c9c497a41baf93f85250c900029562c3fe3711b480287a7aeb5d6d190d047465a363dec2b6c3163446612f3a0e9","ssdeep":"","tlshash":"6121ee1c7a1ca93329d7449d502006001ec86beeeef42ec6f2e6207e875e9a8916db14","first_seen":"2026-01-04T07:38:56.311311Z","last_seen":"2026-03-08T15:12:25.55072Z","times_seen":12,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/LoginRegisterModal.eMqIKsye.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/LoginRegisterModal.eMqIKsye.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-3bd9\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BXhuTXzprw4rsBfk%2BuWkYLn8Z9WPQTpXlwl9mlJ5SUZuwEYpndKf%2F7rS638c1qh5LTYtQd1yjI6%2BgGwuEoBD7r92xCtA%2BTdWwA%3D%3D\"}]}\r\ncf-ray: 9ba459adab85b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15321,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15272)","md5":"058f7e55d2944b9aa20901f3c12549f6","sha1":"5c1a47b33fc795535d848f1e71f34b3736380632","sha256":"83daf663074210eb3fa7564210c61f9dd8fc56f62acebe4099cebbb646818af7","sha512":"dc5f27ed3bfb310a8ef8331aa3622c66b05236c399c7aedb1e1b55f8316123123785222f6e6944f39d0ba3454b853cfde988ea05f6fbdf4d920883bcae792f39","ssdeep":"384:PrSK/VoBOmek5T1jhJJNCkX/sjFP2rzewPRPbHMq0:PrSK/VoBO1k5TtPstLwPRPv0","tlshash":"0a62c509b55dc8335e92b06ce48318246059cc5fd941ac4cfbf8198f26f3d469bba73a","first_seen":"2026-01-04T07:38:56.332573Z","last_seen":"2026-03-08T15:12:25.56783Z","times_seen":12,"resource_available":true,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-money.Df21XDR-.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-money.Df21XDR-.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-bc9\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fiCmmp%2FMvPu%2FVn0gZlw905uCCHQJFRWWIlrAvZrbdJNoXMqw1cjl3b%2BckU1Wyp6AuGJZcS32nqvb%2BLhGEONC%2BT09Mi3JJ8QLew%3D%3D\"}]}\r\ncf-ray: 9ba459adab89b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3017,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (2900)","md5":"a0d1d8d8ee4b335c040b04e4070b7927","sha1":"389c16a182b95802ba9d9a4c5fb7fd04b8103eab","sha256":"15d8c62270da104ed031b8c6e02ad1daf4608ea9ad05701cdd082aa88e114f90","sha512":"1f3eb4905f3fdef9d9aeb8db84b48e6754cd4fc9bd715099baa5bb2b8976f9282853c12f6570eb4d7b04126e04a06b2c928ece4d02a92b22f79411c21035348c","ssdeep":"","tlshash":"a451a4a476985da3048a2a1d08485343ea74bd4d9ca838d8feb4bcfa8727cd5384cf34","first_seen":"2026-01-04T07:38:56.348586Z","last_seen":"2026-03-08T15:12:25.525059Z","times_seen":12,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-title.DOX2mzrl.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-title.DOX2mzrl.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-18f0\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H5xyghRT8W8sserX6l4VSVAf0AAcaqOA0%2FKxkeLm1AD3jV6qt0lUUYvPSM418KtCwJgCtk72OcyaSyXDJJSpIAJ8DDJqTfh65A%3D%3D\"}]}\r\ncf-ray: 9ba459adbb91b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6384,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (6123)","md5":"405629402164d9d30323869234856602","sha1":"0381c4d236705ca7e656f50343d8c2020541d0a6","sha256":"a5530a450d7abfd958e704c76ea19460e77e2c36f91cb571d7fa68b0a95f1203","sha512":"e1e038e5336d7b036ed81482902f0e013090e8cffbdd980596e8f35153142e83f95d9c596d9558f463e1fd3e811ac751daa05da20b3fdd30e065b5850a015458","ssdeep":"96:0hiGnLTCdX3ULUuFXS9Y5+F89umUekTqNcjett8OFib1kjbdCpYeLD+fMMj+NLNi:0MX3SFXIYQcumUDqpPsYeLxlpu/ew","tlshash":"ccd1b4243668fa3729d640895aa04601b14c2e8dd730b99efbfcbcf95286c64557ef38","first_seen":"2026-01-04T07:38:56.342393Z","last_seen":"2026-03-08T15:12:25.535587Z","times_seen":12,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-drawer-joDNLxy7.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-drawer-joDNLxy7.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-67e\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DY5EMv4IMsx39xbgQO2hlYS79Ahg1Nt0Aa4yqxqlSnd3VQtfVpK%2FuSH4lIfIG1GTxvLPviEVDIFlpDxCySUOXFIRCbXTC1zxRQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b6fb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1662,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1661)","md5":"c459d8c22b13969efd179467452eb13b","sha1":"0c10dad7104de3185801252919cd93876687f9f0","sha256":"da10cabef00245f7c0337951d5ff5cbc9a8a1f6c83efce5dc26b6230c2edaf1b","sha512":"1d8d798bd83557544abb5df3e3251afd3bc7834f2f24521fccfa19be96e04d5a1c6844f28658fdd5e33d7316796e66cb5e0496a6fab13ebef553a676865a80f1","ssdeep":"","tlshash":"53318a325d553c18767fd316d4e1d9a80f3cd2d3daf2acce6209652b0a4b9b9205b582","first_seen":"2025-08-26T17:30:33.419712Z","last_seen":"2026-06-05T23:43:56.941652Z","times_seen":22,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:53.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":"广州有啦网络科技有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 18 Mar 2025 04:08:22 GMT","end":"Sun, 19 Apr 2026 04:08:21 GMT"},"fingerprint":{"sha1":"AE:CB:32:71:EE:EE:E6:72:A4:88:B2:9F:4F:C4:E5:B5:A8:C2:73:6C","sha256":"7C:F1:09:2F:6A:8C:5B:F8:63:DF:D3:32:B0:F3:F8:E7:01:29:0E:F2:55:8B:4F:6C:58:55:8E:44:E9:EC:15:F4"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 380\r\nOrigin: https://usdt915.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdt915.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Wed, 07 Jan 2026 15:04:53 GMT\r\neo-log-uuid: 411995867229651291\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T02:09:46.692243Z","times_seen":16200239,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/ProjectItem--WQEwVja.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/ProjectItem--WQEwVja.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-548\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bILtD7SiKp0Odcphai3uFsFOjX3hdLuuJT6AuH64cKfI95b47tU3Us2%2FKaNeVA7%2BEiQx6Y9V3MKpDNPwY0Tjeb4H54a0nrXjQQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad4b62b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1351)","md5":"30c73a40912b2d57d2bcf3a9eaadefad","sha1":"d3313e7a5377930b330338beb0648d139c26c7db","sha256":"6de8272c94e2df8961626816b63c5b4b55e5b190670faf3826bdc18798feef9b","sha512":"a8436f768e1d29d40ec7b43a04f77026c58e6653bcccaffdb5bfb23f7baa4379466cd7dbd502c4d6c51853f8dde2fc7d9dbba70d405d55ffe47325081ca9d77a","ssdeep":"","tlshash":"a121cb21bb4c60087037c90912c98a8d1279b247a11a0afd9a7e3099df476b3303a3c9","first_seen":"2025-08-26T17:30:33.405062Z","last_seen":"2026-06-05T23:43:56.93881Z","times_seen":22,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/userContract-bOONBziD.