{"report_id":"f2cc2768-3014-4b4f-ba52-5d889e920999","version":6,"status":"done","tags":[],"date":"2026-04-07T14:36:46Z","url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"title":"usdtcheck.bar/","dom":{"size":94024,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (51930)","md5":"b166b9126aa61b764d6c283f2844803e","sha1":"5352b6a5be360390b3644a32b16009dc4b7de596","sha256":"b8305f42c528ae4f790a5051fbef33e9a945d77d8cf0f1e9d92f70374b19fd24","sha512":"d626c96e9ce3baec2378ce2359b93a7039e5dd8d9eeccbcb44665358c3395a4ba261a19cf4b2703490aa27f647a579b859bd033905eb499227a59e55f2cb0e5f","ssdeep":"768:aUpu9nAlGXX/Nep0kC7/+ptnFuHfhJiTCtcWW1yfGCwwaPMvJyroAPyfGxwaPMMV:aHnAlGX1L+jnFuHfhJiTCOyppyEUTztj","tlshash":"fa93b660a7b0157a363b437ce59bf71466685613da4e73e6f4bdc09886c9ba300f270e","dom_hash":"domhash5c20e826e540fbae13dd0dbb0e5661cc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T14:36:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cryptologos.cc","ip":{"addr":"104.21.92.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-04-13","domain_rank":572515,"first_seen":"2019-08-22T11:22:00Z","last_seen":"2026-04-04T17:32:00.985974Z","alert_count":0,"request_count":1,"received_data":746,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-05T22:35:26.697622Z","alert_count":0,"request_count":1,"received_data":760964,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"usdtcheck.bar","ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2026-03-31","domain_rank":0,"first_seen":"2026-04-07T14:31:30.383595Z","last_seen":"2026-04-07T14:31:30.383595Z","alert_count":0,"request_count":5,"received_data":190196,"sent_data":2316,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdtcheck.bar/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-09T22:29:09.086902Z","times_seen":139601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/astra-theme-js-js-extra","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b07bca0803fb9dbd2ff545132ba722ab","sha1":"066a6f046405ac3d33fe6cb326d9a9187dc70301","sha256":"75eab3043639f81b4bb35d60f2b071274dac488cac69c99f9f9a6d30520f16a0","sha512":"e1c1e3f29b0033d82257ea60b0db4528f8f96368868f4c2e9435b7185ef6f0f4446c245207c9f98b5e1beee1f38928639ca6082a5db7ccf23e050108fd4456b5","ssdeep":"","tlshash":"c6f0a710c2d21d0176d78c7250118f64b0fd9190d1d4f08d9a7c454862e6a1a1668109","size":550,"data":"","first_seen":"2025-12-21T04:28:37.340953Z","last_seen":"2026-04-07T14:36:48.243Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/wp-includes/js/wp-emoji-loader.min.js","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea6c632664b073983f5cf57fca3e573b","sha1":"cd5ed62572b957e60975ef9770a1d35fd72befff","sha256":"99e17aebf88b25d2097128d83d50f100893f6391c50b55e3da8a640ae81782c0","sha512":"bd5082459fc6574f3212db31d4c2bd593219e27dc297d795565aa40097be185ece8ecfe9e4d7cf4eb17a74271e973800251190877b98ce97345b9e236a8f833d","ssdeep":"","tlshash":"d661a696e77638dbb2f900f2697a0d47e7614435d6c8d438c9bda31418b5893c274a46","size":3302,"data":"","first_seen":"2026-04-07T14:31:34.6047Z","last_seen":"2026-04-07T14:36:48.248701Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","size":760171,"data":"","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-04-09T13:42:21.5062Z","times_seen":3121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f1d31270ca6732c125bdf5a2311de0a","sha1":"d8161b5775a3bf11f38d0a627241574cfbd428cc","sha256":"fcb7aa32fc09f97d7b21b233184c8eac2ac3e26c2ca6d37ce4c8435dbe3093a9","sha512":"bf911f71e72082cdd43fee153fb46b75625b47e8ede056c5294ac77f14fb27060ae5a63c1a3de3d38695c9698bdcaff0a8cd96d67dfec477a467b273ef