{"report_id":"6865a8f7-d251-4755-a63c-dbbb9fe33597","version":6,"status":"done","tags":[],"date":"2026-02-11T07:52:47Z","url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":0,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"title":"USDT Savings","dom":{"size":22177,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15388)","md5":"a1bfbde1b9b6b3648a88402763f185a5","sha1":"ad788bfe50a3b6dec6650597dc4eee3ab98c252f","sha256":"90a1a37888f3ede2282e98f993ad96eab79ca158ad6f4eb7c79d97cbf3bbcc86","sha512":"82cdc0ea0a4c069f8568dd9cb0051bdb0b39b336c13cddb2165410068238eeb66275b8371b90693362eafd28624191b461a7385a5326e730707be3bfeacaea30","ssdeep":"384:c6oZCxy2OKmJMJFV2tFtFSFuXFQFO52ZBdecYdM3x:cNQxy2jLV2332uVQO52ZBd5YdM3x","tlshash":"1aa2c8a2a15154a302b7a9c5e1b0fe39b2e2f30f850b80247ebd45851fc7ef8f896171","dom_hash":"domhash4fc58a7e70aedbbc586753f0808274df","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":0,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-18T07:52:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":20,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43834,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.652912+0000\",\"flow_id\":1573182989441571,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43834,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-11T07:52:32.104995+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43832,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.654842+0000\",\"flow_id\":793843993707403,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43832,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-11T07:52:32.099211+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43850,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.679762+0000\",\"flow_id\":101050736483067,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43850,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-11T07:52:32.105211+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45264,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.723659+0000\",\"flow_id\":628324544073490,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45264,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.184082+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45286,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.745975+0000\",\"flow_id\":1248253681081897,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45286,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":912,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.269865+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45274,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.752734+0000\",\"flow_id\":1257397666507848,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45274,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.257096+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45302,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.754491+0000\",\"flow_id\":1111695195907466,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45302,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":912,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.271754+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.759706+0000\",\"flow_id\":317248652769011,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45276,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.259827+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45314,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.821488+0000\",\"flow_id\":110731592738918,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45314,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.272486+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43860,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.838017+0000\",\"flow_id\":1338334177686359,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43860,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":904,\"bytes_toclient\":6037,\"start\":\"2026-02-11T07:52:32.291671+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43874,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.853018+0000\",\"flow_id\":2262193698138,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43874,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":904,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.292186+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43890,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.860725+0000\",\"flow_id\":108377950680552,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43890,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":753,\"bytes_toclient\":3148,\"start\":\"2026-02-11T07:52:32.292328+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43892,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.912874+0000\",\"flow_id\":235042978683052,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43892,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.350380+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43906,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.930017+0000\",\"flow_id\":926612170240011,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43906,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-11T07:52:32.356363+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43908,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.933843+0000\",\"flow_id\":1819430644379795,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43908,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":753,\"bytes_toclient\":3148,\"start\":\"2026-02-11T07:52:32.356499+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:32Z","timestamp":1770796352,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:32.986838+0000\",\"flow_id\":1017530185458796,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45318,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.435308+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:33Z","timestamp":1770796353,"ip_dst":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"ip_src":{"addr":"Client IP","port":45332,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:33.064984+0000\",\"flow_id\":1838936238390763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":45332,\"dest_ip\":\"39.101.26.6\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"dapptubiapp.oss-rg-china-mainland.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":4997,\"start\":\"2026-02-11T07:52:32.523755+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:33Z","timestamp":1770796353,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43942,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:33.106974+0000\",\"flow_id\":1569422745553805,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43942,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":904,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.543629+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:33Z","timestamp":1770796353,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43914,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:33.108382+0000\",\"flow_id\":49225513578587,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43914,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":6091,\"start\":\"2026-02-11T07:52:32.536667+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-11T07:52:33Z","timestamp":1770796353,"ip_dst":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":43928,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-11T07:52:33.114449+0000\",\"flow_id\":1216726473657089,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.12\",\"src_port\":43928,\"dest_ip\":\"47.79.64.227\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"yudiannet.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-11T07:52:32.543489+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cdn-icons-png.flaticon.com","ip":{"addr":"23.36.76.130","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2013-05-10","domain_rank":239972,"first_seen":"2021-09-02T06:55:19Z","last_seen":"2026-02-04T19:19:10.551982Z","alert_count":0,"request_count":4,"received_data":76355,"sent_data":1756,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-12-30T23:38:10.063969Z","last_seen":"2026-02-11T03:20:04.398866Z","alert_count":0,"request_count":8,"received_data":176539,"sent_data":3659,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"cdn4.iconfinder.com","ip":{"addr":"172.66.149.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2004-02-23","domain_rank":608280,"first_seen":"2012-08-14T17:19:25Z","last_seen":"2026-02-09T21:25:24.765736Z","alert_count":0,"request_count":1,"received_data":37173,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"hw.rangwodf.cc","ip":{"addr":"172.67.150.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-12","domain_rank":0,"first_seen":"2025-06-03T12:45:54.191815Z","last_seen":"2026-02-11T03:20:05.208617Z","alert_count":0,"request_count":1,"received_data":5018,"sent_data":372,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"webapi.meishenme.shop","ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-11T03:20:03.500753Z","last_seen":"2026-02-11T03:20:03.500753Z","alert_count":0,"request_count":19,"received_data":2791645,"sent_data":9850,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-12-30T23:38:10.067507Z","last_seen":"2026-02-11T03:20:04.05713Z","alert_count":0,"request_count":10,"received_data":825407,"sent_data":4740,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"usdtsaving.click","ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-02-05","domain_rank":0,"first_seen":"2026-02-11T03:20:44.95717Z","last_seen":"2026-02-11T03:20:44.957171Z","alert_count":0,"request_count":38,"received_data":3624083,"sent_data":15847,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-06T23:47:44.205951Z","times_seen":701,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-06T22:30:21.917795Z","times_seen":1323,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-07T12:12:38.671572Z","times_seen":5598,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/charting_library/charting_library.min.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","size":10858,"data":"","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-06-05T10:33:32.118542Z","times_seen":518,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-07T11:56:58.269861Z","times_seen":3517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"557995f65f5a11b3f15fab2407ce466b","sha1":"4bbc2be07a667e326a6d270a459986b3693ef701","sha256":"d5a4859bf9ec0f9c5954f69ca52e84e33d2a127a30c2b44dfb31f8dae99c10fa","sha512":"efb0d433dc80afc2e5db4120592a7c0cca82ea087095998ffe6e6e12f9094ba8d98e743afeeef476c940476c5c3059a78d3f2bf526e04681a9907824d82dfb15","ssdeep":"","tlshash":"7ac08cc5b0c36e002602645014af38e49034402ab04c1b678ea4e8492e630f08233e98","size":148,"data":"","first_seen":"2025-12-30T23:38:20.695443Z","last_seen":"2026-04-06T13:36:30.388764Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ecb9b0fa7fc0b0ce10d012293bf85653","sha1":"62875d9baf87827b9c94e53e81151680fb4d5776","sha256":"e5566de6644a92823e95bb21acf2be60b0e007459c06bc5f1da8f8e2ebf7fc66","sha512":"4cbf2fd303639b6a6be2458f29f6cc44508a51c6872601efc57d7860baf7e61dead0f36161b23c39a47230546b2cd38260e29c6738f0c122c30742ae656ecbac","ssdeep":"","tlshash":"0cc08cc6f0d22d012612781154ef34e49034443674481b028c95dc492e734b08233e99","size":145,"data":"","first_seen":"2025-12-30T23:38:20.702494Z","last_seen":"2026-04-06T13:36:30.382244Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c1155eee87487f5efe9634a03695b16c","sha1":"2532dae40bd8f2c93a9eb7cbb00bf21e050124b1","sha256":"41c9b4311d7a14bda7da372afb964f0bf08f0823e01617a967aa9eb2554d298b","sha512":"ae1174eea2e3597d1ecd46bea51c7948e05095c00c03cb3670e5b62dd0c14abd26e7c3643fda485610290a4426fa92d0c9d7920303a7bdbc659f735313f2ea48","ssdeep":"","tlshash":"28c08cc4b1d22e106606641010af36e490298426b08c1b028ca8e8892e260b08237fec","size":148,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-05T10:33:32.173255Z","times_seen":408,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd1e8c8747cc3e7988431ef41710437a","sha1":"d1432b1535c7a41193d7547b95321a9346534987","sha256":"79858d433012bf68ed2c4ab725d0d5312e926ca41e35fe2a3234e017686eb3b9","sha512":"f8da8a9585718c87dd2f90d53dfe2cda27975d7b7dc92bf85593ee4344817fd4392f840e88a3384e1bda7c0b86dc23169b6c4691e9f017f75eb43816a966190c","ssdeep":"","tlshash":"5611abfe291a60296303804e976b7911a53250b9000a184277cc9b9dbb9ab7dd0cfb8d","size":1048,"data":"","first_seen":"2026-02-11T03:20:50.664542Z","last_seen":"2026-02-11T07:52:51.347826Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-323f05de.