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/userContract-bOONBziD.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1fda\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=71ZSe6AX88%2BLwZD%2FRBAaGKtYEedpjpfdFn%2FfEhswxJj7vlYBtoHvCGYRpCjs0Zf9jVwTPEgYUOTL%2BIlygRlp9lkXOSpAeqkf%2FQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b70b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8153)","md5":"83b83bb797c6007d7f03d48704a72001","sha1":"abc064e41cd4a625c49efc0dffed7848950a976b","sha256":"ca6966fe263d225f57a6a5c2cd8cc06958e3af709b5c287f24e0c0decd3027c8","sha512":"174f97c0a0baee5f6c03a2aab44b0d5799daf8b8b8fe9d77737f987e5395d6a42a721bda78551fc0fffa4b2d1f486ae887f8285d9bba9ec716db6a4638ac4dfb","ssdeep":"96:wfPCD9/4DoLBp34pMMJJqOum8NvupjI/nWpu5Hf7fApa+e1F:CNsD4pMoqJm8NGpjcnWpu5/74paV1F","tlshash":"7af19559bd0d1419e2fbd20a64f05bcd0624f76bf30389dc6253192acd9769b2a12fca","first_seen":"2025-12-31T19:20:07.049418Z","last_seen":"2026-06-05T23:43:56.935451Z","times_seen":17,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/userIndex.5H4VVtxS.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/userIndex.5H4VVtxS.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-586e\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LanC%2BEL%2Bx0onr38QS6Ey2i0AQlTIiEqGDfYckYgsWYfQDnEAoFXVmgIRsPBvFDHbeFPtlYkkNcPRHLvDZEZRt8qnCRvNFZ7J%2BA%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b79b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22638,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (22511)","md5":"37209b19adbbd0689b3a59614bbf9b42","sha1":"3f746f1078109423d7167a91d73ff10cacae5040","sha256":"2639ca5530dbad01269a12c6528494a49577f37eb22cb96e5661c7c36972b74e","sha512":"a6ab82266a439051ed871d3c01224a48865e709fad081aa75a179b772e8fdd6b4b5cab9cb948cf4d9847d7634f5065ef265c99dcef9093a7a9a65359efb26a52","ssdeep":"384:+MaJwGqXFzXSzABt6bsjHC2vJ+WeOlY+k7VE+rkRRzO53piT8T:+MairXFzCzABt6bsjHC2vJlljkJzkRZ6","tlshash":"98a21919771ce1297ad1a00e94d40812b20b4c9ea321b99ef3feddbf4399c6d649c736","first_seen":"2026-01-04T07:38:56.415319Z","last_seen":"2026-03-08T15:12:25.516526Z","times_seen":11,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-banner.zl87Ac6h.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-banner.zl87Ac6h.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-129a\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t%2BPqiaTrbs7avVr4cTNScG9lXENVsju%2Bkl5ihtFUf8qmTX5GcFWAQv%2BzPXXirEMLPiIOcaWBCSPV7b40ler861CndLYk7UrDbQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b7ab512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4762,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4751)","md5":"201cea6893ecc5a2b454d6ce67882166","sha1":"6114041925210ce6d088080da3bb393366a1d853","sha256":"48d771a7a8f81a737eb4934a7bc04c90013da1fd96330a3427fd896b29af50fe","sha512":"c6b4d23321b7817f21a5958474e717bbce7dbd4667f897f5d4ea5b8cbc2c1bb108f1cbc59134d46b4c415e2ad4525622841702f63dc713b5dea9801e877f8908","ssdeep":"96:gqxD0PWg+IT42fOjqCbCqvuj1t2tK4tPtKltstK7s:gqxaElb5efs","tlshash":"43a1e028352dab37d89789ad00c4050435b929adf7f07775b7f48a3d922344eb91cb59","first_seen":"2026-01-04T07:38:56.389151Z","last_seen":"2026-03-08T15:12:25.529993Z","times_seen":12,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/uni-popup.Bvhvdyf4.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/uni-popup.Bvhvdyf4.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-37f7\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UYgV1olx6sKnuy9wXvZnlwIwYQ09jaanPNRE3MNGxN4xTu%2Fpc5mqi3g1ExEsRM84IJ4ZEp39d9SkI%2F%2Fd1F7GZ0Jdh5vCA61fXg%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b80b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14327,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14230)","md5":"2a5e2df1aa15d37fb38fa4b954904352","sha1":"430b05f0f002e37cdfed6057ace2e25881528d7a","sha256":"b78f984771f6506020c3524c7190d1a6312a912124297d359c0a98da46cef09f","sha512":"765bbfc2b9410036c25a03e8c198cf1b414235a7c5f419f3778fc06a799b1b52ed2af74ef595982ff4d35d8e18fe6f3c2fca1456eb36ff4a34c894d9c3e94c48","ssdeep":"384:5V08L4LbQr3y9Pk9wMjxe/gi0lvwoIpFHqdM8uPCWYYxoK/WGbNYDYGFa:vx8Psy9wHxsglvNIpFHqdM8uPCWLxoKV","tlshash":"e752d7c5b59ee92605db82b7509c4a00413869d8b1751a6c7bbdb8fb024ac8c73eb73c","first_seen":"2026-01-04T07:38:56.381587Z","last_seen":"2026-03-08T15:12:25.544893Z","times_seen":12,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/uni-popup-Fqn9N-Zi.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/uni-popup-Fqn9N-Zi.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6ea\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W8l8xnVspkwI6JYRZQU9wm0HCdML6Zyehbg2t0qyJfrRJNdFRk9oUvWfMYOmrA4RYAj8g6vLr7xvrtVwtdX75oXXbDWdKdr6hw%3D%3D\"}]}\r\ncf-ray: 9ba459ad4b60b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1770,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1769)","md5":"d082db8500b272c2e43675d8c52d8fdd","sha1":"b6a165928e6ca58ee847e1b9316b0954a0a7b126","sha256":"2567b7b7dff7c1b3092ef67294d1adf734c4a26d1e6ba21ba15fa4ab2404ea01","sha512":"ec6a79cd5137ebe2eb07f48e22b5c1bf70afabb63a1685e49aac0b7b73479b1e9994369488db30971644dffc33bae8310432891df182d4cba8c0d735d7f7f4e2","ssdeep":"","tlshash":"9f3170723c1d351984afc0e6689aef46432c72339553b6946678f4180cdf9e23e5b6bc","first_seen":"2025-08-26T17:30:33.414771Z","last_seen":"2026-06-05T23:43:56.904585Z","times_seen":22,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/InputPayPwdModal-CwjLcKcJ.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/InputPayPwdModal-CwjLcKcJ.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-10e\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ofcg0u%2F5RE4e0aWcYt1XkIYiS0k0utBsT%2BIpYRmSfxdN0UNQ5FAIdZmS64tQAbMYMVgdTcJo%2BdT63fw%2FJom5GdEj5u64BjxyEw%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b6eb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":270,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ef857145a2387fa7f0b696d9c04e7309","sha1":"e720751d4d447040d3d1c52ccad4e080be11828a","sha256":"9c5c2bca02b37dc58e30ab5662894d521eb4d8f1c6b509e9b7a0f7a26cb9e67a","sha512":"481f8aafaaed51b3a6c35f90eec289047c3b99c94ecc569f7d430243581db234fb8654f63922025ccbba7b6b50928a94082ccda6553169a76f50556f8233d148","ssdeep":"","tlshash":"56d0c22fb8cd8050dd7fce222498edd98833336b6788148e2cb619a2c9533062221888","first_seen":"2025-08-26T17:30:33.409471Z","last_seen":"2026-06-05T23:43:56.965058Z","times_seen":22,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/pages-user-transfer.DLHOt4FF.