43f3cb","ssdeep":"","tlshash":"955152aa60b71571c2677aad7abf622111394017b9059c943acc13001fafd1f98f6add","size":2940,"data":"","first_seen":"2026-04-07T14:31:34.602254Z","last_seen":"2026-04-07T14:36:48.250124Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":true,"md5":"3688fd64c409264431201fa55a828e81","sha1":"2b7eeefaa1edf3a7621f7576b35b01c895ef5367","sha256":"944433761a880eab1d567dd5389499af76aa03582c82a8aa88838e3c6c2134c6","sha512":"1393fe2f189899d68717be994820d19a7e89660ea5cd90cf4a2d3dd07b41c95c2f63a3a0833d2407f16be6a3eae698ab549eac52d4ffc82bcd2da0e4e46da210","ssdeep":"","tlshash":"bae026faea5a457101e6a1237bce739e293665a3a92a4c402899ce806838dd31126ed1","size":333,"data":"","first_seen":"2023-03-07T01:02:35Z","last_seen":"2026-04-09T22:20:57.008678Z","times_seen":33240,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.12.6","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"introduction_type":"scriptElement","is_inline":false,"md5":"5db6f7f38fafd05f001e34df5d2fde28","sha1":"3c2b092eb7f6af12bcaea927394f7a53a4245e56","sha256":"1bed1b803f3da652607a8f6dc9f9397d47da30c6e3f8417d4ae2e76f1f73e5b7","sha512":"5f5589b01f95ab46cd71000523210b778d6fde66c16a678fc1d9c82598e6f1f9f56270908c408117e5e453d65e5d223abe555d5d3269b32ea5710d88c69a2a16","ssdeep":"768:MtPx6KoYcFDTHjGropoCoRoXCjCRcjC1LlJtmxTwB2V7sE3T92tfSrgt8zQmIFhx:4Px6ViOCjCRcjulLmxTwgwZSnWhdcFIz","tlshash":"60b281a667002a3604fe17e7f5daabc47671149ffa0944115838cc2e29a8fd361f1af9","size":25664,"data":"","first_seen":"2026-03-24T13:25:04.359628Z","last_seen":"2026-04-09T22:48:22.526393Z","times_seen":1035,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"usdtcheck.bar/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.12.6","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:24.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.usdtcheck.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 00:39:49 GMT","end":"Tue, 30 Jun 2026 00:39:48 GMT"},"fingerprint":{"sha1":"47:9B:55:16:94:BA:F4:5A:C3:1A:13:F2:B8:9C:AE:4F:27:0A:44:56","sha256":"1C:2B:75:30:3E:8F:CB:4F:33:E5:EF:3E:0E:20:03:FD:CF:C7:47:5F:55:88:FA:ED:7F:A9:6E:70:C0:9A:7B:0A"}}},"request":{"raw":"GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.12.6 HTTP/1.1\r\nHost: usdtcheck.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 14:36:24 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 02 Apr 2026 15:37:19 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 8375\r\ndate: Tue, 07 Apr 2026 14:36:24 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":44801,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (42727)","md5":"431909ef7202ab2e448f1c809fbc6df4","sha1":"7bb55930e4cf2b13049062f37bf14377933d4a1b","sha256":"cb9e5b3058d1e3621033fdfe0f593020be47a479be74017760b6143ed5c1add6","sha512":"c5ebbec18082755f853618a80822985835720f5e8aeb8bab00b1b322e3bdc0035e159d82c0fc4c03d8d4efd2e6790b3963c67b21bf0f61da21e2b424c0cfadda","ssdeep":"768:NPQOrk1rhbYollnk+FHkFYCzxdvN3bR2/WLmiyCFS7QHQtBU5WOT1enhm2a7ZAR3:xGUY+LHQtBU59TwDuaP","tlshash":"1e13f86147d035395233473efad6ba082b694313d74f26e2f8ab8768c9c57c71a72a4c","first_seen":"2026-03-24T17:32:56.765084Z","last_seen":"2026-04-09T22:48:22.53063Z","times_seen":887,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cryptologos.cc/logos/tether-usdt-logo.png","fqdn":"cryptologos.cc","domain":"cryptologos.cc","tld":"cc"},"ip":{"addr":"104.21.92.70","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:24.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cryptologos.