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1ce51a7f22a19f8318f6ac9b24dbbd9","sha1":"f2776e76c7a47b903f76d2489a907399712d9acb","sha256":"9e2a62feaef2ae245cf4548881e50920c9d6e936971e25411da0e34bf0d7a56c","sha512":"835fc8a269976eabeb005e1f1cebb49c7da9de4f5b8667722aa1b1cbbd95345c6d11f8102e1d4624d02b5c5fd70725ca87a0b3173e51cfdf2527cdc1cd82e3c8","ssdeep":"768:tlf6CmtgNEwCk/6AK3uH8cVbSgqa2LM1MAjMChtK8dSqMknXEWljy2adxhiei7VF:wmg3LghZndSqZUWo2f97fIkGz81p/","tlshash":"d8a31a8da40b1fff58be0888aa1f580021691fd7598cc8d3b2be5e562bf9ce4535d718","size":102670,"data":"","first_seen":"2026-02-11T03:20:10.855529Z","last_seen":"2026-02-11T07:52:51.336739Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-04T04:33:14.48706Z","times_seen":526,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-04T04:33:14.48971Z","times_seen":346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"bd4b58236459e8d6f1dbffe36a0eebbe","sha1":"41e97737c7cdf1002ff5903cc90da320e2135731","sha256":"6add64f0fa4e3f80b6ef385df02a7771e9ac67be7a86813ef91f57ee63f08006","sha512":"873a23901ab19328f599d64a73375344224d8793efc2f4bb878adb3e924c57277f61abfed3e79677616d337e4540db8c3a8093602770ab3423283c8d387a4b8a","ssdeep":"","tlshash":"71e0a3a6717dc124d9b16f3e69ed1d57e59212310d9c070bbcb591241ef5d1020bc8d5","size":420,"data":"","first_seen":"2026-02-11T03:20:10.879517Z","last_seen":"2026-02-11T07:52:51.349411Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-ae1b84c9.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"09033d58a36ffa6ec569542b7fe01232","sha1":"83a0e6c6c64ea125ba0c47456f7de8c2058beeca","sha256":"e19a6f43c7a6ace2834bc166fb0c5e3ca368933a80b1e6fe40d926a30097eada","sha512":"b887c50c329ca7ed9627d3f1bc885c47b69e27f226e3d0cfa2d742f11f80430a0e22b32bb000e000aa8a86b6558517ecb06b45837353b41112be4decf99c3875","ssdeep":"96:Cw+vYlnY5kqD+wHQxc3dbyuiUDzb+T3hvsWb43X89R3jMe:9+vYlYuqiwHDdb3Y7hv50XulMe","tlshash":"5a91c65cf40281fbea7754804448142121a87ffbb20488f6fbbead0a67b8879e758320","size":4613,"data":"","first_seen":"2026-02-11T03:20:10.824531Z","last_seen":"2026-02-11T07:52:51.324947Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f2f5a4f08c8536ee9b64126b563cd62c","sha1":"15d57cd315463221c807ad74b0e19578dd90f7a5","sha256":"1fce7bdbc1acea81dde9287f6971529e3cc024b01b1ebcd537ce4f16e064b760","sha512":"204e680610bbc982bcb79334b0acd7f7f3c101fcd0b0d384925c0d0f1dbb4fb222d259d164c7cf5a339887dc471086b3dcb2ca246f6af92c95526c91a4ac0427","ssdeep":"","tlshash":"48c08cd8a1cb6d005682b41459bf3ae4a0344027745cab139ce4dc682e230b48233e9c","size":158,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-06-04T04:33:14.487894Z","times_seen":440,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-07T12:32:04.372614Z","times_seen":36384,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-07T11:56:06.458308Z","times_seen":38687,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/overlayPulic-d9cf0bc1.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"026e0e9ee790861b8911405b7c4a1c83","sha1":"6b3bb0e1fdbcab578a9bab75cea38807772881b4","sha256":"0f48155b52842ef5d8b8db4be336fa99d9119b806f60740d1ec99dcc482dbd7e","sha512":"ca67bdbfbca000174e836de0a5cae9efa40f7e927db84411e278980d3bcd765513dc82054a99106cbcea5516d7f63b1f6c1d04b4f0f751c3728916d3ae1d4479","ssdeep":"","tlshash":"8ef0d46e3c5a91f14990c0fda12530151d5cbe1ca33953c1dcdb313bb3bd2a45e1d624","size":481,"data":"","first_seen":"2026-02-11T03:20:10.822485Z","last_seen":"2026-02-11T07:52:51.326469Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/filters-b39472b3.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"082a14663572fbb0fdac69c743917a91","sha1":"2d6971cb64dd681e6529a6f712ca9afad292f1a5","sha256":"744f77dbfb8a3e53ec3df35d9afee98c6575917712a83b503ff3e1ab573ea1a0","sha512":"990ff24c6e74cd2ce7da0c79b2988cc164a3daf1f6964d9d2c150c074859cc784962b42e77e8b4f3202444cc830ee14d0cfff183c5b6a8672d5fb7c0d7bb073f","ssdeep":"","tlshash":"3c5133fdfcd3a13356ea6dfd40288414728ebe20686e0a4df55bd0825933888d07f768","size":3078,"data":"","first_seen":"2026-02-11T03:20:10.846993Z","last_seen":"2026-02-11T07:52:51.330493Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-949f9b00.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"36240edd99a68159de1e639b9a1f2405","sha1":"3f72a4bf26ad1ee6d3be18803a1e9b73b068a754","sha256":"cd66e9d55f349c0914a966676b0821ee54f6b11b3a355cf14450de6e43c0635e","sha512":"234f001cc2712374dd26b1250916d55f40e4a4cd123cca8bb40e54aca2f07aa1df6d8c23ae0d4e8c7ab151db3c8b5fd8bfa32be737c11b104e4ac4a43523c648","ssdeep":"","tlshash":"5901d0f8fc1dcebb1f62069401913501140a1fddfa1819f198977e661be4990d7de72d","size":772,"data":"","first_seen":"2025-12-30T23:38:20.678402Z","last_seen":"2026-04-06T13:36:30.358507Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-04T15:28:13.4706Z","times_seen":664,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"361e9d9b886c9f2b98f57c626c09b9d8","sha1":"01032a33013459a8de015112421c1a9e467f5d44","sha256":"b96071e372b614f6406f0b01ed200e24be43c5c21eac83934e41d7dd6f70ec38","sha512":"c3dc60f09e32481fa8a331627b2cd7911592847e3e0e82721694d14205de941a15ef18259c871c5957195b1ca8b3b63a8109390863f3f8d48e5e8a7d3f8b02dc","ssdeep":"","tlshash":"8bc08cc4a0c22e102602641010bf38e49024402774881b028cd4d8482e230b08233edc","size":140,"data":"","first_seen":"2023-12-19T15:12:13Z","last_seen":"2026-06-05T10:33:32.165377Z","times_seen":523,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"83678961efc93c088d42dd78bc6ea6dd","sha1":"8007d82eec4894fa2867c628e925f1fcfa443fa3","sha256":"d6045334796ceaf006da578968c4ce319e6d4127c9c36ea88297daf6c6713026","sha512":"cd5e028a3850ceca98e01b30d338a9874404eba5a4d8fce81855dc9f8a6189c9c202e6caf3fe736b10295b4c81a1361a68fda5abeeca58d358c8fdb9c02a282d","ssdeep":"","tlshash":"13c08cc4a0c23e106602681124af24e4a0244027704c6b02cde4d8492ea34b8a233e98","size":147,"data":"","first_seen":"2023-07-28T08:36:26Z","last_seen":"2026-06-04T04:33:14.481895Z","times_seen":662,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw.rangwodf.cc/1.js","fqdn":"hw.rangwodf.cc","domain":"rangwodf.cc","tld":"cc"},"ip":{"addr":"172.67.150.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0db8503abd38d9093dd8b0d6260ed6f9","sha1":"f97691cc6f2bf51a7b44242d7859df45b54c512c","sha256":"083c5ad69adc1beb2502f734ec85183c818ad015a10dd1b9a11a0cb1cb8cb02a","sha512":"f6c266e7b742bd635ce9824a286f5de4f6c0f6aa76fbdcf8ca6328f7c9ab92c70d01d29e9eaf45b3ee6445cae409aa9048a3b92e9b935bb67c91628c312de572","ssdeep":"48:bD3MlcaYje32enWULpu30EejF5huyFPFalMikhbHdF9Sd3muyFDM3ii7M/+0rf2n:bLMujzYpL5EOhT0529KPCDaVAHD8","tlshash":"0b91635a312374160575337e5bd7834df725a0f331418689babcc2526ff9075c622fa8","size":4366,"data":"","first_seen":"2026-01-24T18:29:18.938282Z","last_seen":"2026-02-25T18:42:10.659304Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/currencyItem-98af5194.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"9e59eb8c6b1357bbd8e0509aa0f2b462","sha1":"f91e00b32674202a26814d6f216178b2102cdf80","sha256":"2242629e06147360c18426526033eb182e9daf18f7ab9880d0a87dbab207f9c1","sha512":"34ccd0328f251cc9ec76b4ca450ba815fb861e00fd8b1a9883a5d71193dc074b0eefcb47df50fb541b70dd88c8a05e0b1f135c37f7d129191f78c3ed7342918a","ssdeep":"","tlshash":"d521df9aa902c7b1cbbe50a285bd5414170d7fda700181c5ebed148a3b8b6fcd728a31","size":1206,"data":"","first_seen":"2026-02-11T03:20:10.835533Z","last_seen":"2026-02-11T07:52:51.330942Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-06-06T16:42:49.399667Z","times_seen":961,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ced6204993ccd4d4792486f3b3c899b1","sha1":"c16ea5b8c59dcea2b9b03d844467f9db0d358cdc","sha256":"317f80fdd1cb3e7b69648541320cfeb07fd3ea3d1b70d3aab180edce7c3c4ac5","sha512":"dbf99b86ffabe8deeb56f836821b1f3c58fe9b502b89210ec5082f60b4cb4e30f060645fc970bf48f5c3f20073f0e79845925b0dfb4ac89df0319d4c26bdb795","ssdeep":"","tlshash":"b8c08cc4a0c22e509622651410af38e89034402ab08c5b52dc98e94e3f260f49237eac","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-04T04:33:14.48885Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-06T23:47:44.216072Z","times_seen":524,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-06T23:47:44.202455Z","times_seen":1009,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-06T23:47:44.207877Z","times_seen":876,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/en-957fcd2d.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"50ceebc4416edacf5ebd4bb6c4c437b8","sha1":"a4d7e1c7944ed840f097e5a5b4124b6d1c07150a","sha256":"5e411802073bfde7490016dcbe87f8ed242aad10b6b366a73402c16df2041f8a","sha512":"873a8950d26cb248129ec5f0ef14369d2ddef8c0703e12804aa4de315f58dd3d9c705ba2a44d38adf721b587a94447e667bdac778baa8f44565b740dba023cfc","ssdeep":"768:+GtZcEw/o7rKOUAFsifnAMC2rAaAMFXF6+6sP4u9w1mwO6fpk7aOLeir7:iponKOUebE2rdFXKsP4ewqLeif","tlshash":"5c13d6897e1a889a04f35376b4ce6e5120f60ac18255881f4fedc9fd53d2b67a363734","size":41587,"data":"","first_seen":"2025-12-30T23:38:20.673388Z","last_seen":"2026-04-20T23:52:05.421331Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/vendor-64f46974.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"3abf93235f8805aa2deb613de1c2e022","sha1":"3d00674e75280d0c645aab6e995dadb83c2e5e29","sha256":"4d5b7079708762a681efb01593bd187df376929eb2119a74fff768d1cbf01344","sha512":"87d7887c903a132b9189f0b75fdd99897fafd08a343443ded10b564a4120b21a2e703818267814284a0545a8337ffc61e44dc17efd049a48d30898388d199208","ssdeep":"12288:5RnbvFkQvVb8mXXdRLYNmD/ahCVawlVaPeJZ3J/pooTqr9szo/UXRdBE7m+jYhSr:5RnbvFjoiXTLxahCVlSG3WtYioSstI","tlshash":"f31528c97292f06147ab24e240bb0106f3396e59740e84a4f1ad98eb7d79d89d277f3c","size":889410,"data":"","first_seen":"2025-12-30T23:38:20.64961Z","last_seen":"2026-04-20T23:52:05.42896Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/roulette-655b4d73.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"importedModule","is_inline":false,"md5":"f20ca20b735de1ed9c831c3239560d00","sha1":"61fa5f0befb90898f2d069f16b5408f2adf8ff8c","sha256":"fa67bc4ef08e296a829548898504de84dce76054c8b1bd49f8bdf69edb6a9d60","sha512":"47814bd5e7015003a76b4008421165e08bb506a8850ce324171cc187f5fb699b0690fc2c9b4f3c91117b3da374acca0a5c0adebd1fccf60bda3d88bbe021c4ee","ssdeep":"","tlshash":"38c02b1f8941c3f341641cc9e2c80f44c53184781ba3d8e000074411436c8d2f1dd000","size":144,"data":"","first_seen":"2026-02-11T03:20:10.82659Z","last_seen":"2026-02-11T07:52:51.327034Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-fa65629d.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1271e2280e4d18f69c948c754bb2d7b4","sha1":"29ed9fa8003555cf56a3cf4bf6a0fec3ecc58478","sha256":"f4ce6ce624356e469272c7f921705ca2bcebbcf15575855abd8b86e4a76522e7","sha512":"49ee79bde1bdbb476385665ef521d9e69ad7f498fc4c9cf4f62fe1e67c48bd45ed55cd809e644ad17390f3925a3a320c0a186defcdcacc7b10e03ac545aa1e41","ssdeep":"384:FB6nzQyVHoiVT2yeHjWvFbb1FUZfXRYIQxsEEnbZWYpKE4fqWCq+:+c6Ht2RHadfDUZfXTuE4fqWCq+","tlshash":"2962e995f806993df5b7e06644890020773a3fda80098ce1b9be6e462753ff8b759b18","size":15567,"data":"","first_seen":"2026-02-11T03:20:10.821605Z","last_seen":"2026-02-11T07:52:51.325941Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-06-06T23:47:44.203025Z","times_seen":892,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"207820ea30e8c69ce04100e8526ac9b2","sha1":"289c2ffded67dd3ddfa4bfbbba56b6f8043610a9","sha256":"1fd71a67efe14f91b321e3f476ef6de1ac2329e77f5720cd37ae6589fb074b69","sha512":"d1237fe7e4dbcbfe699ee7e9b4b30d9963a1919d1451c928aa9af64326dfb7a7d43f8bde094fdd4dab7a65a070422f6904cdea73eaac2fb4225f0bb1c8d6df5e","ssdeep":"","tlshash":"30c08cc5b0c36e10261ba85050ef34e490248027b04c1b038da4e8892e630f08237e98","size":148,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-06-06T23:47:44.218976Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ba78027dcfdc9eb09767e4e83301b631","sha1":"1b7e7e0f0922b9165de433222ba8cc4afd0c59b2","sha256":"3de67c074b8692e1861e1c651848411308eb4c90e96f491e9cddc2df529a5da5","sha512":"158882fe08ddcf7bd297cd25a0e7b518789ef98ffa6ba9f14d1b565993ddd00de407f5be64c5c8a819e7a01c4da5887b21ba51f65308cd238c10076951e9e499","ssdeep":"","tlshash":"8ac08cd4a0c62d009646a51116ef36e4a0248026b8486b47cce4ec482e230b08633ea8","size":152,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-06-04T04:33:14.481005Z","times_seen":445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/#/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"088a6aa95783926cdda35b9bd61df402","sha1":"6bcc7a91394c2ec7d95c5a259f70e51ffa50dc29","sha256":"5efd1243926a95339e0c10066db940873b88a24070c8c70285adfdad50e7cfa6","sha512":"ec608e74458bb6cb3e0aaa13c9b2b17d814407459c022a625fe862a385518d367444c170f2fa700db1196c2f7c94ca5b7197e27023ad87c03daa1008dc96b767","ssdeep":"","tlshash":"aec08cc4a0c22d005656641018af34e890244027b04c1b128de8d8482e620b09333ea8","size":142,"data":"","first_seen":"2024-07-07T15:46:54Z","last_seen":"2026-06-05T10:33:32.161029Z","times_seen":496,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getCoinList","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:29.