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/pages-user-transfer.DLHOt4FF.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1640\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9finwRhjjh%2Fd4KeUkWTgGKt5%2BTIVvjaCwJgsfpHXDPNioqaDvoUo3jmFaJp314RUhQAev%2FQ3oPral9EhPxPU7xdaB7HXc0hetw%3D%3D\"}]}\r\ncf-ray: 9ba459adbb8fb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5696,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (5695)","md5":"2547dc73af04d486ceb8ca65ae847566","sha1":"b190e531ca624cda9e6d34f5b5cb0a421c958bf5","sha256":"51a4c3b05339e3e1b09c2c361ec0b6a1829ce2bda97d204ca2e7bcfcc59dbfb2","sha512":"331a634c482fb372aeb8b64b45d113966a0cb9bef2d8d089e7902fc448c15614b97a5adeba41630f440824f4c35833749cdfb5276e04ca2d42a9f2f0d5af0e18","ssdeep":"96:J1YQrRVZ5u4PSajRftJ02usxc3W+Ucy3OwE+JcyI/tEcD5IOhEuNyosUk:DDrZ5xjH4YOkoJ5GUk","tlshash":"24c15305b91c99202a9a7278e4d54d02717cfdcde1407a5cb2f8196e13adca909f9f3f","first_seen":"2026-01-04T07:38:56.366197Z","last_seen":"2026-03-08T15:12:25.53293Z","times_seen":12,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-input.uefNOExw.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-input.uefNOExw.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1642\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yejTIcozn0sVjZ8r9iEuKIQi1gvvwa1htQZyhM8XVrIX9EbXHo%2Bf4p6jnu3ysZmOssF38TpX8IQvwL9GTQ0lM998vSr9CEirlA%3D%3D\"}]}\r\ncf-ray: 9ba459adab86b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5697)","md5":"d766698ec63890526447fec4e5eb5f8c","sha1":"79ae59a85a2fc071ed6a034b777ca1ca5554d124","sha256":"c8e21fd858262552151d9de63202cd4c7e8622d70e1c321358d58275dfa6709a","sha512":"9c8ba9cd7ddcc242048b9ae79f09c78e573b9bee7963c506159bfd69cf7a65b077a846cf4474ffd5a198d30bef18b8f07f566adae4e8be303e5c6f29a080a80f","ssdeep":"96:f2U3EALwgU9svecAntaG2USFKGiP9shkYre9mGeKCeOpd:f2WQatUfcC9ze9e4d","tlshash":"ebc1225a350cee232dc78c4a7095424115251b8dde3078ecfbe671b5175fc88b2acf68","first_seen":"2026-01-04T07:38:56.360461Z","last_seen":"2026-03-08T15:12:25.543952Z","times_seen":12,"resource_available":true,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T15:04:52.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:04:53 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h%2FmAQ2HnRNEzRxZ%2FsaNfd51RGpSDTrbBp0Z6%2FayXEn17Q%2BJYkEpfolI1SH99yilTpoQDYmAdEWJLYvzdFU3Db15oahYGUf2lps9M\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ba459a06861783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (464), with CRLF, CR, LF line terminators","md5":"efec4c8da83baa08db9905502dd346cf","sha1":"7e0b95553d0c03a0858094e5e9428027edee01cd","sha256":"a4c95ee00df462dcf4609e1d93cc408b38bf78b5c711bfbe76ddafb0d8f45530","sha512":"ad79362a3f516c6d022851ad16320fd77cdc3818bbb466770293d28a23885c46e9ed1046136d6b0f47b58ecbaa2bb85bf5fd272c4476124e2bdc0c64d0f8db20","ssdeep":"","tlshash":"be71b515bd90942402318a287fb3e60def3284735200eda478cc971b9ff4a46ccabdd9","first_seen":"2026-01-04T07:38:56.432781Z","last_seen":"2026-03-08T15:12:25.587595Z","times_seen":12,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":19,"dns":0,"connect":1,"send":0,"wait":527,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-fab-D2Ib7dhh.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-fab-D2Ib7dhh.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459ad0b50b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"e2e13fee8a6e68b91ce71bcf81e68842","sha1":"78143212cbfb4c33f5bd572de003dbcdc5231930","sha256":"ced256e09005f8900335a378bb4589d2a01f4f46aa36e0611e768399c2e48f0d","sha512":"b0921a1e23d1ea6853ca89831c53e2f21b45d85779088c03c7ef34fd564796fefb26cb4256e83017b705f67f6fa50efc4c5f5bb725879257593443072b763800","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4IV7RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruBV71l0eP","tlshash":"a2e18772b5f5127600a382d23295eb5a7ae0c213cbff5594b3ddc2632f9ee81d903194","first_seen":"2026-01-07T15:05:22.725816Z","last_seen":"2026-01-07T15:05:22.725816Z","times_seen":1,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":459,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-button-BpzWQUlV.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-button-BpzWQUlV.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-162d\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g5uz2CgosyDMq3Z5yMtsbknUsMtqMjK2dJVT1Hp%2F4kcAQpwtXfxtajGrLK4UYmlM%2Byny%2BUEK8V8iBT4MDPIAsewfCU8xKNeyEA%3D%3D\"}]}\r\ncf-ray: 9ba459ad3b5bb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5677,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5676)","md5":"119264cd3c80acfe78ffad71134d788d","sha1":"8cda9c0b48b8d22eed34808e6cca43caa59c891e","sha256":"08e80d2433a59c8e2371d0268b7c42e849404c218150ea0eb043037743bb53f7","sha512":"f52bafe7171cc2ff034930bce798aeff2d138762d357c8142740fa28459931675db2df6a1ccc5c76f9b3df8bbeb511a547571fc102ac076c630e429b926ee69d","ssdeep":"48:jPwdIWejFN9UGzb7GDBpX9rU9E7hEVhRQeESmjxfkgshmhMv2k/IS5O1V:jPw6WejFN9UoiDDXtz8Lm1fLsQGvvg/","tlshash":"70c137e6f3cc48693a6bd29a43667b7d1c6e72c7c2040f26f4673a644f220d2357218a","first_seen":"2025-08-26T17:30:33.372003Z","last_seen":"2026-06-05T23:43:56.924247Z","times_seen":22,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/LoginRegisterModal-C0MgRRGF.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/LoginRegisterModal-C0MgRRGF.