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Feb 2026 11:19:19 GMT","end":"Wed, 13 May 2026 12:17:42 GMT"},"fingerprint":{"sha1":"0A:19:3B:1A:59:5D:70:32:FA:27:97:BE:96:A4:5C:10:C1:AA:2C:D3","sha256":"FC:29:2A:D7:F8:A5:2D:9B:E9:13:EF:94:FC:C0:93:D2:4D:36:C0:E6:B8:C2:01:12:0D:3E:9D:0C:81:4E:5E:35"}}},"request":{"raw":"GET /logos/tether-usdt-logo.png HTTP/1.1\r\nHost: cryptologos.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 07 Apr 2026 14:36:24 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k8dCFD2VDJb9ILhpflAxEZja1bWygGZd5cUlcD82EJtn3TzdUe%2BnijgYIKys0%2Bx1DD1R%2FzlZqAtrRu5cKU3KbCq4s6fOpHTc1QDa0UBdejTVPMODFaZQTCGKyZimt6iaOQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e89c3aeb9705a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T22:28:29.555509Z","times_seen":13556316,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":46,"dns":25,"connect":3,"send":0,"wait":6,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.12.6","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:24.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.usdtcheck.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 00:39:49 GMT","end":"Tue, 30 Jun 2026 00:39:48 GMT"},"fingerprint":{"sha1":"47:9B:55:16:94:BA:F4:5A:C3:1A:13:F2:B8:9C:AE:4F:27:0A:44:56","sha256":"1C:2B:75:30:3E:8F:CB:4F:33:E5:EF:3E:0E:20:03:FD:CF:C7:47:5F:55:88:FA:ED:7F:A9:6E:70:C0:9A:7B:0A"}}},"request":{"raw":"GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.12.6 HTTP/1.1\r\nHost: usdtcheck.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 02 Apr 2026 15:37:19 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5671\r\ndate: Tue, 07 Apr 2026 14:36:24 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":25664,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (25664), with no line terminators","md5":"5db6f7f38fafd05f001e34df5d2fde28","sha1":"3c2b092eb7f6af12bcaea927394f7a53a4245e56","sha256":"1bed1b803f3da652607a8f6dc9f9397d47da30c6e3f8417d4ae2e76f1f73e5b7","sha512":"5f5589b01f95ab46cd71000523210b778d6fde66c16a678fc1d9c82598e6f1f9f56270908c408117e5e453d65e5d223abe555d5d3269b32ea5710d88c69a2a16","ssdeep":"768:MtPx6KoYcFDTHjGropoCoRoXCjCRcjC1LlJtmxTwB2V7sE3T92tfSrgt8zQmIFhx:4Px6ViOCjCRcjulLmxTwgwZSnWhdcFIz","tlshash":"60b281a667002a3604fe17e7f5daabc47671149ffa0944115838cc2e29a8fd361f1af9","first_seen":"2026-03-24T13:25:04.359628Z","last_seen":"2026-04-09T22:48:22.526393Z","times_seen":1035,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/ethers@5.7.2/dist/ethers.umd.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:24.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/ethers@5.7.2/dist/ethers.umd.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.7.2\r\nx-jsd-version-type: version\r\netag: W/\"b996b-tlFUVYf2JXNF3D3p3apESxDe3z4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 07 Apr 2026 14:36:24 GMT\r\nage: 1061960\r\nx-served-by: cache-fra-etou8220026-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 168432\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":760171,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"71f8c498e792c6179d4e2840228f777a","sha1":"b651545587f6257345dc3de9ddaa444b10dedf3e","sha256":"a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73","sha512":"14371563e83bbdce425c035bad34a0d4ae6a2f2ae20ac183602134d8b8b5b5711874d40fbcb3c7344fab4f63237a2f0dedf65b7b458b870dbb8f64ab191a5d32","ssdeep":"12288:TfamYTKkkAJs8P+H8Xb2F/nNuwEYtnob6qQr:TfjkhPaNnN9EYtwo","tlshash":"35f43b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","first_seen":"2023-03-13T00:48:53Z","last_seen":"2026-04-09T13:42:21.5062Z","times_seen":3121,"resource_available":true,"data":null}},"time_used":242,"timings":{"blocked":71,"dns":4,"connect":28,"send":0,"wait":29,"receive":66,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/favicon.ico","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:25.