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19908,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19892), with no line terminators","md5":"8936d71521a851a15dc653d74ba90d59","sha1":"c85fa194095443e0f7ea48fce4726fcf7448165c","sha256":"e26ce39920ebffe2734a2b72e5f32740e11318d567fa6ba29427d614d97ab2b8","sha512":"de2aca9523f20ac7a0b39683891792c00ae6c4c09ef6e4af3f3c84999eba54d3979fb4996166456fb3b5ca18caea340dde3a365e579208e51e4f4a47012cda85","ssdeep":"192:VXzZvjXE3Xk67XwqcXCoXaX0XsPXl9LX3QS+vhguawXJwY7K7+YfSCKCnnjpLxmk:fd+woc10kHBGn","tlshash":"d0923055116898b8d17a81e52fbfbd1201dd367facd58e0b86ca8d8c4ed9ef0160af02","first_seen":"2026-02-11T07:52:51.312978Z","last_seen":"2026-02-11T07:52:51.312978Z","times_seen":1,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/b50481d96c354b94a8ac50f59cf207cc.jpg?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/b50481d96c354b94a8ac50f59cf207cc.jpg?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8633\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541C390C33638567351\r\nAccept-Ranges: bytes\r\nETag: \"BC13CFB09C93AD8E1317CFE28D4C6A92\"\r\nLast-Modified: Sun, 01 Feb 2026 12:21:03 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12983068572616395445\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vBPPsJyTrY4TF8/ijUxqkg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bc13cfb09c93ad8e1317cfe28d4c6a92","sha1":"a6793d05a14d2fa72ad58b637c060a89527e5818","sha256":"055dc63f00798d1b019c7670334102d4ad419e73edd2c6a194e5518bd21833ef","sha512":"d14399335e042cac0b9470e2e587008803ad807ccde50514cbe858f85d479f48904985c22bf83a74c3983674ca4e648cb13e7378c7c0a98620fcf7fe939e6604","ssdeep":"192:f4Upf6SO/Lclj/8gJjK3mzPZTeCFRrU+XxotbBCUn98cYepj:A4f6D49VkwRT1FRrpq9xrpj","tlshash":"8502afc8a099d3919f1b0d5b4d396d928cf759248a0fbedeb50430bb06a160e93cbd88","first_seen":"2025-12-30T23:38:20.682731Z","last_seen":"2026-04-06T13:36:30.347605Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1125,"timings":{"blocked":-1,"dns":1,"connect":278,"send":0,"wait":282,"receive":0,"ssl":563},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/fonts/Arial.ttf","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:27.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtsaving.click/assets/index-2abcbd85.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:27 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-06T23:47:44.198419Z","times_seen":1328,"resource_available":false,"data":null}},"time_used":2014,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":611,"receive":1403,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getCoinList","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":1576,"timings":{"blocked":631,"dns":0,"connect":315,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/en-957fcd2d.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:31.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/en-957fcd2d.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:31 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-a275\"\r\nexpires: Wed, 11 Feb 2026 19:52:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41589,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (41566)","md5":"50ceebc4416edacf5ebd4bb6c4c437b8","sha1":"a4d7e1c7944ed840f097e5a5b4124b6d1c07150a","sha256":"5e411802073bfde7490016dcbe87f8ed242aad10b6b366a73402c16df2041f8a","sha512":"873a8950d26cb248129ec5f0ef14369d2ddef8c0703e12804aa4de315f58dd3d9c705ba2a44d38adf721b587a94447e667bdac778baa8f44565b740dba023cfc","ssdeep":"768:+GtZcEw/o7rKOUAFsifnAMC2rAaAMFXF6+6sP4u9w1mwO6fpk7aOLeir7:iponKOUebE2rdFXKsP4ewqLeif","tlshash":"5c13d6897e1a889a04f35376b4ce6e5120f60ac18255881f4fedc9fd53d2b67a363734","first_seen":"2025-12-30T23:38:20.673388Z","last_seen":"2026-04-20T23:52:05.421331Z","times_seen":27,"resource_available":true,"data":null}},"time_used":339,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":339,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-icons-png.flaticon.com/512/5572/5572192.png?2.0.1770327972065","fqdn":"cdn-icons-png.flaticon.com","domain":"flaticon.com","tld":"com"},"ip":{"addr":"23.36.76.130","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.flaticon.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 17 Jan 2026 08:23:10 GMT","end":"Fri, 17 Apr 2026 08:23:09 GMT"},"fingerprint":{"sha1":"35:11:C8:0B:80:96:AD:22:F7:3A:39:64:23:9C:BA:29:79:BC:62:E6","sha256":"EF:6B:0D:32:38:67:85:54:A8:AE:C4:9C:45:C6:3F:78:AC:7F:95:D6:F3:FE:1D:31:D7:1A:DB:82:1B:3C:AF:3A"}}},"request":{"raw":"GET /512/5572/5572192.png?2.0.1770327972065 HTTP/1.1\r\nHost: cdn-icons-png.flaticon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 20095\r\netag: \"08c2366e1561e939f1293175b61da8bc\"\r\nlast-modified: Fri, 18 Apr 2025 19:13:19 GMT\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc=\"1770796352139_388254877_1384607706_539_1452_0_0_11\";dur=1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=31536000\r\nx-default-rule: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20095,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"08c2366e1561e939f1293175b61da8bc","sha1":"fe783dbc377f6f65e3ab4a3304710065d95746d3","sha256":"2cc4d49e01b3923552d5ac191e4822b04f4a97ac3539f6a729478bebced9010e","sha512":"43eaca2b7e8b4ad29be87dd5e93031c1e74603fe650a829776666723b45bbee547ccb2abe6e50b47f6189fbf45cc6b4c0f864981474c12440f6e5dc69bad479d","ssdeep":"384:bSQ73M691RagCMWm2jWNVe7/HsmdB9DbsbCIsijgWxUYynJ86kpZmsk:bSQv1YMWm2Kerr9HxPikWynJ86kpssk","tlshash":"da92c09238b905f17b5f1734a222714e33b1f8b9c91b157cf59b1072a9658cea081bf6","first_seen":"2025-12-30T23:38:20.688737Z","last_seen":"2026-04-23T16:06:19.316287Z","times_seen":92,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":40,"dns":1,"connect":0,"send":0,"wait":8,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/tron.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/tron.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 28273\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541B29EBD33332B608F\r\nAccept-Ranges: bytes\r\nETag: \"D5CA5F90C7A46CB88E5F57B2D3046BA8\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:59 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 651333452456791640\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 1cpfkMekbLiOX1ey0wRrqA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"d5ca5f90c7a46cb88e5f57b2d3046ba8","sha1":"4a46fba9e1f7e0419539519e1936e6002f99b3a8","sha256":"a584af003890eeb5d527e91031218b66fc8d429ce7d8ddc5f5ceb9efaf627a40","sha512":"60e2cb71c7155b2f51159c37f53d85c567698b9baec7ffc34ec898df057fb64e2528909f68df9e901bf5243a4ee451f0ff432e210db1635ca0c448073e7811e2","ssdeep":"768:CXuoEFXvWj4CBn04bX73fOlLiRO2lFIVmfSD:9FXvWj4CueDGlLmOuIcqD","tlshash":"b2c2d005f8f592ca744cc6104925cd97f273a15b30a53eda3ddcca6f7f9c9e916a0282","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.285468Z","times_seen":581,"resource_available":false,"data":null}},"time_used":1479,"timings":{"blocked":956,"dns":0,"connect":0,"send":0,"wait":248,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-icons-png.flaticon.com/512/9235/9235967.png?2.0.1770327972065","fqdn":"cdn-icons-png.flaticon.com","domain":"flaticon.com","tld":"com"},"ip":{"addr":"23.36.76.130","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.flaticon.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 17 Jan 2026 08:23:10 GMT","end":"Fri, 17 Apr 2026 08:23:09 GMT"},"fingerprint":{"sha1":"35:11:C8:0B:80:96:AD:22:F7:3A:39:64:23:9C:BA:29:79:BC:62:E6","sha256":"EF:6B:0D:32:38:67:85:54:A8:AE:C4:9C:45:C6:3F:78:AC:7F:95:D6:F3:FE:1D:31:D7:1A:DB:82:1B:3C:AF:3A"}}},"request":{"raw":"GET /512/9235/9235967.png?2.0.1770327972065 HTTP/1.1\r\nHost: cdn-icons-png.flaticon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 21552\r\netag: \"ea37e7ae1c807d3f853e7ee7f8a1c168\"\r\nlast-modified: Wed, 23 Apr 2025 10:41:34 GMT\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1770796352284_388254846_1251652473_44_1125_-_-_-\";dur=1\r\nquic-version: 0x00000001\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=31536000\r\nx-default-rule: YES\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21552,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"ea37e7ae1c807d3f853e7ee7f8a1c168","sha1":"3332dbaf9019b06f811c479ed069df79df5a0b9b","sha256":"b3c4847ca41e9d28c11ca6c128efe460fd9d2df371800d6cfb57e02cc8a6300a","sha512":"d8cb57f3a6d32a7f67d2e7e12c4a6e3ba83d351b7a1d3b31fa5850144933b8df44a80c60ec2f7308935eac8365aa62d1840036bd0486d048a38cc203fc32503f","ssdeep":"384:x6Tj09TVz9ZH+5Tg2y8tLAgB4Ni9P1Tm5ngUMYLyuxFy/JPo:QXMHuVtNKN2PCoQyuXyxQ","tlshash":"06a2be084c69d412b3fab5f2d80525005e161dce2c9693c47c2b77f9dbd3aaa4c68ef6","first_seen":"2025-12-30T23:38:20.664433Z","last_seen":"2026-04-06T13:36:30.352653Z","times_seen":19,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-2abcbd85.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-2abcbd85.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-4a822\"\r\nexpires: Wed, 11 Feb 2026 19:52:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":305186,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"47c9004c23317ead6ecf45daa5d89f6c","sha1":"0dd7f861dbce800cf5a156408d5857874de83110","sha256":"2abcbd858b7a79251ffbd5b6c506dfd08961e952faa5153bad1f003722d934da","sha512":"873d25daf832043d4ee0a427b248ab0f331b4fa698cce45dfdca558f8e64781e65444a65381118a63bc2bf566891b25a0dfbba3108e94224d3dfcbf37aedac2d","ssdeep":"6144:n+B/9S/Jk4UkZ8w71ZACkFDS3vyf58rBeV05T7:+B/54NZ8w71ZACkFDS3vyf58rBeV05T7","tlshash":"a054c6a9a590117c6f27aa7597ce9ad8f23ce6719c118de8f20160094fc3ff92363617","first_seen":"2025-12-30T23:38:20.654693Z","last_seen":"2026-04-20T23:52:05.436835Z","times_seen":15,"resource_available":false,"data":null}},"time_used":1022,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1022,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-5c2400e1.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-5c2400e1.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-a01\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2561,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2560)","md5":"db4a78dec830917f30f22444dc401a7f","sha1":"d8caf8ea384ba597c7aeb57ad3b836f68c983a7b","sha256":"5c2400e112aed0e5906b95cbc432d67c631a692df019599858dd0e8d9cd67221","sha512":"541ce681635b9847671bcb12fb6c45660ebd163e2a79c4bfccd63aa81517aa921760a602f8c6dfbcc72841a088f158664764657b828ee6cfef904c2ab65975bb","ssdeep":"","tlshash":"5a510f4df7a915361d73ca8bae646e5dd4007e82e447eec5f003a60a1acf6a3273065e","first_seen":"2025-12-30T23:38:20.67751Z","last_seen":"2026-04-06T13:36:30.353639Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getAllSetting","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:29.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1378366,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (65388), with no line terminators","md5":"188a279bd75bbc3d27f3635bc53926ae","sha1":"cb0457da4ae1e2d82c16194603e4f95f3ea130f8","sha256":"e2fa5f8283ea570becea2d267c764e69afe0a1cc33971249073bb6390760a519","sha512":"22e9b6cc3b9afd3e7f018e438e69d098df804e05f73ace00fdb1a578d72a0223e26fcb2f20ee0647262ccbbc772298572f2cdab371666a3d3a9be6e798ac148e","ssdeep":"24576:4zTN7tETUQxPWUapX1/B6FgGHcL5gyJS8QgrVfY/Hbg:426RAukqnlt","tlshash":"f9252332ad833cb7664e571236279a5d74dc0dda8157f8cd41b139f382c2e235912eab","first_seen":"2026-02-11T03:20:10.825721Z","last_seen":"2026-02-11T07:52:51.318716Z","times_seen":4,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":643,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getMt5Amount?coin=xau","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:29.