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-801\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SanhJwTpr5DlF%2Be%2Bli6G%2F0I%2FaiIIdRPnWv9Gnwqwd%2B75bycXUjXYt8OGYmuHYrBGQsQSC5%2BkiSafNDOMKeS%2B%2Fw5t4axMJbazyA%3D%3D\"}]}\r\ncf-ray: 9ba459ad6b67b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2049,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2048)","md5":"eee85bae3cd742e5e7b74f0883e85942","sha1":"1c2f3bc7dc76ba102bbd309157c435c4942e3a53","sha256":"150da1f7dcbee84fb90720ef16ead3130001ad4936917a2982e1f39c9eb98263","sha512":"a9998ba400d872f30018580a288af850c0807dc103c5b8ba129bf107652604618668db597a6fe1c6eff62937c096f76d8f4b0cb94b5a73456e56c3fa4b44ec46","ssdeep":"","tlshash":"d141b85cf9ec1899107bcf2658f18dde1522a3fe921117bea5f3a0348c4b2832d3e198","first_seen":"2026-01-04T07:38:56.361717Z","last_seen":"2026-06-05T23:43:56.959813Z","times_seen":16,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/userBoot-BzD3tkpn.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/userBoot-BzD3tkpn.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1c12\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ErdLWGKI0VeYKCFFyqp0hEvWP3l%2B7lpA0dKxa1fPegeZzD83ZT%2Ft7YDp%2B0rBo5o6Ml1MuYGDSjDNsluM0Psf4oeAcByETC2ZUw%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b73b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7186,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7185)","md5":"12b3de5bedc5d044cbf7560368f63d2a","sha1":"162705eacf8a88fca84088caa60a7de174a56d8e","sha256":"292bf74952b3710282a57b3f82421b100c587d5a2a6efc853ae0821da3617c7d","sha512":"90278bf1e15bf610333c03ca099ad4ab968cb0298e3cd344e785b5047ce2870c5e21cab4c9fb4321b1317c9da1a922c93cb1bdb076e1057b83683b8090f8f977","ssdeep":"96:JkydSwIx/+nVqSMSBavXwXYGv4FTW4z28rfcvu2k9k14TwlqIiqR/6/jdDqjMU4j:qOSe022y1krWG","tlshash":"ace142383d5e201eb5bfd102b4b152de0275b35ad341c6eeaa677a24cf971c628339d4","first_seen":"2025-12-31T19:20:07.071433Z","last_seen":"2026-06-05T23:43:56.922213Z","times_seen":17,"resource_available":false,"data":null}},"time_used":507,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":507,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-fab.DRN4nk-k.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-fab.DRN4nk-k.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c5d\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s7MeKNkpDPrgT7pemjGcvVlVGPdmJ8NXHzalvanMHxbiWVhE%2BHR2sXSOGxKzLQblsoYZxqd18hcL7Pot4YoLqKihppl4tIBmFw%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b78b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3165,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3164)","md5":"eac8aaab15281f12a67853df03d5f2fc","sha1":"2f535eaaa423fadac580bd63c10043f906d484ce","sha256":"732ca6ccb77cafcb1fd7b441ec46af8622a2b01c87e3a4d28d6b290701660d3e","sha512":"1808477f3ff52ce9535052089c2e3f137ed88a2c29103f43f01d067656d48b8c6d80c4eb48b9ec05bb2bf28bec3c2a22634f949dda03c552dcfe205ad394aef1","ssdeep":"","tlshash":"635165067a0da0372697087e906446c1721a1e7d97f0366ff2f6f8b64e8191e62dcf34","first_seen":"2026-01-04T07:38:56.376926Z","last_seen":"2026-03-08T15:12:25.524159Z","times_seen":12,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-checkbox.HufpC5WB.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-checkbox.HufpC5WB.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-9e2\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ITlIcDECNHxdYu65HCJxYPWOscdXgieENMBgq8Tb8kTt4vljXuJKLaFitEZD9ZeXHcJhayyIb82EynYpHWbNXg3kyf6gQKNVng%3D%3D\"}]}\r\ncf-ray: 9ba459adab8bb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2530,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2529)","md5":"b4640f6c8b24eb0afb493e15e12b683e","sha1":"4202b88e4e6acd34d68381441347aa739fc6545c","sha256":"d220892eb40334d6e8b68ec73d1e29bc6941ef6a063926311ad827288b565afb","sha512":"387b888e2423f7091d5280b766d9586e982c5a8f982e0b824e7b9d5502c650765c061c6e9750db438fb4365eee0f641888a100eefffd93f2094486ce6ab3f485","ssdeep":"","tlshash":"cc5132157055a5761bdfc4cc50528681a32e239cda103efdbae824fa5a8ac88916fb35","first_seen":"2026-01-04T07:38:56.327321Z","last_seen":"2026-03-08T15:12:25.51887Z","times_seen":12,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/z-paging-Dz0lgrdA.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/z-paging-Dz0lgrdA.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-16b3\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sJdPXFk8%2FQ%2FjC4TEwFkrRLxh6d94O6f61f89gyJ0PmTj7lWS1fFiHTfPxqfPmDpXUneCoR8uxzY17UkjDXIi2ziv3LX5vrDclQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad2b56b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5811,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5810)","md5":"174f196dbdd575437914dabeae885229","sha1":"a1dce8d47bfaf62e197c543e9aedb3664f3f6bca","sha256":"a95bc9745d619306f65889023d4289d026702e73d0bf9bc45e5af4c8e56f508d","sha512":"b045262974cd61251dcd03d860374946efc593315765061de3be9176ea5fc74a88de76e45dd8976f1ee4c957568824eb1a0f0867ca38cfd21bbb47c3bb58969c","ssdeep":"48:kRpuakdxeHDeCa3z4NhamadBaJlLaJ5GaMoSa+J8vasCayagKarUEqFN3YA6J1jS:cYxeHCaJpxIFHHoYs2Fk3keCk4","tlshash":"3ac1232d716db0395577db6e60f49a6c5060e22bd72bea8c6343231bcdc76e539242cc","first_seen":"2025-08-26T17:30:33.429333Z","last_seen":"2026-06-05T23:43:56.939575Z","times_seen":22,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-popup-bottom-BiGtqM4n.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-popup-bottom-BiGtqM4n.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-276\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UVxYW5jlIVrJ3GdRWCCsNmxaDYsCEtOa1fImxXuLDV0VxGMqnsCONhsDgOwYOi1VewgUscqNXSwEKKcYOo419jT%2B2kLTFvTcKA%3D%3D\"}]}\r\ncf-ray: 9ba459ad6b66b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":630,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (629)","md5":"795a7b7857567358cc4f8e630fd824dd","sha1":"687095a0389bcc5580d15fb0ec22ceb131705f84","sha256":"81d2b6e508e695666536446d38bcee719890675c8f4483a5ecfea69dd117b84b","sha512":"4369ca94ce84ebe80b2e9affe1519e7e1de2f166f24f4bc6803a666eec3af351341f0293e777fa0593fbe95a27021e28e38ab0214c92ed2ebfc13711f81730af","ssdeep":"","tlshash":"25f0282879823050687fc75af990ee44423da689fef609de22d516854f0bdca78065d8","first_seen":"2025-08-26T17:30:33.378514Z","last_seen":"2026-06-05T23:43:56.890756Z","times_seen":22,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-img.BjIpHj9F.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-img.BjIpHj9F.