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.usdtcheck.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 00:39:49 GMT","end":"Tue, 30 Jun 2026 00:39:48 GMT"},"fingerprint":{"sha1":"47:9B:55:16:94:BA:F4:5A:C3:1A:13:F2:B8:9C:AE:4F:27:0A:44:56","sha256":"1C:2B:75:30:3E:8F:CB:4F:33:E5:EF:3E:0E:20:03:FD:CF:C7:47:5F:55:88:FA:ED:7F:A9:6E:70:C0:9A:7B:0A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usdtcheck.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Tue, 07 Apr 2026 14:36:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-09T22:26:10.630904Z","times_seen":117211,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtcheck.bar/","date":"2026-04-07T14:36:25.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.usdtcheck.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 00:39:49 GMT","end":"Tue, 30 Jun 2026 00:39:48 GMT"},"fingerprint":{"sha1":"47:9B:55:16:94:BA:F4:5A:C3:1A:13:F2:B8:9C:AE:4F:27:0A:44:56","sha256":"1C:2B:75:30:3E:8F:CB:4F:33:E5:EF:3E:0E:20:03:FD:CF:C7:47:5F:55:88:FA:ED:7F:A9:6E:70:C0:9A:7B:0A"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9.4 HTTP/1.1\r\nHost: usdtcheck.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtcheck.bar/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 07 Nov 2025 13:44:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4949\r\ndate: Tue, 07 Apr 2026 14:36:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-09T22:29:09.086902Z","times_seen":139601,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtcheck.bar/","fqdn":"usdtcheck.bar","domain":"usdtcheck.bar","tld":"bar"},"ip":{"addr":"65.108.71.177","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T14:36:24.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.usdtcheck.bar","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 00:39:49 GMT","end":"Tue, 30 Jun 2026 00:39:48 GMT"},"fingerprint":{"sha1":"47:9B:55:16:94:BA:F4:5A:C3:1A:13:F2:B8:9C:AE:4F:27:0A:44:56","sha256":"1C:2B:75:30:3E:8F:CB:4F:33:E5:EF:3E:0E:20:03:FD:CF:C7:47:5F:55:88:FA:ED:7F:A9:6E:70:C0:9A:7B:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdtcheck.bar\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.30\r\ncontent-type: text/html; charset=UTF-8\r\nlink: \u003chttps://usdtcheck.bar/wp-json/\u003e; rel=\"https://api.w.org/\", \u003chttps://usdtcheck.bar/wp-json/wp/v2/pages/8\u003e; rel=\"alternate\"; title=\"JSON\"; type=\"application/json\", \u003chttps://usdtcheck.bar/\u003e; rel=shortlink\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 07 Apr 2026 14:36:24 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":93942,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (51930)","md5":"792706cc4cedcc82f782132dc81ef09d","sha1":"bc91c268097c6f23bc4b58f6d966e3a4fe9e3c8e","sha256":"f868ebfb436f0449ac2b8c68585498cba4ecca505aeb1264d7bf51a0cb7a11e8","sha512":"5c0e65ec16c498e44e76a3feda92f179c18f8f8d83a4c7003a61cd20bb2777ad7db5929e3dd0f33ecc2aada24d9095621b1fb76f9e3f0f9919eadf741e976f0d","ssdeep":"768:/Wpu9nAlGXX/Nep0kC7/+ptnFuHfhJiTCtcWW1yfGCwwaPMvJyroAPyfGxwaPMM0:/1nAlGX1L+jnFuHfhJiTCeyp0FfU5ztH","tlshash":"6993c660a7b0157a363b437ce59bf71466685613da4e73e6f4bdc09886c9ba300f270e","first_seen":"2026-04-07T14:31:34.600844Z","last_seen":"2026-04-07T14:36:48.24169Z","times_seen":2,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":61,"dns":1,"connect":27,"send":0,"wait":268,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}