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=xau HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/e2b5bf1a8561412194b1324ac21ead6e.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/e2b5bf1a8561412194b1324ac21ead6e.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 90761\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541BC6A5B32337DBDE9\r\nAccept-Ranges: bytes\r\nETag: \"BBC5E01F0B148403C0F17A85C187C609\"\r\nLast-Modified: Sun, 01 Feb 2026 12:18:23 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10618538932071229127\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: u8XgHwsUhAPA8XqFwYfGCQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":90761,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"bbc5e01f0b148403c0f17a85c187c609","sha1":"e057f60c878f1e0c745c1db956e0a0412b83478a","sha256":"6437f670fa96bb06468355ae2370d70b9565e024a0d7186921e5666eb7abd9bb","sha512":"fa827d6763bfa80ed812c621c95755f502c61466c80cb34e906f4f6e3389da338af0a1a7b4e88ae98643257a28d4608811a58bc2bfcbed6a7f19a7b7f42bfe96","ssdeep":"1536:j5+nP8WYshZOhe3ATuWFAxi3L6mSwIxSa/RW2iCOE+YUdJ6e7DW9:jEP8WrhZ6ewR+xi3L3SwIxNWCOE+zC9","tlshash":"c8931261c729ec9ef362017798f1a6dc481e72c1b3c77a9e2044fdc5d14d32686b2e4a","first_seen":"2026-02-11T03:20:10.831764Z","last_seen":"2026-02-24T16:13:15.881018Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2236,"timings":{"blocked":835,"dns":0,"connect":276,"send":0,"wait":280,"receive":286,"ssl":556},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/svg/light/mengbanzu13.svg?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu13.svg?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692ef9b2-4b2\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1202,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d850b982245ca50f3a2e230e0b1398d","sha1":"283d9ec8c786aa91786d80ba54164723bb6699b4","sha256":"852697a3439e4c3cb0d426221c5b3a345e333b69bd39ff63f731fe02a1a04826","sha512":"2884fe7d0dbc512dbc44a091be6f35bf6f66cb15c8ca1f763c60896d101df4b196c29ec631e040cc8116edc43dfdcf63b48c4a9c1b0c420940f32d960ec7a710","ssdeep":"","tlshash":"072144b9c510128a62814f8cdbd82b06623ef167f3f54d9db39016b20d78d9f11bca21","first_seen":"2024-12-28T13:26:38.912526Z","last_seen":"2026-06-04T04:33:14.456617Z","times_seen":322,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/bitcoin.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/bitcoin.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541760AD531344BAA51\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Wed, 26 Mar 2025 08:37:03 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-07T07:20:53.747289Z","times_seen":21656,"resource_available":false,"data":null}},"time_used":2623,"timings":{"blocked":777,"dns":1,"connect":267,"send":0,"wait":1036,"receive":0,"ssl":539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/ripple.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/ripple.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 698C354165642A3632A1CDA4\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:50 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-06T04:02:55.304252Z","times_seen":638,"resource_available":false,"data":null}},"time_used":1729,"timings":{"blocked":732,"dns":0,"connect":249,"send":0,"wait":247,"receive":0,"ssl":498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-bc011be9.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: text/css\r\ncontent-length: 397\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-18d\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-06T02:42:02.411177Z","times_seen":706,"resource_available":false,"data":null}},"time_used":1560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/solana.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/solana.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541760AD5303861A751\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.294395Z","times_seen":678,"resource_available":false,"data":null}},"time_used":1380,"timings":{"blocked":-1,"dns":1,"connect":267,"send":0,"wait":549,"receive":1,"ssl":562},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-icons-png.flaticon.com/512/8899/8899687.png?2.0.1770327972065","fqdn":"cdn-icons-png.flaticon.com","domain":"flaticon.com","tld":"com"},"ip":{"addr":"23.36.76.130","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.flaticon.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 17 Jan 2026 08:23:10 GMT","end":"Fri, 17 Apr 2026 08:23:09 GMT"},"fingerprint":{"sha1":"35:11:C8:0B:80:96:AD:22:F7:3A:39:64:23:9C:BA:29:79:BC:62:E6","sha256":"EF:6B:0D:32:38:67:85:54:A8:AE:C4:9C:45:C6:3F:78:AC:7F:95:D6:F3:FE:1D:31:D7:1A:DB:82:1B:3C:AF:3A"}}},"request":{"raw":"GET /512/8899/8899687.png?2.0.1770327972065 HTTP/1.1\r\nHost: cdn-icons-png.flaticon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 18541\r\netag: \"da6991b8544da67de6589aa957d9bef0\"\r\nlast-modified: Tue, 17 Jun 2025 12:38:58 GMT\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1770796352145_388254846_1251652469_58_1727_-_-_-\";dur=1\r\nquic-version: 0x00000001\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=31536000\r\nx-default-rule: YES\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18541,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"da6991b8544da67de6589aa957d9bef0","sha1":"34e60e8d8d114d0b46441e845ebde2b07de70d09","sha256":"8ad49c0528780aed33beb22911dbbaa9a81e197682512ca48cbfc6f6eeac64d9","sha512":"621c3d374c5ce895e3dfcfb4e295c8203821e4bc5f251c3b166ad6bb362aa8948a632c606ad839aac8611abb39fc1aee20696264f755e7982b7e8da189b3a73d","ssdeep":"384:1VkrX6ujx1cWoTAZ6KHq/xiPlWg+xmhGnOG8ACKlZQt:KVx1zoTmq/xi7+Ytl1KfM","tlshash":"5d82bf90e495c30cce0d2f76543a6b689941dbd78a3459a9c32ab54ddf143ee03ef824","first_seen":"2025-12-30T23:38:20.691965Z","last_seen":"2026-04-06T13:36:30.362103Z","times_seen":19,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/4ce43a94f57b416da60fde01b31b0c43.jpg?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/4ce43a94f57b416da60fde01b31b0c43.jpg?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8633\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541BC6A5B343553BFE9\r\nAccept-Ranges: bytes\r\nETag: \"BC13CFB09C93AD8E1317CFE28D4C6A92\"\r\nLast-Modified: Sun, 01 Feb 2026 12:21:10 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12983068572616395445\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vBPPsJyTrY4TF8/ijUxqkg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bc13cfb09c93ad8e1317cfe28d4c6a92","sha1":"a6793d05a14d2fa72ad58b637c060a89527e5818","sha256":"055dc63f00798d1b019c7670334102d4ad419e73edd2c6a194e5518bd21833ef","sha512":"d14399335e042cac0b9470e2e587008803ad807ccde50514cbe858f85d479f48904985c22bf83a74c3983674ca4e648cb13e7378c7c0a98620fcf7fe939e6604","ssdeep":"192:f4Upf6SO/Lclj/8gJjK3mzPZTeCFRrU+XxotbBCUn98cYepj:A4f6D49VkwRT1FRrpq9xrpj","tlshash":"8502afc8a099d3919f1b0d5b4d396d928cf759248a0fbedeb50430bb06a160e93cbd88","first_seen":"2025-12-30T23:38:20.682731Z","last_seen":"2026-04-06T13:36:30.347605Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1096,"timings":{"blocked":-1,"dns":1,"connect":271,"send":0,"wait":275,"receive":0,"ssl":549},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/8436221788994335b8bae1de9a9c2202.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/8436221788994335b8bae1de9a9c2202.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4880\r\nConnection: keep-alive\r\nx-oss-request-id: 698C354193A7E930360A00E3\r\nAccept-Ranges: bytes\r\nETag: \"81BD25A049373BB3701E0AF2F67EAEC0\"\r\nLast-Modified: Wed, 10 Sep 2025 05:05:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4110471830855871015\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: gb0loEk3O7NwHgry9n6uwA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4880,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"81bd25a049373bb3701e0af2f67eaec0","sha1":"b7072242a195bda21543d26f07a31ba57c3bfaff","sha256":"b462d924da8a93ed02eb0b016c39443d0eb18bc0d13627c035e14fd9013eb9d3","sha512":"e17d1ac2c5f87616e88b1f51ef169b72a3a85f67266f2dbad95582a30e860aefeabb1bd78e99a266273cbada7c33df40753a38c1299347b1f88eca09196c3b00","ssdeep":"96:HYZfdrzSH+OLwrLsWFEctwgIZmXNCmlFDBgHzGjGttb:HYZfdrzSH+IWFEcNkaCmlFDiHqyttb","tlshash":"75a13b6772d60c41c628369b3ea1b3fc159cdfab2f4adeb9c8618192435267d59c9380","first_seen":"2024-08-19T15:53:11.186024Z","last_seen":"2026-06-01T14:24:52.327236Z","times_seen":42,"resource_available":false,"data":null}},"time_used":1363,"timings":{"blocked":1073,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/type/defi_activity_type","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1122,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e3d482ffabe54cb6d31e06e513161f2e","sha1":"50db9ec121a0effd3953bbdd79d49e8f10d38f08","sha256":"cdae7419d76a4165e3fc089ddccb5678b31c98b8a83792a692629bf55f6d0a9f","sha512":"00e31ba7d7db9aa50e4c58323f2c21cbe61740e1fd295005393bc5b628ae998c3b73b80a4fedd3954e59c17fe1a4ff225adee4b10adc62b2a766ca32a5590990","ssdeep":"","tlshash":"ab21004a223c9eb1441611b373ccfdc9a2be1697d6a28d38855fcf2c03f14b91b2b585","first_seen":"2025-12-30T23:38:20.69072Z","last_seen":"2026-04-06T13:36:30.356733Z","times_seen":18,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/platform/dev/config.js?1770796348353","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /platform/dev/config.js?1770796348353 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 394\r\nlast-modified: Thu, 05 Feb 2026 19:08:46 GMT\r\netag: \"6984eabe-18a\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"6032ed89410326afe84a1656111b8db3","sha1":"7b72fea60d53eb226e940ddd98806dd75a92525c","sha256":"9b2f5e204684b36e05421be9c66b5dff3f21f4493aa906dac615f8e539a69893","sha512":"29ae5d55f60a3eb8febf59b5524132f034693dc3c7e68d71d6fe9b8c3b573db313848bc4d2ddcbc36f001cc9dbdf8ff4a3fb3db9f5d9bae4afebf434a4ffdb6a","ssdeep":"","tlshash":"abe0aba6717cc124d5b06f2a69ec0e67e68212310d9c060bb8b541281ef5d1020b88c2","first_seen":"2026-02-11T03:20:10.843208Z","last_seen":"2026-02-11T07:52:51.323951Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1600,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1600,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-949f9b00.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-949f9b00.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 772\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-304\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":772,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (771)","md5":"36240edd99a68159de1e639b9a1f2405","sha1":"3f72a4bf26ad1ee6d3be18803a1e9b73b068a754","sha256":"cd66e9d55f349c0914a966676b0821ee54f6b11b3a355cf14450de6e43c0635e","sha512":"234f001cc2712374dd26b1250916d55f40e4a4cd123cca8bb40e54aca2f07aa1df6d8c23ae0d4e8c7ab151db3c8b5fd8bfa32be737c11b104e4ac4a43523c648","ssdeep":"","tlshash":"5901d0f8fc1dcebb1f62069401913501140a1fddfa1819f198977e661be4990d7de72d","first_seen":"2025-12-30T23:38:20.678402Z","last_seen":"2026-04-06T13:36:30.358507Z","times_seen":18,"resource_available":true,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-ae1b84c9.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-ae1b84c9.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-1205\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4613,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4606)","md5":"09033d58a36ffa6ec569542b7fe01232","sha1":"83a0e6c6c64ea125ba0c47456f7de8c2058beeca","sha256":"e19a6f43c7a6ace2834bc166fb0c5e3ca368933a80b1e6fe40d926a30097eada","sha512":"b887c50c329ca7ed9627d3f1bc885c47b69e27f226e3d0cfa2d742f11f80430a0e22b32bb000e000aa8a86b6558517ecb06b45837353b41112be4decf99c3875","ssdeep":"96:Cw+vYlnY5kqD+wHQxc3dbyuiUDzb+T3hvsWb43X89R3jMe:9+vYlYuqiwHDdb3Y7hv50XulMe","tlshash":"5a91c65cf40281fbea7754804448142121a87ffbb20488f6fbbead0a67b8879e758320","first_seen":"2026-02-11T03:20:10.824531Z","last_seen":"2026-02-11T07:52:51.324947Z","times_seen":4,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn4.iconfinder.com/data/icons/bitcoin-technology-vol-1/128/bitcoin-mining-512.png?2.0.1770327972065","fqdn":"cdn4.iconfinder.com","domain":"iconfinder.com","tld":"com"},"ip":{"addr":"172.66.149.172","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iconfinder.