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-d69\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F3BUXgj133Ptr4kZ6HXlCGJYdPhp3v6LilH4MdpFxC6zybNoBkJ10xSpRQtfjptTB%2B5fBTmXzy219eyMrIiGbw75R0WRWFNUng%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b77b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3433,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3408)","md5":"90d10f66f9920ada7981f34e2ae230f8","sha1":"60e33ea3e8b5c957668c47b18c089e84d40ce7de","sha256":"14bffda70a7bde70fbc769e3be27fe3f2960cc55416f89ce5fc1c6928bc58fa8","sha512":"c6c469fd447d0c0e343372851d332a4b00ec1e124aa3016e2edff992ad6901861a07c4061d68ef5c50ebde222978de48e4c1fc5491f3084da8e1421cddc24c0b","ssdeep":"","tlshash":"1b619528360cbd2f06b584b610340e41615db95ec620abb8f7fc34bb6294c9cb66ca70","first_seen":"2026-01-04T07:38:56.372165Z","last_seen":"2026-03-08T15:12:25.523625Z","times_seen":12,"resource_available":true,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/uni.734051d8.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:53.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/uni.734051d8.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:53 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-8019\"\r\nexpires: Thu, 08 Jan 2026 03:04:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TBZ2SSUKaH27w8fdzvxFVmGZns2xTfwTtefaEbujvC9jBVcvbJWZUmwJIWPhvCAYWkIA87y6NhKwztfNiovHRAEa9Kdid63YYg%3D%3D\"}]}\r\ncf-ray: 9ba459a49aacb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (32792)","md5":"dd5eb10f1e082900e8fc9f5294a20ea7","sha1":"0cb5185449f798d94746d77f3d50592cef306b81","sha256":"734051d81039fde90b77b4172ad966afe58f19ccca555fd849fd990d5cf327b1","sha512":"a7bc4f19c6eff7dedcae0d639d4f3ed9aa54fb0abbd517c4503b1b75693ceeddc1cb8e9c9813e373b81f4e0e4c7b735c4d8ce02cd16f296a1140519488bcda4c","ssdeep":"768:UoL4zei+XH7eryHDAtrEW1xBiM5TiDMBNXpriBdG54mZr9YnDcwpH:UoL4qxHHaISCmZrirt","tlshash":"dee2d6325e012939f8b7ca2668d1db8f2331c173d5531b6deb7975288b8e8c9167b384","first_seen":"2024-12-20T22:15:00.546241Z","last_seen":"2026-06-05T23:43:56.945127Z","times_seen":25,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":532,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/CurrencyList-DB3FY5Nt.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/CurrencyList-DB3FY5Nt.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-d28\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w31%2FWl8tCF3j%2BOkhmJJcGK8tFTA33kwufWFFgq20isfoxhz1yjHCLd5uVjVQaQYO1WXqamDJUkjve1qOwv8jSx58ttDDxXodcg%3D%3D\"}]}\r\ncf-ray: 9ba459ad4b61b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3368,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3367)","md5":"ab4d4be3845fee6ddae159b928238d55","sha1":"aecb5477019c06f5ccade269a9809ad5d72e1382","sha256":"066336f842b881e4d5caef0d4e7e4b32d5d9b11b73c9ed167156a79528051eaa","sha512":"1f367e2773a96df74a43d53040eebf39882b832b85690b00f984e682d73829c9b9fc1fd832fdace7762518b4e4e2fd6b545213ec9ac1564cab17b1ddf12ae107","ssdeep":"","tlshash":"dc613e6d764c322e457ff6096dd55bcf1230e31ac36215cda9833b34ad8ba432e224d8","first_seen":"2025-12-31T19:20:06.986084Z","last_seen":"2026-06-05T23:43:56.966556Z","times_seen":16,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-title-CVAcbwdi.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-title-CVAcbwdi.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-c6c\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t2D%2FIticQt2bmKBGwQr7D1Kv4eF4MsGjrNrQeQy8wz%2FT5UCESlywIGsH71X7vqnR0A4XO0rCdT9fWK1LiinqbbEqweWYqFNkQw%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b71b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3179)","md5":"5177a0864313a3a5c4e35c97a88cc6dd","sha1":"0a600582603bc21aa49ea90db47c1f8fe75c0128","sha256":"0e3b38377ba563f6800ce39abb9bff953b64f949e0dd9f290bbbadff2da62356","sha512":"899a86a4d2e07cfb5ffabe2906b3a8403e720483e9b0099222a6c4d6ed79a1af784822b8f141943d6408d4693d93eb7a11c4e48d0fd6f56ed957d76ebc2c9a0c","ssdeep":"","tlshash":"1c6131316919121c8e33e7222ca037c99534f1a9f7d7116d53a7283e9dc764714faaec","first_seen":"2025-11-22T10:34:45.560659Z","last_seen":"2026-06-05T23:43:56.913407Z","times_seen":19,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/CurrencyList.D9Y0wwkC.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/CurrencyList.D9Y0wwkC.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-49a8\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uWlln90foQakVDKsAusGlXaGCY7GiYoT3rAeqNaXxzTSajzgEYelTHOKCdDk06jrihNrDtg94Ef2m1HMJ%2FZCmDC%2Bcw78DIQxZA%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b7fb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18856,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18855)","md5":"ab743b8dc2cba704afc79a129a289752","sha1":"f60f717476e75413c520ff465061250518c32877","sha256":"0e408f9d01ad269d929230c4508ce98a40c7305a884f8c39e97214f29e799f25","sha512":"ecbf84f7da3089c89a799abeb06dc7ffdc7ee2204581ba11471faab0990f6a149c78dc35eef422737ac7937c06af84fff49717ed5e2496078fcacbbb1d855649","ssdeep":"384:jCCTHfWCNzMLU0Ij6m72b8Gpg6CGMEquRTwei0oI1F7:vjnzMLUHjN2b8Gpg6CGMnUvipI1F7","tlshash":"c182c6653389e43647d9642980a89604b3367f8dea02346d77af9cf9935fe4871acf30","first_seen":"2026-01-04T07:38:56.329106Z","last_seen":"2026-03-08T15:12:25.562426Z","times_seen":12,"resource_available":true,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-section.DjNV3xcb.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-section.DjNV3xcb.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-89f\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iwQdybkmBbrSrHjGPCHNBgFpiWcxiIJMLJR49h8PYP9iIgW66QlA9%2F9nMMVDQAPYqnMOloA35fDRlMKZsIh9aSbFQwWg56TKPQ%3D%3D\"}]}\r\ncf-ray: 9ba459adab8ab512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2207,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2206)","md5":"26b01b4c0547fb3b295f75254c2af8b9","sha1":"83a9472ab00ae05aacd67ab299e84ec2f6f14639","sha256":"162e423c70819d15ccb51c82ffeb72105e7cba7d70b4390fe6aa48e4c227d1b3","sha512":"e79ef48cc6825b9cfcba5a592346277cff7fe4066fec724c1281bf1928a9ae8978e7ac0f4398fab1436d4ec63e95e7b9e868f3c6ab8604d3886d915194d66cd1","ssdeep":"","tlshash":"3041226d380c9a372d8b0dae70b0230064552f9cde317975f7f1903557a7a9a915cf1c","first_seen":"2026-01-04T07:38:56.320959Z","last_seen":"2026-03-08T15:12:25.528901Z","times_seen":12,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/mp-html-0ul9zqPJ.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/mp-html-0ul9zqPJ.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:54 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-896\"\r\nexpires: Thu, 08 Jan 2026 03:04:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HNZUrE3KXcjAyel5lGiv6g9YSV3DavE6o%2BufwJ583ufwhx0aLDCdH2OEK%2BxijgVD3ynfG0d48%2FiycCrtCNuloajkymkk%2BBwCSg%3D%3D\"}]}\r\ncf-ray: 9ba459ad5b64b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2197)","md5":"39bf250660e96521f3a35e1ac976e1a2","sha1":"cc7d930bddc88105f7c3d6bbbe74db8f78c7cf50","sha256":"6ddc23e5714d16e58c5fa537109e04b7f45abf79ac4aa1b8f371631ea3520d75","sha512":"4dae98925cc55685a79033199037b61e7370685091480bb4e9c92c5f5a15176a092f868b8a531c1dbc5fa00b41c298d60dab95b8656f89c33954bc319f6a28b9","ssdeep":"","tlshash":"3d41412231fd68b052bfc83a2b84ae9555d77317a0b383f06d1009572d9b86666ca18c","first_seen":"2025-08-26T17:30:33.430307Z","last_seen":"2026-06-05T23:43:56.920278Z","times_seen":22,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"OPTIONS /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,think-lang,token\r\nReferer: https://usdt915.com/\r\nOrigin: https://usdt915.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nserver: cloudflare\r\nallow: GET, POST, PUT, DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, *\r\naccess-control-allow-origin: https://usdt915.com\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GGCbNZ2EBX5oyEsZqN5j2NG72WeLB5cKFX%2Bcd9vWtlHQD7YgdrY%2FyZhznf3lOHUjGX8zKWK4vNg3S3IMhpsbwn0xvUHbUhGjhUl15g4adxc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ba459ae0ff4b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T02:09:46.692243Z","times_seen":16200239,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":15,"dns":10,"connect":1,"send":0,"wait":478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/uni-app.es.DcVfOx-1.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/uni-app.es.DcVfOx-1.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-54\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JUBbOS4AiyxRLYaETB9kaYuG4%2BqRUpV2Tka2yA4BDK26XkgvmSOkW7vAyk7LWk55GrYyW8pqd5sAngYOfBzriBPE4G9nk2ShUA%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b76b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"4e68ad8fd2524e8d171ce7618ef3c77e","sha1":"7cee680fb6af2701c8cb9ac4910945dd4a1af2cb","sha256":"8dda16e8f94f82859bd41ea231f22108e0b9f3e95cfca9e5169a3b15e879ef39","sha512":"323ad6c7fb5dc744b5a3131d02d2609b3a6c1f0f2c47aa268d7e110049a29285c8b0df39917dec7606832ca770414923253ee6cc7aefcefd3ffe7e1654be1a95","ssdeep":"","tlshash":"47a0120b648124225802284020d59807117610e146c98a20c1c143240af84a48129d0a","first_seen":"2026-01-04T07:38:56.371166Z","last_seen":"2026-03-08T15:12:25.529485Z","times_seen":12,"resource_available":true,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-button.C7X7X2Rt.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-button.C7X7X2Rt.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-b36\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTLkBVv6v%2BCVb9a2z94nCJoGQmJtTo6CUjTCddPkHoI5kpx6ROSffQvwwBxKQY9ipLc8wkeIn8t1Ixcm6h6jB%2FNKqK6fDBX7og%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b7db512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2870,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2869)","md5":"66dd7cc384d0cae8755b5e43b9b32f5d","sha1":"73c593afae50bdc3b22b993a4bc367deb6e41381","sha256":"0669fc5c9e258a99b5bf8966a100636c40e286d2bbf444ed81afc453159ca9ae","sha512":"8a756c5334b6903b18456b47479d1068d316490f2a751c2726341102fae12f5e766130a0cc935f0fb1767ce1fa4c59b7601823efa3f0e231747e84f3dece3e93","ssdeep":"","tlshash":"39514404310af9371dcb8848a0bc060693106a9eda695ce8ffb571bd535f854779db14","first_seen":"2026-01-04T07:38:56.362863Z","last_seen":"2026-03-08T15:12:25.549362Z","times_seen":12,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/ProjectItem.DUNr-fWg.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/ProjectItem.DUNr-fWg.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-1285\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EW0lNJUYnmXVNnqolZsQLdwS9R18CXm0wMPDqBNuwvviL5F0hVzW%2Bp7KKvGr1f4u5jgn6BNrc0BuVoZFy5uRWYC%2FcGt7JpGoSw%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b82b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4741,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4740)","md5":"95214183ae0d9cbabb4c90669c6de47b","sha1":"9c508e6618d6bef1a24548ae012f47c9568e765c","sha256":"41dcf365f616142c27139a67b335aaa18a745b7799c6ae6b6cb0a0955040e4ff","sha512":"ad940188dbefb63ead4e0022f4d0dc30ae4b3051e1bfb469bb79bc35a8f263d61755ff278f854f5d295faa1c627f99eda7da3be99d4940ba09ca0623427f0d3d","ssdeep":"96:oTbPy5jufGnxFkaTWdkZA222ft9ba2sNmFD:oTbAlnxTTEkWSrbJscFD","tlshash":"dda175013e2cf23b29c29955b1ac45043267acccc92439def1f8a95e135bc2836ad76d","first_seen":"2026-01-04T07:38:56.387503Z","last_seen":"2026-03-08T15:12:25.525574Z","times_seen":12,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-img-AdHTCu8Z.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-img-AdHTCu8Z.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-13f\"\r\nexpires: Thu, 08 Jan 2026 03:04:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fYRkyNzkBLRR1%2BJiMAxhPn7eMrND1Y4hBGxYhG%2FSNBup8NybSTCpRsIu9SG0CrOr0RBCWCgQfbdGTFb4%2FsTB6ryaYDcgQz5Hkg%3D%3D\"}]}\r\ncf-ray: 9ba459acfb4fb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":319,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (318)","md5":"caad3ce25d72effb824a029ed4548224","sha1":"464bc035b1972a6b3c45a92cdb00b6627146d6df","sha256":"a68414fe0955a195cccc7130dfbaa6de5308a690fd5a9ae0cd02b57eb135be85","sha512":"ea3eddb3c854ecc7ad8270ac5b60f0ab72f275818311a0102cf88c3edd900aec87ad714bc5158732ec3665ce7355335c0c05ff458203f736a3b2016ee3b7b008","ssdeep":"","tlshash":"c3e026ba2368788008ebf10039f4ea484138a9b3eba3049fc5801390ca0f6017609aa9","first_seen":"2025-04-22T02:10:48.304952Z","last_seen":"2026-06-05T23:43:56.957428Z","times_seen":23,"resource_available":false,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/userIndex-yvkidZCu.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/userIndex-yvkidZCu.