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 21:20:48 GMT","end":"Thu, 09 Apr 2026 22:18:23 GMT"},"fingerprint":{"sha1":"90:76:53:AA:D7:20:9E:F4:3D:3D:89:52:6F:D2:BF:AD:41:BF:13:9C","sha256":"28:0D:C8:F9:9D:71:60:CA:44:DF:D0:29:54:42:B2:0A:68:8F:2E:F8:E4:4E:95:DB:63:73:7E:C0:65:25:3F:7A"}}},"request":{"raw":"GET /data/icons/bitcoin-technology-vol-1/128/bitcoin-mining-512.png?2.0.1770327972065 HTTP/1.1\r\nHost: cdn4.iconfinder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 35741\r\ncf-ray: 9cc24470ddef57e3-ARN\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"3068921.png\"\r\ncontent-security-policy: script-src 'none'\r\nnel: {\"report_to\":\"heroku-nel\",\"response_headers\":[\"Via\"],\"max_age\":3600,\"success_fraction\":0.01,\"failure_fraction\":0.1}\r\nreport-to: {\"group\":\"heroku-nel\",\"endpoints\":[{\"url\":\"https://nel.heroku.com/reports?s=4dSgYCkjBCgYQurIKX4NOIiv7FIe1Fw3eCSuKRW2k30%3D\\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\\u0026ts=1770328264\"}],\"max_age\":3600}\r\nreporting-endpoints: heroku-nel=\"https://nel.heroku.com/reports?s=4dSgYCkjBCgYQurIKX4NOIiv7FIe1Fw3eCSuKRW2k30%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1770328264\"\r\nvia: 2.0 heroku-router\r\nx-request-id: 57d8457c-bc4d-967a-af41-e4dfcd3dcdcd\r\naccept-ranges: bytes\r\nlast-modified: Thu, 05 Feb 2026 21:51:04 GMT\r\nexpires: Thu, 11 Feb 2027 07:52:32 GMT\r\ncf-cache-status: HIT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=7598\u0026min_rtt=7538\u0026rtt_var=1271\u0026sent=7\u0026recv=10\u0026lost=0\u0026retrans=0\u0026sent_bytes=3208\u0026recv_bytes=1114\u0026delivery_rate=560516\u0026cwnd=239\u0026unsent_bytes=0\u0026cid=6e2383f8bb42809f\u0026ts=76\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35741,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"b05fe31bde412ce5669c0f612516aac9","sha1":"c62bd1f252f9c8c871e76df1a8e4bb374f7c98a3","sha256":"f728c403bd2a8e20cddf61a65fdae71f5295c83fb195e0c4fae3cb0e696f0dd2","sha512":"7d65e8f22d823fea8d1c43e49bbc2c22531bbf88047daf1f1426e6b86b9bbc31074f9634d520d291da62d16961cb280daa6539699c7ec1962f02775466701cfe","ssdeep":"768:JMjGEW3T6OOHnbZmIKUaW5qA2BuYPN4jvfH9LPQSK1LiGpzlt:JM6F6R71kgDzqa39bv0i2lt","tlshash":"d8f2f1848f174a21bdd39578bf5b131c13b5a3c5500026fae6b3640558e2d7abe4ed37","first_seen":"2025-12-30T23:38:20.665452Z","last_seen":"2026-04-23T16:06:19.307373Z","times_seen":92,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":42,"dns":0,"connect":8,"send":0,"wait":54,"receive":2,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-fa65629d.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-fa65629d.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-3ccf\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15566)","md5":"1271e2280e4d18f69c948c754bb2d7b4","sha1":"29ed9fa8003555cf56a3cf4bf6a0fec3ecc58478","sha256":"f4ce6ce624356e469272c7f921705ca2bcebbcf15575855abd8b86e4a76522e7","sha512":"49ee79bde1bdbb476385665ef521d9e69ad7f498fc4c9cf4f62fe1e67c48bd45ed55cd809e644ad17390f3925a3a320c0a186defcdcacc7b10e03ac545aa1e41","ssdeep":"384:FB6nzQyVHoiVT2yeHjWvFbb1FUZfXRYIQxsEEnbZWYpKE4fqWCq+:+c6Ht2RHadfDUZfXTuE4fqWCq+","tlshash":"2962e995f806993df5b7e06644890020773a3fda80098ce1b9be6e462753ff8b759b18","first_seen":"2026-02-11T03:20:10.821605Z","last_seen":"2026-02-11T07:52:51.325941Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/overlayPulic-d9cf0bc1.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/overlayPulic-d9cf0bc1.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 481\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-1e1\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":481,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (480)","md5":"026e0e9ee790861b8911405b7c4a1c83","sha1":"6b3bb0e1fdbcab578a9bab75cea38807772881b4","sha256":"0f48155b52842ef5d8b8db4be336fa99d9119b806f60740d1ec99dcc482dbd7e","sha512":"ca67bdbfbca000174e836de0a5cae9efa40f7e927db84411e278980d3bcd765513dc82054a99106cbcea5516d7f63b1f6c1d04b4f0f751c3728916d3ae1d4479","ssdeep":"","tlshash":"8ef0d46e3c5a91f14990c0fda12530151d5cbe1ca33953c1dcdb313bb3bd2a45e1d624","first_seen":"2026-02-11T03:20:10.822485Z","last_seen":"2026-02-11T07:52:51.326469Z","times_seen":4,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/roulette-655b4d73.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/roulette-655b4d73.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 144\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-90\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":144,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"f20ca20b735de1ed9c831c3239560d00","sha1":"61fa5f0befb90898f2d069f16b5408f2adf8ff8c","sha256":"fa67bc4ef08e296a829548898504de84dce76054c8b1bd49f8bdf69edb6a9d60","sha512":"47814bd5e7015003a76b4008421165e08bb506a8850ce324171cc187f5fb699b0690fc2c9b4f3c91117b3da374acca0a5c0adebd1fccf60bda3d88bbe021c4ee","ssdeep":"","tlshash":"38c02b1f8941c3f341641cc9e2c80f44c53184781ba3d8e000074411436c8d2f1dd000","first_seen":"2026-02-11T03:20:10.82659Z","last_seen":"2026-02-11T07:52:51.327034Z","times_seen":4,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/platform/dev/logo_144.png?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692ef9b2-193a\"\r\nexpires: Fri, 13 Mar 2026 07:52:31 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"50f574f4f2f03443c5a256778b8620d1","sha1":"114a6496ed36e1e47e0c03dac805218be6ff7536","sha256":"d711cc9896caa50d5372dd43d3563b79363d103572a8a5c8768fb0b5bbc08e43","sha512":"e4ef317f936b4a1e5a66f7b3bb7ba6060a29da21d34eabc2c985126db1ff9d437c94d7d2be4f1597ac58eb4ffbbdf494ea3407d71be1bd9fb8b258e3c65abb99","ssdeep":"96:FcTUS26mjE4Ar0sSY91c7OjTYtGZfrqx8FJE6jOUnoKpSQlON:mTUS26mjE4A6Yq7WYIS8FKKpS1N","tlshash":"3bd1aebb259746dd202f4ce608cccaa60104ea8fb5b79295674301cba229cb2914fe68","first_seen":"2025-12-30T23:38:20.661881Z","last_seen":"2026-04-20T23:52:05.416683Z","times_seen":27,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/platform/dev/favicon.ico?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:31 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"c2c37fa4ac01f8696e4fdf1365fb085b","sha1":"39b385e4fa4b24d1332f2103c1d48c25768e7afb","sha256":"02dfd11e190fa690b49178b7a5256fc58e7601ffdce7ab113f12dbd233ce27b3","sha512":"91de6cb71c7a103caa87007e408b28f09b4925ad3a9affc1c7658544ec9792cc873a84ea92908080c91691e93d6631d17f4b006e8d2483138be1265bb3e9af48","ssdeep":"96:ooelv2ehvCZEQWyNKc1xxxxxxxxxxxxnNfjCNNNOT:LelvdCDdNfjCNDOT","tlshash":"1c9164da17218f7cfc95007cf0908a0d199a6eae754942fb94e2b14858b6bd9c47bcb3","first_seen":"2025-12-30T23:38:20.652825Z","last_seen":"2026-04-20T23:52:05.417831Z","times_seen":28,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/ca35ce3cae8a45d78d600d7ed0e495ec.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/ca35ce3cae8a45d78d600d7ed0e495ec.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 9525\r\nConnection: keep-alive\r\nx-oss-request-id: 698C35417CD23C34335A50EB\r\nAccept-Ranges: bytes\r\nETag: \"8F03D1E8701E580B5B9B2F9424F126BE\"\r\nLast-Modified: Wed, 10 Sep 2025 05:02:36 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8404639283704408596\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: jwPR6HAeWAtbmy+UJPEmvg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"8f03d1e8701e580b5b9b2f9424f126be","sha1":"1b04d8f6d40f358c3f87e3e897b9e96ed1a15ee6","sha256":"7cc31db55ea94b1bb72add9fa10eed7be6c60077fdb419e9b564fb971f8f5eec","sha512":"6940a6a43f40be218915aca3881211fee22afd8c36e481bdbfa7b912630585ee0bc7147d4abea8a24f768df61e3b8fb56682acf946950e3f0ad0714f49dc2224","ssdeep":"192:lG8iPFfiCf7Wuh7ijy1N4Cp0fK6PlcXtVBECeEWe/3EBRfDZpYQXIHtMX0:c8iPFx7ajvfzPlcKk0FZ/XIS0","tlshash":"e012afb0bfa7e1a7fe4dc75d4033116246acda809f8a4a88147ac065c6c61642fd6f23","first_seen":"2024-08-19T15:53:11.187446Z","last_seen":"2026-06-01T14:24:52.286728Z","times_seen":36,"resource_available":false,"data":null}},"time_used":1929,"timings":{"blocked":826,"dns":4,"connect":273,"send":0,"wait":275,"receive":1,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/svg/light/mengbanzu12.svg?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu12.svg?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 802\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-322\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":802,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"184d38c97adf35302491834eaf17aee3","sha1":"a21f6508e3eb8b4bf52a510ac9dd219783f561bc","sha256":"5cdcdf5fb66c61d69b6c308a4569e093ff7b0e178fbb1c7d94a599473339bf99","sha512":"a88827fe8f336cb9f4de9cbaade38ff0026d003f03cc096dc443724052a51c417432d1b96b7006e21c49498791fac31678492626f5643eb09d5b94b32afdb9f0","ssdeep":"","tlshash":"d201f6764321c19dd2538b80c7d93f44927eb65bb2d00448b3a32aa74e34f7f55bc595","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-04T04:33:14.422649Z","times_seen":360,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/overlayPulic-03f7ca2a.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/overlayPulic-03f7ca2a.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: text/css\r\ncontent-length: 253\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-fd\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":253,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c7da21c1a989d0469a6953761cc6b725","sha1":"fad3d05fc52c912c19734e73d00c37035d378998","sha256":"03f7ca2a6f5f4716f06799f546f11c20009c6a18f124e01aaa534c373a8a44e1","sha512":"f07ebd65f2de45cc0bd5116e860006222025e1352180cc121461f20a85680f55eaa422d562e0daace059353c1ca5754352fd2690f339dab9b112027e580582a7","ssdeep":"","tlshash":"2fd02b2a9205003d795ee10d79c417ec883d1d429a431fece25f52b110d27d91164001","first_seen":"2025-12-30T23:38:20.66637Z","last_seen":"2026-04-28T19:24:04.570853Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/filters-b39472b3.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/filters-b39472b3.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-c06\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3077)","md5":"082a14663572fbb0fdac69c743917a91","sha1":"2d6971cb64dd681e6529a6f712ca9afad292f1a5","sha256":"744f77dbfb8a3e53ec3df35d9afee98c6575917712a83b503ff3e1ab573ea1a0","sha512":"990ff24c6e74cd2ce7da0c79b2988cc164a3daf1f6964d9d2c150c074859cc784962b42e77e8b4f3202444cc830ee14d0cfff183c5b6a8672d5fb7c0d7bb073f","ssdeep":"","tlshash":"3c5133fdfcd3a13356ea6dfd40288414728ebe20686e0a4df55bd0825933888d07f768","first_seen":"2026-02-11T03:20:10.846993Z","last_seen":"2026-02-11T07:52:51.330493Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/currencyItem-98af5194.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/currencyItem-98af5194.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-4b6\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"9e59eb8c6b1357bbd8e0509aa0f2b462","sha1":"f91e00b32674202a26814d6f216178b2102cdf80","sha256":"2242629e06147360c18426526033eb182e9daf18f7ab9880d0a87dbab207f9c1","sha512":"34ccd0328f251cc9ec76b4ca450ba815fb861e00fd8b1a9883a5d71193dc074b0eefcb47df50fb541b70dd88c8a05e0b1f135c37f7d129191f78c3ed7342918a","ssdeep":"","tlshash":"d521df9aa902c7b1cbbe50a285bd5414170d7fda700181c5ebed148a3b8b6fcd728a31","first_seen":"2026-02-11T03:20:10.835533Z","last_seen":"2026-02-11T07:52:51.330942Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-fa65629d.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:29.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-fa65629d.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-3ccf\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15566)","md5":"1271e2280e4d18f69c948c754bb2d7b4","sha1":"29ed9fa8003555cf56a3cf4bf6a0fec3ecc58478","sha256":"f4ce6ce624356e469272c7f921705ca2bcebbcf15575855abd8b86e4a76522e7","sha512":"49ee79bde1bdbb476385665ef521d9e69ad7f498fc4c9cf4f62fe1e67c48bd45ed55cd809e644ad17390f3925a3a320c0a186defcdcacc7b10e03ac545aa1e41","ssdeep":"384:FB6nzQyVHoiVT2yeHjWvFbb1FUZfXRYIQxsEEnbZWYpKE4fqWCq+:+c6Ht2RHadfDUZfXTuE4fqWCq+","tlshash":"2962e995f806993df5b7e06644890020773a3fda80098ce1b9be6e462753ff8b759b18","first_seen":"2026-02-11T03:20:10.821605Z","last_seen":"2026-02-11T07:52:51.325941Z","times_seen":4,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/type/defi_activity_type","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/type/defi_activity_type","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-06-04T04:33:14.419392Z","times_seen":666,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/d0a38d55cac84500baa037ea434c1fff.