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642bd-1ce0\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3tv%2BockaWX9bJW8OaMCTKAmrdtyYqCDi57%2BjMpTA1QbUaFz271Mvrc4DNOyGULfBSBCkLgmaeI319bPJEfJd9yCCXF3%2Fz2Oc7g%3D%3D\"}]}\r\ncf-ray: 9ba459ad6b68b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7391)","md5":"be34723763a118d67d255cd364b2f45e","sha1":"9fd33f03dc8dc12add2f57b33b979ffaf4712ab0","sha256":"f9cd2efd4a2892c48cbb0d5ca111aaf3a7cfd568df9062e2aae6dfa74739fe66","sha512":"4f5420319587696d050708df9ef45d7d26a3c7659ea46307d603ff69eef6c7d3f9da0d7fec769020ba7cb35cc217bfe02ca5c089ca676cbb33f420dbd2ee1ffa","ssdeep":"96:I3+puM7NbHnDu09iTZUQXaQEInlQAr+RWoKb:IUBHTWTt","tlshash":"f3e1d834778d3a04aa3bce6884f0774ea110e38be9479a8c648375768cd70d33a795f8","first_seen":"2025-12-31T19:20:07.101137Z","last_seen":"2026-06-05T23:43:56.89998Z","times_seen":17,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/index.DuhDaPHN.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/index.DuhDaPHN.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459adab83b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"4ecb4d6398c94a6af8c5f03dd97b6f71","sha1":"0151c95b89951076f0f4c75baa17aace43fe8058","sha256":"05f84e0d38aea0e39b1563804396edc61b7dacbac88a3fafd0c0b6d9040a1761","sha512":"78c229b36f53eda7300c9b500d7f6a69d193fddaf7ab4c20e09b94fe4a8d28b62576c9862ece06e9a03658f0798a6d4cc6e28ed985bf58c3a594e78c323dbd85","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4Iu7RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruBu71l0eP","tlshash":"c8e17672b5f5127600a382d23295eb5a7ae0c213cbff5594b3ddc2632f9ee819903194","first_seen":"2026-01-07T15:05:22.744506Z","last_seen":"2026-01-07T15:05:22.744506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":454,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/pages-user-index-userContract.-PZvqOlL.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/pages-user-index-userContract.-PZvqOlL.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459adbb8db512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"cbf936d8e2097f34fcef52c65bc0b3c3","sha1":"42558f70b6e625aa67562eea271f68a54dcef487","sha256":"4fa07a85fde8e7f73f59d862a8cc87828c758334b1b3de291f1405da3559e407","sha512":"1b097e450451dcae114ea31e019ac3c9839200eae56179f62cecf23a6eaaaaf39afcefd2aff19cecea626458437dac73e9cf902779148bb50706cae3c66916e0","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4IM7RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruBM71l0eP","tlshash":"67e18772b5f5127600a382d23295eb5a7ae0c213cbff5594b3ddc2632f9ee81d903194","first_seen":"2026-01-07T15:05:22.745903Z","last_seen":"2026-01-07T15:05:22.745903Z","times_seen":1,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/favicon-DYZFR1kO.ico","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:55.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/favicon-DYZFR1kO.ico HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: image/x-icon\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CpCAmnfF%2BRc9gujEerPKPOPhkUbz2SQJ%2Fx34qaIODbcJSqNw2xrHygZWvf%2B9g72SEuHTrlbz2MTZKqV9pwpOf7VR6JF2GvNN1g%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncontent-encoding: br\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"695642bd-1083e\"\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ba459b1dbf9b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67646,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel","md5":"c1e95980fa943781f0eb7e84beceec34","sha1":"16b7f463692369ba1c2f87ca8b2a9c0b78b0b1a5","sha256":"388ee33538664826ebace6ad3583c68031fbb50a9b64d6a4cf3f1b83ad16edf9","sha512":"ab7f0b44e2b8319476526d8868da0cddf44cbe13d234da08db0380653cae1899796f1f6219bdadcc9894a0576f7b0af8db8b8e6007ede7ca136e36ab836ea278","ssdeep":"384:8bcUhWm+++vR9wORuO4AGoNVwKOqr7IwV:EcUhbTrObxDwKOqrswV","tlshash":"cd637aaea6119d3cfc450e7ca4618c0409aa5f8e381dd2fb64e03a09677b7d8c85fd76","first_seen":"2024-11-30T03:53:11.674099Z","last_seen":"2026-06-05T23:43:56.926969Z","times_seen":107,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":348,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-input-CrT96B3I.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-input-CrT96B3I.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-6dd\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YZfLdO3lKhwKuudEZv7Xhrg76Kdu7W%2FgT5OWkNWN7UVsWlYPjhBIS5IlzDugFkA9wwgQbdLB9nO%2BKwnQ2ZtxMGvyC2wLL4pzNw%3D%3D\"}]}\r\ncf-ray: 9ba459ad5b65b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1757,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1756)","md5":"0b886cf1a1bdf47ff7dc92d7d99331a2","sha1":"8aa130ace09d333c7817ed114f2161247c6e9681","sha256":"11e33fcbf5534a186ed16416f1b65b27bfcd069cd373f2541e3a100acce43809","sha512":"020bd3e989b492df1bbf6b8eb66f6dc870f32853b481ecf40aea027369efadcd1d5b85d4752e5ed69f32f228e15fd6d77229301681437564d56e755a8b3c6f18","ssdeep":"","tlshash":"323111327d491855392be60efbc0be9d456462a2d393008df6d05b3a0847982fc6dcdc","first_seen":"2025-08-26T17:30:33.401018Z","last_seen":"2026-06-05T23:43:56.920964Z","times_seen":22,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-stat-DueXHMM-.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-stat-DueXHMM-.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 520 No Reason Phrase\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7319\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ba459ad7b6ab512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"520","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7319,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (578)","md5":"acc6df75f9731452ecf242bc3d33d80d","sha1":"0c2dbe6784f4cfebd5be70822616cc8b8499a37b","sha256":"9a22676e621a74423ace620cffbf6bbdcd913502d9853436871efd440c4a7a42","sha512":"9133d11ada9c0bc50105b70734ac7b372c7aff80ffd0631a8943be0af204edc66093a1e66df7007be82c7407292ff711f23665062ac653903e00512a2e972e4c","ssdeep":"96:1j9jwIjYjGqDK/D9KU4nkSG4Fh8/G4FXR424FP+skKmv9eQmN7UWu4Ik7RLlJaQF:1j9jhjYjXK/BQeQ1V8VIruBk71l0eP","tlshash":"7ce17672b5f5127600a382d23295eb5a7ae0c213cbff5594b3ddc2632f9ee819903194","first_seen":"2026-01-07T15:05:22.748937Z","last_seen":"2026-01-07T15:05:22.748937Z","times_seen":1,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":377,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-section-CDcYCXgd.css","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-section-CDcYCXgd.css HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nCookie: __vtins__3JnRFYkERItiZhCQ=%7B%22sid%22%3A%20%22e22c47cc-eeda-54e2-a1a6-160d14aa2bcc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201767800093878%2C%20%22ct%22%3A%201767798293878%7D; __51uvsct__3JnRFYkERItiZhCQ=1; __51vcke__3JnRFYkERItiZhCQ=64c58555-a9b1-5f54-8924-d1197da1cf5f; __51vuft__3JnRFYkERItiZhCQ=1767798293883\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-174\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bh6CB2fU9642T9eYgWRab%2BR%2FDW9V5AMOTecNbnUSWwpIVy5XeMY7VIU5SNUgTw5TkEshagisOiP6Xom9w2tXQvci0cPGBVOakA%3D%3D\"}]}\r\ncf-ray: 9ba459ad7b6bb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":372,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (371)","md5":"006a7f142fdc4795801553a74c5f0ccf","sha1":"c2889babfcb0370ab068512f13e74f12fdb00094","sha256":"7225c3b57051f107a8e638cb536668f1ca88fa9925544670a7f44050adcd535f","sha512":"ed7cca52ec98758a50462be334b7891e70aa95301a74c308bc171395a674418e646e20ac865eda6848f12fe81972e650b794ba6a806c856c2bbde59d2b502c4f","ssdeep":"","tlshash":"b1e09b16778eb54c642bd73b34a2bdc80124d621c277c10d6671a3584da734711026fd","first_seen":"2025-08-26T17:30:33.40408Z","last_seen":"2026-06-05T23:43:56.967297Z","times_seen":22,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/pages-user-index-userBoot.DkifFdHN.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/pages-user-index-userBoot.DkifFdHN.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-75f0\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pJJO6Mj20axiWW4erDE5eGiUWjFpWbJfmsnPQGuddugtEGeacYuIgDFg%2BaTYycObVXQZuWzoPsMm1PT4U8XjF472WmUcD%2FScWQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad8b74b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30192,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (30185)","md5":"46793adfa0a3c558d77c93088905399b","sha1":"48585b6e60d46b5f38a545a7bb123f5e9e43ea85","sha256":"68590b7cf3a93be5529b94383a62e404a110e1624cc0aaea17d744282b4553bd","sha512":"d2030f47b866ab37755ae9a5102ded9a982a5d6f0f457ff851505de1a426fdeed6d0ee081efbcf52aba4cca7c061725dec544998f4ecd63f7db8b267d485928d","ssdeep":"384:Sgqdw3JNaAYHdZtzeul63aAq5Pt7j3OWpdmalbuFB:Sdw3JNaAqdZtF634l7LffuL","tlshash":"7fd2f8053f2ce1766f93a928d0da0811b07758ced545f49d72f4cd9e02eec846aae37a","first_seen":"2026-01-04T07:38:56.305516Z","last_seen":"2026-03-08T15:12:25.514737Z","times_seen":12,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usdt915.com/assets/s-popup.CE8mUVWU.js","fqdn":"usdt915.com","domain":"usdt915.com","tld":"com"},"ip":{"addr":"172.67.198.79","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:54.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt915.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 05 Jan 2026 16:12:01 GMT","end":"Sun, 05 Apr 2026 17:10:38 GMT"},"fingerprint":{"sha1":"E8:F8:C7:49:28:FA:38:3F:9D:24:68:01:AE:96:DB:15:32:DE:E7:E4","sha256":"09:C5:6E:F1:0D:82:CF:6C:AE:AE:56:C2:54:5A:C3:27:72:E7:BA:57:A0:8D:91:15:02:8F:28:5F:11:A4:96:1F"}}},"request":{"raw":"GET /assets/s-popup.CE8mUVWU.js HTTP/1.1\r\nHost: usdt915.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usdt915.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"695642be-105b\"\r\nexpires: Thu, 08 Jan 2026 03:04:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tweIiWx0cqoTF31ITczpsq0RFlnmeyrqW5IjCOFPcop7QSPcvwluWkQVgXZDlUT4om7FydX3Zg6FcAeIQqI4dbo%2Ful89JeS2RQ%3D%3D\"}]}\r\ncf-ray: 9ba459ad9b7eb512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4187,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4036)","md5":"52dde1491beaf065e7a8c2abf5c8ea8e","sha1":"ebafe6d395f1a6fdc64eb76dee50ef8b7a12bfb0","sha256":"e6e3bfd4947d453361d32100233c2554419edc5282ea5e4ca4f16a872840ec1b","sha512":"5223231fa512cdccdebe09981809ed31987dd2f7d68299239a7d7abce0acc1f6db829203634035be393eaebe0ed9a70221a1d71e1adf02f030dceade63a61a45","ssdeep":"96:5zzb/vvVXaGe2O2smBNk7vYTLMcO0PLFKpcQU4CmRU:5vr9DF8bYo8Fscl0U","tlshash":"7281a5943c4cc97a95c59a0b44211a40975a6fec87b53d5df6fd2cff02c7c1a2a84b2b","first_seen":"2026-01-04T07:38:56.337955Z","last_seen":"2026-03-08T15:12:25.548433Z","times_seen":12,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"usdt915.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apis.usdtifa.com/api/system_param","fqdn":"apis.usdtifa.com","domain":"usdtifa.com","tld":"com"},"ip":{"addr":"104.21.4.189","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdt915.com/","date":"2026-01-07T15:04:55.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtifa.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Dec 2025 03:42:28 GMT","end":"Wed, 11 Mar 2026 04:41:17 GMT"},"fingerprint":{"sha1":"D5:43:E7:C8:77:03:AB:F4:1A:3F:6D:8D:00:52:52:9B:06:95:27:88","sha256":"BC:2E:9A:BE:9E:D9:F7:7D:70:0C:D2:34:A4:37:59:1A:03:F2:49:B2:CE:84:EB:5C:BA:80:F8:4A:3A:B8:97:A6"}}},"request":{"raw":"POST /api/system_param HTTP/1.1\r\nHost: apis.usdtifa.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: \r\nthink-lang: en\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://usdt915.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt915.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 15:04:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-headers: *, *\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=th8Q61F%2BymDnMVgdfCWm2T99iL7vzw7VmZl1G84Qz00eXCNB3TxfOs6cQglc6Cw%2F%2BTvA7CrRc1M%2FkAWqHhM%2FJp1CBipSoCyaLTTCAMWMKrM%3D\"}]}\r\ncf-ray: 9ba459b13996b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":152608,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (46546), with NEL line terminators","md5":"78b1d1e95b011dbb36d4b735a014379c","sha1":"0b8558866adaa9cd4395326787ee23b9a49ced4a","sha256":"2a6464020a48edb94daaa24581806f744f29c58434e4474af3b24fc53aa9002b","sha512":"4bcd328fd487a1c2f16088618a6486678aae26bc455e475e2014e20d8ec2c1c17e76d479076a08a7e7a04a1fe4293a809d822d1768b0e9aa6a04bb66df0b77d6","ssdeep":"1536:F7TjjA1C845sA1C845NLe0WVzNUA1C845HA1C845GzNPA1C845xzNvA1C8455A1G:F7PC6SMOlmquc3tBg94IsGJYGhqo","tlshash":"b9f3b6add6da431288d370ccd1c2a7bbd37838127789ed2fa056dfa900cb515997a0e7","first_seen":"2026-01-07T15:05:22.752618Z","last_seen":"2026-01-31T12:50:52.131112Z","times_seen":2,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}