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/d0a38d55cac84500baa037ea434c1fff.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 502189\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541BC6A5B343575C2E9\r\nAccept-Ranges: bytes\r\nETag: \"6C970D7D3616B79E1808393A80572E00\"\r\nLast-Modified: Sun, 01 Feb 2026 12:07:37 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7937252994127428254\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: bJcNfTYWt54YCDk6gFcuAA==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":502189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 712, 8-bit/color RGB, non-interlaced","md5":"6c970d7d3616b79e1808393a80572e00","sha1":"ba65b1b6e6d93cd9e3ec85e0fd6b399cb69283f9","sha256":"cb8d4ed990c5a1cb32d50019863de8d137c36e61771514661721fcfaef5ac490","sha512":"c7fedf54595eb7f53640fd7786519546187c47ed55631f3b3a9ba87428b09bc7354e42dba1430c1f7ef5083186fe991456fc6f4d59a5266421401517688fd69d","ssdeep":"12288:8KnVrVID4x6cAGl8KqWLTU/Pw8PoCMBwIeV8NWSH2pBkj+U:8KHwcFAG+hWMQ8N0leV2Wpwb","tlshash":"d1b423b1dc8efcef1dd6dc4031dcf86d8e47582880ce6c6ab89902f4757198daa522d5","first_seen":"2026-02-11T03:20:10.841882Z","last_seen":"2026-02-24T16:13:15.934747Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1661,"timings":{"blocked":436,"dns":0,"connect":0,"send":0,"wait":287,"receive":938,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/currencyItem-98af5194.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/currencyItem-98af5194.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-4b6\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"9e59eb8c6b1357bbd8e0509aa0f2b462","sha1":"f91e00b32674202a26814d6f216178b2102cdf80","sha256":"2242629e06147360c18426526033eb182e9daf18f7ab9880d0a87dbab207f9c1","sha512":"34ccd0328f251cc9ec76b4ca450ba815fb861e00fd8b1a9883a5d71193dc074b0eefcb47df50fb541b70dd88c8a05e0b1f135c37f7d129191f78c3ed7342918a","ssdeep":"","tlshash":"d521df9aa902c7b1cbbe50a285bd5414170d7fda700181c5ebed148a3b8b6fcd728a31","first_seen":"2026-02-11T03:20:10.835533Z","last_seen":"2026-02-11T07:52:51.330942Z","times_seen":4,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/svg/light/zu29.svg?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/svg/light/zu29.svg?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 840\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-348\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":840,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a11daaf1382f31c1a57202739adf7748","sha1":"ef2b1485dde5d0c14809b2759acbd9a09c18af80","sha256":"9ae3a8a520a4491119fa30d193bc35d15d8a12cc1b62136ce1e89b3db3e71251","sha512":"9b8089fa1eca241be91a837da97c88ab917a50336f820d1d855343b9f8a86d63692bfd4ea3b22d408f748e47580107339b789bc9f4d243379a093b5348dad640","ssdeep":"","tlshash":"280112bf4736a3fdd6644a80aad42799343de042e17404ecb3817e177e2062a0abcd95","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-04T04:33:14.405543Z","times_seen":328,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/litecoin.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/litecoin.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541760AD53037C1A651\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Wed, 26 Mar 2025 08:37:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.293479Z","times_seen":630,"resource_available":false,"data":null}},"time_used":1194,"timings":{"blocked":-1,"dns":1,"connect":231,"send":0,"wait":472,"receive":1,"ssl":489},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.meishenme.shop/ws/37012186-79c0-405b-826d-3239bc0a7061","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"GET /ws/37012186-79c0-405b-826d-3239bc0a7061 HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://usdtsaving.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: cL9kIFOfJGQOh7cg/bAE3w==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Wed, 11 Feb 2026 07:52:30 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://usdtsaving.click\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: BihUxBhqDEI9w49PxRn99Gcx6WA=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":2949,"timings":{"blocked":0,"dns":972,"connect":1301,"send":0,"wait":334,"receive":0,"ssl":1322},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-d24d82f4.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-d24d82f4.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-2ed2\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11986,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11985)","md5":"cb56853ffc82025936caf8f4f45e518f","sha1":"03d3f970381db0cf5d1abacf630df04028dbbd40","sha256":"d24d82f4394b12ccab5605e3b41ee5c164d86f67a3689ea12b3bd032b3cac5f3","sha512":"a9cdc42e026efb4589e53d19ff63e0f4b435bb377d3c8e48f1baf0d1adebcc16f112be3744fdca30e394b0e4a742f8bbda3b06347bd883e03c37108524cb1546","ssdeep":"192:RHzUMRBYD6WEUwYiwcm0g1mgAyy3dUrRqmEmQq2XLTKE/eG:RT4nQ/eG","tlshash":"f332546df6a42338ac3be195bfd44ecce14aba11e6d39d94fa17592208cb7e3163005d","first_seen":"2025-12-30T23:38:20.658294Z","last_seen":"2026-04-06T13:36:30.374105Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/overlayPulic-d9cf0bc1.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/overlayPulic-d9cf0bc1.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 481\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-1e1\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":481,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (480)","md5":"026e0e9ee790861b8911405b7c4a1c83","sha1":"6b3bb0e1fdbcab578a9bab75cea38807772881b4","sha256":"0f48155b52842ef5d8b8db4be336fa99d9119b806f60740d1ec99dcc482dbd7e","sha512":"ca67bdbfbca000174e836de0a5cae9efa40f7e927db84411e278980d3bcd765513dc82054a99106cbcea5516d7f63b1f6c1d04b4f0f751c3728916d3ae1d4479","ssdeep":"","tlshash":"8ef0d46e3c5a91f14990c0fda12530151d5cbe1ca33953c1dcdb313bb3bd2a45e1d624","first_seen":"2026-02-11T03:20:10.822485Z","last_seen":"2026-02-11T07:52:51.326469Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getMt5Amount?coin=xag","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/getMt5Amount?coin=xag HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"01278f2976ff45a46bdc8edf2b93c418","sha1":"7cd51b38826db8058e4f68e3d503b293d8016c80","sha256":"2a267e35f8e975fe3f24526b21f773717bec4f825c034d820a653b28a8d2f235","sha512":"f3ec89a482d7df5ac6983484b77a017d30f0c9558952c16a6498b4120757d665ad46a05cd9a715005c89f866630e3785b2dc01bd2f37221b7ed364928287a394","ssdeep":"","tlshash":"b39002555c188282e89301b599071608002831b0266492488c59512580881626040859","first_seen":"2026-02-11T07:52:51.334041Z","last_seen":"2026-02-11T07:52:51.334041Z","times_seen":1,"resource_available":false,"data":null}},"time_used":974,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":974,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/binance-coin.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/binance-coin.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541BDADCC3937D1709B\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.266893Z","times_seen":677,"resource_available":false,"data":null}},"time_used":977,"timings":{"blocked":-1,"dns":1,"connect":235,"send":0,"wait":235,"receive":14,"ssl":492},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/e607b0b5df9749d39e1aac8a4a7a1b35.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/e607b0b5df9749d39e1aac8a4a7a1b35.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4880\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541C390C33638B87651\r\nAccept-Ranges: bytes\r\nETag: \"81BD25A049373BB3701E0AF2F67EAEC0\"\r\nLast-Modified: Wed, 10 Sep 2025 05:05:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4110471830855871015\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: gb0loEk3O7NwHgry9n6uwA==\r\nx-oss-server-time: 9\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4880,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"81bd25a049373bb3701e0af2f67eaec0","sha1":"b7072242a195bda21543d26f07a31ba57c3bfaff","sha256":"b462d924da8a93ed02eb0b016c39443d0eb18bc0d13627c035e14fd9013eb9d3","sha512":"e17d1ac2c5f87616e88b1f51ef169b72a3a85f67266f2dbad95582a30e860aefeabb1bd78e99a266273cbada7c33df40753a38c1299347b1f88eca09196c3b00","ssdeep":"96:HYZfdrzSH+OLwrLsWFEctwgIZmXNCmlFDBgHzGjGttb:HYZfdrzSH+IWFEcNkaCmlFDiHqyttb","tlshash":"75a13b6772d60c41c628369b3ea1b3fc159cdfab2f4adeb9c8618192435267d59c9380","first_seen":"2024-08-19T15:53:11.186024Z","last_seen":"2026-06-01T14:24:52.327236Z","times_seen":42,"resource_available":false,"data":null}},"time_used":1403,"timings":{"blocked":1097,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-ae1b84c9.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-ae1b84c9.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-1205\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4613,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4606)","md5":"09033d58a36ffa6ec569542b7fe01232","sha1":"83a0e6c6c64ea125ba0c47456f7de8c2058beeca","sha256":"e19a6f43c7a6ace2834bc166fb0c5e3ca368933a80b1e6fe40d926a30097eada","sha512":"b887c50c329ca7ed9627d3f1bc885c47b69e27f226e3d0cfa2d742f11f80430a0e22b32bb000e000aa8a86b6558517ecb06b45837353b41112be4decf99c3875","ssdeep":"96:Cw+vYlnY5kqD+wHQxc3dbyuiUDzb+T3hvsWb43X89R3jMe:9+vYlYuqiwHDdb3Y7hv50XulMe","tlshash":"5a91c65cf40281fbea7754804448142121a87ffbb20488f6fbbead0a67b8879e758320","first_seen":"2026-02-11T03:20:10.824531Z","last_seen":"2026-02-11T07:52:51.324947Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw.rangwodf.cc/1.js","fqdn":"hw.rangwodf.cc","domain":"rangwodf.cc","tld":"cc"},"ip":{"addr":"172.67.150.136","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rangwodf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 10:00:44 GMT","end":"Fri, 24 Apr 2026 10:59:07 GMT"},"fingerprint":{"sha1":"A7:D7:98:60:01:FB:A2:7D:68:92:7C:66:27:0F:6E:9F:EF:58:EE:0D","sha256":"30:5B:B5:CD:C6:1D:DC:50:AB:B2:5C:F7:80:BB:2E:B0:F2:8C:5D:36:95:24:63:FC:BF:96:EE:7B:E0:58:33:CC"}}},"request":{"raw":"GET /1.js HTTP/1.1\r\nHost: hw.rangwodf.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 11 Feb 2026 07:52:26 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Mon, 05 Jan 2026 15:40:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hmh75bKBahUFX%2BmZm8cc%2Ftg83gdLNge7Q2ChVWR474sEzzaEUmtG6pbMoONrQbFdiH5NC1X41zUoA9Eo7YnAje626azQmsitnbH1w01S\"}]}\r\nage: 54\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"695bdb5c-110e\"\r\ncontent-encoding: br\r\ncf-ray: 9cc2444c2d68c8cb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4366,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"0db8503abd38d9093dd8b0d6260ed6f9","sha1":"f97691cc6f2bf51a7b44242d7859df45b54c512c","sha256":"083c5ad69adc1beb2502f734ec85183c818ad015a10dd1b9a11a0cb1cb8cb02a","sha512":"f6c266e7b742bd635ce9824a286f5de4f6c0f6aa76fbdcf8ca6328f7c9ab92c70d01d29e9eaf45b3ee6445cae409aa9048a3b92e9b935bb67c91628c312de572","ssdeep":"48:bD3MlcaYje32enWULpu30EejF5huyFPFalMikhbHdF9Sd3muyFDM3ii7M/+0rf2n:bLMujzYpL5EOhT0529KPCDaVAHD8","tlshash":"0b91635a312374160575337e5bd7834df725a0f331418689babcc2526ff9075c622fa8","first_seen":"2026-01-24T18:29:18.938282Z","last_seen":"2026-02-25T18:42:10.659304Z","times_seen":30,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":43,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getMt5Amount?coin=xag","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:29.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=xag HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getMt5Amount?coin=xau","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/getMt5Amount?coin=xau HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"84906c476609962f71c7c1b2c0ab07f5","sha1":"236cb9551c9b9a66094608bdc73cbcc8eab0b70a","sha256":"869e2b9907d48d5cbde7905bde4133922987da7735eaaa48491fc6197d572ebf","sha512":"955fc342bd8146f30f5df3cdd06d911ce2f94a6a3ed684497f06d61274a544c87b0c5712c811edd0eb59f9a0194e0c1812246ed9298125aca8e1ba0ec9627ed7","ssdeep":"","tlshash":"779002555c188242fcc304a595461604002831a0262892488c59512581d81e22040858","first_seen":"2026-02-11T07:52:51.335895Z","last_seen":"2026-02-11T07:52:51.335895Z","times_seen":1,"resource_available":false,"data":null}},"time_used":976,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":976,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-949f9b00.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-949f9b00.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 772\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-304\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":772,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (771)","md5":"36240edd99a68159de1e639b9a1f2405","sha1":"3f72a4bf26ad1ee6d3be18803a1e9b73b068a754","sha256":"cd66e9d55f349c0914a966676b0821ee54f6b11b3a355cf14450de6e43c0635e","sha512":"234f001cc2712374dd26b1250916d55f40e4a4cd123cca8bb40e54aca2f07aa1df6d8c23ae0d4e8c7ab151db3c8b5fd8bfa32be737c11b104e4ac4a43523c648","ssdeep":"","tlshash":"5901d0f8fc1dcebb1f62069401913501140a1fddfa1819f198977e661be4990d7de72d","first_seen":"2025-12-30T23:38:20.678402Z","last_seen":"2026-04-06T13:36:30.358507Z","times_seen":18,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/index-323f05de.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/index-323f05de.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-1910e\"\r\nexpires: Wed, 11 Feb 2026 19:52:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102670,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"e1ce51a7f22a19f8318f6ac9b24dbbd9","sha1":"f2776e76c7a47b903f76d2489a907399712d9acb","sha256":"9e2a62feaef2ae245cf4548881e50920c9d6e936971e25411da0e34bf0d7a56c","sha512":"835fc8a269976eabeb005e1f1cebb49c7da9de4f5b8667722aa1b1cbbd95345c6d11f8102e1d4624d02b5c5fd70725ca87a0b3173e51cfdf2527cdc1cd82e3c8","ssdeep":"768:tlf6CmtgNEwCk/6AK3uH8cVbSgqa2LM1MAjMChtK8dSqMknXEWljy2adxhiei7VF:wmg3LghZndSqZUWo2f97fIkGz81p/","tlshash":"d8a31a8da40b1fff58be0888aa1f580021691fd7598cc8d3b2be5e562bf9ce4535d718","first_seen":"2026-02-11T03:20:10.855529Z","last_seen":"2026-02-11T07:52:51.336739Z","times_seen":4,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/vendor-64f46974.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/vendor-64f46974.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-d9242\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":889410,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3abf93235f8805aa2deb613de1c2e022","sha1":"3d00674e75280d0c645aab6e995dadb83c2e5e29","sha256":"4d5b7079708762a681efb01593bd187df376929eb2119a74fff768d1cbf01344","sha512":"87d7887c903a132b9189f0b75fdd99897fafd08a343443ded10b564a4120b21a2e703818267814284a0545a8337ffc61e44dc17efd049a48d30898388d199208","ssdeep":"12288:5RnbvFkQvVb8mXXdRLYNmD/ahCVawlVaPeJZ3J/pooTqr9szo/UXRdBE7m+jYhSr:5RnbvFjoiXTLxahCVlSG3WtYioSstI","tlshash":"f31528c97292f06147ab24e240bb0106f3396e59740e84a4f1ad98eb7d79d89d277f3c","first_seen":"2025-12-30T23:38:20.64961Z","last_seen":"2026-04-20T23:52:05.42896Z","times_seen":31,"resource_available":true,"data":null}},"time_used":1280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/svg/light/user.svg?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/svg/light/user.svg?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 551\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-227\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":551,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cbadb23520ecde3a8d7488fc19e95980","sha1":"b10897e06fe244e246e8542b0d1b6d695317576c","sha256":"7217fe0095fa190b95295278d273242aafd0ce4944095f55a3a2a6554d428e46","sha512":"9223a7055472f242d2a4494d80c4c546578663054b494dfd7d3c668157c598c91d6a5e9cfcb1835746b16b02abda7dd674a57b7313011f2a961a87e0cf68a3a9","ssdeep":"","tlshash":"70f04cf7501c949950014550c9de3a85973df133a3468d5eb3a208e68a1454b217c555","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-06-06T04:02:55.265615Z","times_seen":344,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-icons-png.flaticon.com/512/4318/4318318.png?2.0.1770327972065","fqdn":"cdn-icons-png.flaticon.com","domain":"flaticon.com","tld":"com"},"ip":{"addr":"23.36.76.130","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.flaticon.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 17 Jan 2026 08:23:10 GMT","end":"Fri, 17 Apr 2026 08:23:09 GMT"},"fingerprint":{"sha1":"35:11:C8:0B:80:96:AD:22:F7:3A:39:64:23:9C:BA:29:79:BC:62:E6","sha256":"EF:6B:0D:32:38:67:85:54:A8:AE:C4:9C:45:C6:3F:78:AC:7F:95:D6:F3:FE:1D:31:D7:1A:DB:82:1B:3C:AF:3A"}}},"request":{"raw":"GET /512/4318/4318318.png?2.0.1770327972065 HTTP/1.1\r\nHost: cdn-icons-png.flaticon.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 14060\r\netag: \"eafb9df5142c4c735040786a85d7e898\"\r\nlast-modified: Tue, 22 Apr 2025 05:04:31 GMT\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc=\"1770796352112_388254877_1384607705_63_1312_0_26_11\";dur=1\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=31536000\r\nx-default-rule: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14060,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"eafb9df5142c4c735040786a85d7e898","sha1":"1e866e64c80f9f357e6265cf373691b7138a298d","sha256":"1a17cf3129c2b799290361efa182916652b506ce8f4ddb8c6e276dfa745a2cb3","sha512":"5140391b82760a229c40495147c6b968296634078f4901ff02a3496fa81e3b7194336d7311328e1102611f1ace6de8bf6710ff2df01f1a42404c4468ddbaec48","ssdeep":"384:lkPAVkfN37I+REEeEh7l8OE1MP0e5+XcHS:lsAVkt7ICVc4gyS","tlshash":"62529ea6513904d3daec19f7196e42c9eee3f587a11377bc95140bf345f2016ae90eb0","first_seen":"2025-12-30T23:38:20.660054Z","last_seen":"2026-04-23T16:06:19.308176Z","times_seen":92,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":29,"dns":0,"connect":1,"send":0,"wait":6,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/871c4a538c124c57ad9d5eec74a18536.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/871c4a538c124c57ad9d5eec74a18536.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 90761\r\nConnection: keep-alive\r\nx-oss-request-id: 698C35414C8B373331E2E1B1\r\nAccept-Ranges: bytes\r\nETag: \"BBC5E01F0B148403C0F17A85C187C609\"\r\nLast-Modified: Sun, 01 Feb 2026 12:21:37 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10618538932071229127\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: u8XgHwsUhAPA8XqFwYfGCQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":90761,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"bbc5e01f0b148403c0f17a85c187c609","sha1":"e057f60c878f1e0c745c1db956e0a0412b83478a","sha256":"6437f670fa96bb06468355ae2370d70b9565e024a0d7186921e5666eb7abd9bb","sha512":"fa827d6763bfa80ed812c621c95755f502c61466c80cb34e906f4f6e3389da338af0a1a7b4e88ae98643257a28d4608811a58bc2bfcbed6a7f19a7b7f42bfe96","ssdeep":"1536:j5+nP8WYshZOhe3ATuWFAxi3L6mSwIxSa/RW2iCOE+YUdJ6e7DW9:jEP8WrhZ6ewR+xi3L3SwIxNWCOE+zC9","tlshash":"c8931261c729ec9ef362017798f1a6dc481e72c1b3c77a9e2044fdc5d14d32686b2e4a","first_seen":"2026-02-11T03:20:10.831764Z","last_seen":"2026-02-24T16:13:15.881018Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1439,"timings":{"blocked":-1,"dns":1,"connect":282,"send":0,"wait":289,"receive":297,"ssl":570},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/fonts/DINOT-Medium.otf","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdtsaving.click/assets/index-2abcbd85.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-11d88\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-06T23:47:44.188483Z","times_seen":960,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":646,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getAllSetting","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1378366,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (65388), with no line terminators","md5":"188a279bd75bbc3d27f3635bc53926ae","sha1":"cb0457da4ae1e2d82c16194603e4f95f3ea130f8","sha256":"e2fa5f8283ea570becea2d267c764e69afe0a1cc33971249073bb6390760a519","sha512":"22e9b6cc3b9afd3e7f018e438e69d098df804e05f73ace00fdb1a578d72a0223e26fcb2f20ee0647262ccbbc772298572f2cdab371666a3d3a9be6e798ac148e","ssdeep":"24576:4zTN7tETUQxPWUapX1/B6FgGHcL5gyJS8QgrVfY/Hbg:426RAukqnlt","tlshash":"f9252332ad833cb7664e571236279a5d74dc0dda8157f8cd41b139f382c2e235912eab","first_seen":"2026-02-11T03:20:10.825721Z","last_seen":"2026-02-11T07:52:51.318716Z","times_seen":4,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/type/defi_activity_type","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-06-04T04:33:14.419392Z","times_seen":666,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/charting_library/charting_library.min.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692ef9b2-2a6a\"\r\nexpires: Wed, 11 Feb 2026 19:52:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857)","md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-06-05T10:33:32.118542Z","times_seen":518,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/vendor-72ef657d.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/vendor-72ef657d.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:26 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-16997\"\r\nexpires: Wed, 11 Feb 2026 19:52:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92567,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"b40940e3efd47e3e653fe1fbec0ab363","sha1":"3911d44e1bceb07e83746e6bc68de9dbb587b11a","sha256":"72ef657df5906e9f23040a4ceb49985bf894ddcb4324d7d873a0c20b15d3e864","sha512":"f3706c9146b2091fb1a864ab4180d0a1538e801686af21bab4c7231421859a99fba7dd694632faaf1c457fb06711fcb16809e2221fe692c16390e7e98ccbf4d5","ssdeep":"1536:ZTIyNBi3MFYaQj73rx3WqyrtpqoSWEDZEnX73:ZdN0rxmNH9yDWr3","tlshash":"0193c5a5e9c4a1fc6f26f6659b4766d8f13cf661cc01daa0f109512d0fc7bf50223a2a","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-01T14:27:44.8802Z","times_seen":233,"resource_available":false,"data":null}},"time_used":1001,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1001,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/vendor-64f46974.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:26.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/vendor-64f46974.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-d9242\"\r\nexpires: Wed, 11 Feb 2026 19:52:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":889410,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3abf93235f8805aa2deb613de1c2e022","sha1":"3d00674e75280d0c645aab6e995dadb83c2e5e29","sha256":"4d5b7079708762a681efb01593bd187df376929eb2119a74fff768d1cbf01344","sha512":"87d7887c903a132b9189f0b75fdd99897fafd08a343443ded10b564a4120b21a2e703818267814284a0545a8337ffc61e44dc17efd049a48d30898388d199208","ssdeep":"12288:5RnbvFkQvVb8mXXdRLYNmD/ahCVawlVaPeJZ3J/pooTqr9szo/UXRdBE7m+jYhSr:5RnbvFjoiXTLxahCVlSG3WtYioSstI","tlshash":"f31528c97292f06147ab24e240bb0106f3396e59740e84a4f1ad98eb7d79d89d277f3c","first_seen":"2025-12-30T23:38:20.64961Z","last_seen":"2026-04-20T23:52:05.42896Z","times_seen":31,"resource_available":true,"data":null}},"time_used":665,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":665,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/fb9a7615733e423fbc8dfad0e5824726.png?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/fb9a7615733e423fbc8dfad0e5824726.png?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 90761\r\nConnection: keep-alive\r\nx-oss-request-id: 698C35417CD23C3433DF54EB\r\nAccept-Ranges: bytes\r\nETag: \"BBC5E01F0B148403C0F17A85C187C609\"\r\nLast-Modified: Sun, 01 Feb 2026 12:21:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10618538932071229127\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: u8XgHwsUhAPA8XqFwYfGCQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":90761,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"bbc5e01f0b148403c0f17a85c187c609","sha1":"e057f60c878f1e0c745c1db956e0a0412b83478a","sha256":"6437f670fa96bb06468355ae2370d70b9565e024a0d7186921e5666eb7abd9bb","sha512":"fa827d6763bfa80ed812c621c95755f502c61466c80cb34e906f4f6e3389da338af0a1a7b4e88ae98643257a28d4608811a58bc2bfcbed6a7f19a7b7f42bfe96","ssdeep":"1536:j5+nP8WYshZOhe3ATuWFAxi3L6mSwIxSa/RW2iCOE+YUdJ6e7DW9:jEP8WrhZ6ewR+xi3L3SwIxNWCOE+zC9","tlshash":"c8931261c729ec9ef362017798f1a6dc481e72c1b3c77a9e2044fdc5d14d32686b2e4a","first_seen":"2026-02-11T03:20:10.831764Z","last_seen":"2026-02-24T16:13:15.881018Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1646,"timings":{"blocked":1073,"dns":0,"connect":0,"send":0,"wait":288,"receive":285,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/currencyItem-23dc0535.css","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/currencyItem-23dc0535.css HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-6d6\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"8c2bda1d869b434db3e73feb2f974463","sha1":"d0654c8c16901111d91b7d6601dbb3d570425bf3","sha256":"23dc0535aa91953f71dd7f3f793539b5f1e7839c00a8096ee2947ec3aec99276","sha512":"bf6e976fcece61eea5ca6160a3efa14fad9b743403eab0ee9eeadf24fbbda74f5969fd85eca5f64b349cb97fe8c741ba389cbe21d35083c0afd2ef41958f5705","ssdeep":"","tlshash":"7c31dec553110735db37f486aeb8d514801c7fc1900756d9ec9b26272ccbba34ab0a3a","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-01T14:33:57.953519Z","times_seen":49,"resource_available":false,"data":null}},"time_used":1557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/filters-b39472b3.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:30.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/filters-b39472b3.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69850fa4-c06\"\r\nexpires: Wed, 11 Feb 2026 19:52:30 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3077)","md5":"082a14663572fbb0fdac69c743917a91","sha1":"2d6971cb64dd681e6529a6f712ca9afad292f1a5","sha256":"744f77dbfb8a3e53ec3df35d9afee98c6575917712a83b503ff3e1ab573ea1a0","sha512":"990ff24c6e74cd2ce7da0c79b2988cc164a3daf1f6964d9d2c150c074859cc784962b42e77e8b4f3202444cc830ee14d0cfff183c5b6a8672d5fb7c0d7bb073f","ssdeep":"","tlshash":"3c5133fdfcd3a13356ea6dfd40288414728ebe20686e0a4df55bd0825933888d07f768","first_seen":"2026-02-11T03:20:10.846993Z","last_seen":"2026-02-11T07:52:51.330493Z","times_seen":4,"resource_available":true,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yudiannet.oss-cn-hongkong.aliyuncs.com/waihui/9a282ee43e224964a2b55fbd15116528.jpg?2.0.1770327972065","fqdn":"yudiannet.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.227","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /waihui/9a282ee43e224964a2b55fbd15116528.jpg?2.0.1770327972065 HTTP/1.1\r\nHost: yudiannet.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8633\r\nConnection: keep-alive\r\nx-oss-request-id: 698C354193A7E93036E4FBE2\r\nAccept-Ranges: bytes\r\nETag: \"BC13CFB09C93AD8E1317CFE28D4C6A92\"\r\nLast-Modified: Sun, 01 Feb 2026 12:19:33 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12983068572616395445\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vBPPsJyTrY4TF8/ijUxqkg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bc13cfb09c93ad8e1317cfe28d4c6a92","sha1":"a6793d05a14d2fa72ad58b637c060a89527e5818","sha256":"055dc63f00798d1b019c7670334102d4ad419e73edd2c6a194e5518bd21833ef","sha512":"d14399335e042cac0b9470e2e587008803ad807ccde50514cbe858f85d479f48904985c22bf83a74c3983674ca4e648cb13e7378c7c0a98620fcf7fe939e6604","ssdeep":"192:f4Upf6SO/Lclj/8gJjK3mzPZTeCFRrU+XxotbBCUn98cYepj:A4f6D49VkwRT1FRrpq9xrpj","tlshash":"8502afc8a099d3919f1b0d5b4d396d928cf759248a0fbedeb50430bb06a160e93cbd88","first_seen":"2025-12-30T23:38:20.682731Z","last_seen":"2026-04-06T13:36:30.347605Z","times_seen":18,"resource_available":false,"data":null}},"time_used":2011,"timings":{"blocked":859,"dns":0,"connect":286,"send":0,"wait":289,"receive":0,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/ethereum.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/ethereum.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 9807\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541B29EBD3333E95E8F\r\nAccept-Ranges: bytes\r\nETag: \"12D9722461759CEFFF02D9076A3D2718\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9445008190181339835\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: EtlyJGF1nO//AtkHaj0nGA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"12d9722461759cefff02d9076a3d2718","sha1":"6b763fea0b17257a36b90c465593e1629aee0564","sha256":"af89450e1873196692af0d9d4d0c03218b4be8091171b9d8f7349298d4e82586","sha512":"8eb0f616162be914a3945fb383250796e1134da22e8ae612f403f28804ac04b7fd0f607e132403dc28505d80377c9281601cb23ef1f0814e08584428f3efa05f","ssdeep":"192:4V3ZO9Gxo9H+wp5qh6BKfMPaB2kXTfwoVqO2Rzhj7TfhBcHEhaI9yLKKD:4V4GxoYwp5wQKfMP6LXT7V+RzhzncpLb","tlshash":"7112bf66ab39a301d66d2bbe5cc59302db15ad10dfe14a3fcb840980370c6f9de5a6c4","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.279904Z","times_seen":599,"resource_available":false,"data":null}},"time_used":1718,"timings":{"blocked":727,"dns":0,"connect":247,"send":0,"wait":248,"receive":0,"ssl":494},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getAllSetting","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":559,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c59a76cc7449399b29714ecb10473e79","sha1":"0d793bc67d43701ef52a1fa34f796a29ed26b578","sha256":"a3b7b2a4dbd2f61ba3181b2006642b74b7c5a2f2b513957c49cf72cfdb6bcec3","sha512":"c033475206e7d46175ca0fabe9074ace086fd9f70ac95261c0aec42efabb07a074dd3b615702d82342886b54d8a06a9538b8e1d4294c8371ea4f3079ea280a5a","ssdeep":"","tlshash":"71f0c01f5638deb8080408cb54ce7dc9425f2687d370cd309a6bcf2c41f49b75b0a504","first_seen":"2026-02-11T03:20:10.834233Z","last_seen":"2026-02-24T16:13:15.954221Z","times_seen":6,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T07:52:24.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:25 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 08 Feb 2026 14:01:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69889739-1528\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5416,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094)","md5":"c7df1cbbce87bc5343760e74eac99f7c","sha1":"06a9a681846e819ec5865cdb9420fb4b723bf895","sha256":"330df9f5b299f337de66b0411a2f8986fa89a63ea701dc83620b2080c09f432d","sha512":"5e3af933dbd94ce3c7ccf4bf7f8ec3a444ecaf7cef67f3393818b03634af18a73902936b1f6d1bd9224a5b505ec1ea8f4202d2cf6572bf04aedc173bf3c9fa79","ssdeep":"96:Tr82bCz5yKuc67rDSrDt//or6TCZydHRH/g02mUsGKAiowGpuB1niHgiHsH/fV:TFAL67EuZCxfl2nfD3bpuB1niAiMffV","tlshash":"4eb14ff39db0c85a2391413bebd7f0289b6211a386195814b4cd44e98fd5fe588cbbb1","first_seen":"2026-02-11T03:20:50.633258Z","last_seen":"2026-02-11T07:52:51.342034Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1887,"timings":{"blocked":776,"dns":108,"connect":332,"send":0,"wait":332,"receive":0,"ssl":337},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.meishenme.shop/api/common/getAllSetting","fqdn":"webapi.meishenme.shop","domain":"meishenme.shop","tld":"shop"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.meishenme.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:56:54 GMT","end":"Wed, 06 May 2026 19:56:53 GMT"},"fingerprint":{"sha1":"33:1E:C6:04:BB:E3:63:88:E5:BC:CE:65:34:13:84:D9:3C:A8:5C:E3","sha256":"E3:11:2F:D7:F9:9E:AB:9F:A0:E2:5A:4D:77:63:CD:09:D3:5B:D2:48:DF:C4:88:F8:6D:AE:24:07:AD:34:88:53"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.meishenme.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://usdtsaving.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:29 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://usdtsaving.click\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":1553,"timings":{"blocked":622,"dns":0,"connect":307,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/assets/roulette-655b4d73.js","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:28.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /assets/roulette-655b4d73.js HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:28 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 144\r\nlast-modified: Thu, 05 Feb 2026 21:46:12 GMT\r\netag: \"69850fa4-90\"\r\nexpires: Wed, 11 Feb 2026 19:52:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":144,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"f20ca20b735de1ed9c831c3239560d00","sha1":"61fa5f0befb90898f2d069f16b5408f2adf8ff8c","sha256":"fa67bc4ef08e296a829548898504de84dce76054c8b1bd49f8bdf69edb6a9d60","sha512":"47814bd5e7015003a76b4008421165e08bb506a8850ce324171cc187f5fb699b0690fc2c9b4f3c91117b3da374acca0a5c0adebd1fccf60bda3d88bbe021c4ee","ssdeep":"","tlshash":"38c02b1f8941c3f341641cc9e2c80f44c53184781ba3d8e000074411436c8d2f1dd000","first_seen":"2026-02-11T03:20:10.82659Z","last_seen":"2026-02-11T07:52:51.327034Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/images/light/zhiyaimg.png?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/images/light/zhiyaimg.png?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"692ef9b2-fa66\"\r\nexpires: Fri, 13 Mar 2026 07:52:32 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 222 x 200, 8-bit/color RGBA, non-interlaced","md5":"a56d10c7d8a1370d32a7309ee9725b35","sha1":"46a2abdc3eb5771d612d44e437ffc06d660aac82","sha256":"91f0a111642cba65b537a29310bd63c2d68f7a693728423ebc7c80dfc7dccb2c","sha512":"e73500755f1efe7365462f0c7f7616932aa55cffcbac32ad5c91061248e738fd8690c2b968a41ee849e4c7728a6ac3ac5cc76ec9f10f7fbf3a55e2cf4641b79c","ssdeep":"1536:Z8twyIjO5IoAXzpTyTc6Uo306DzPHDVXRAnzJE19EqwgPKO5qql:GAS5SDpOABokqzPrA2t/Xl","tlshash":"c25312351c166852e00a5faa6dbe302d8286e91c7d73c324607c0e0ff9d9fa74dda8b0","first_seen":"2025-12-30T23:38:20.660979Z","last_seen":"2026-04-06T13:36:30.372717Z","times_seen":18,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdtsaving.click/resource/svg/light/zu447.svg?2.0.1770327972065","fqdn":"usdtsaving.click","domain":"usdtsaving.click","tld":"click"},"ip":{"addr":"103.12.149.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdtsaving.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 19:52:40 GMT","end":"Wed, 06 May 2026 19:52:39 GMT"},"fingerprint":{"sha1":"18:18:D5:DD:A8:75:60:55:E6:A0:6F:9E:2E:34:5D:94:C0:B9:C7:E8","sha256":"E6:74:71:0E:4D:67:08:12:48:4E:BB:51:EA:9A:C4:6B:15:7F:8A:78:50:8C:56:CC:88:AE:AF:4F:CD:53:54:05"}}},"request":{"raw":"GET /resource/svg/light/zu447.svg?2.0.1770327972065 HTTP/1.1\r\nHost: usdtsaving.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 07:52:32 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 420\r\nlast-modified: Tue, 02 Dec 2025 14:37:38 GMT\r\netag: \"692ef9b2-1a4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":420,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23b51e86174e8f6920f0afedc42bb423","sha1":"cdd01b04898627077aff5bfcfe4c8d1729d89397","sha256":"3a30987fe9e27f43c0c43f5aea739a13a599a6f633131b6f042f039f15de83e7","sha512":"4c3eae2304dc9d458aac7064d93cfc502fca1543b29bd5490adb51fb806dd0596a2c854b560f605d99a78243e8cd1fe60cbd6b09b663594d4333beda3820533c","ssdeep":"","tlshash":"fee05c16cc15100e51010e95c3d11f68a47ff183c2a508aefbe0127b4ab5c0a6cbc32a","first_seen":"2024-08-19T15:53:11.170684Z","last_seen":"2026-06-04T04:33:14.432722Z","times_seen":390,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com/waihui/coinInfo.png?2.0.1770327972065","fqdn":"dapptubiapp.oss-rg-china-mainland.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"39.101.26.6","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdtsaving.click/","date":"2026-02-11T07:52:32.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-rg-china-mainland.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:44 GMT","end":"Mon, 08 Mar 2027 11:46:43 GMT"},"fingerprint":{"sha1":"67:FA:A3:5D:D9:EE:E0:CC:09:CB:13:EA:D7:89:C7:5F:C6:D1:A8:98","sha256":"F5:76:6C:C4:72:C9:8E:6F:B0:93:44:EE:E0:28:A3:27:6F:EE:B4:BE:EC:C0:2E:9A:F4:28:91:BF:B9:A2:D8:B0"}}},"request":{"raw":"GET /waihui/coinInfo.png?2.0.1770327972065 HTTP/1.1\r\nHost: dapptubiapp.oss-rg-china-mainland.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Wed, 11 Feb 2026 07:52:33 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 698C3541BDADCC393703729B\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Wed, 26 Mar 2025 08:36:50 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000105\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-06T23:47:44.168837Z","times_seen":643,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":955,"dns":0,"connect":0,"send":0,"wait":243,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}