{"report_id":"8fb817bb-0c32-4ff6-aff5-b6f278861080","version":0,"status":"done","tags":[],"date":"2026-06-18T15:59:54Z","url":{"schema":"http","addr":"h5.usdsavings.cc","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"final":{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"title":"Matrixport","dom":{"size":34274,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (27324)","md5":"12888be96fa9c5b01a162d70979e4aaa","sha1":"35b871c1d274943ba1b0f9d54ed651bbd979353f","sha256":"84b8ba0db14f75a433d2fc16c239a2891fa3a0fa48525813e426e1f962fcd8bf","sha512":"070f4d5e0cbbd02c13af5e97bfd139bd598ead3e3eff4bb525387d05bbdd0889da355663aba5727b7b465530f0f0de2c125634a9d256f8b87f08a2ca313126a3","ssdeep":"384:+x16RxoZCxG2xh4RhtRW0gli/onXbK6vD2MpDrOmg/cm8AmrINbykSSmRpqHoJYU:+x1sxoQxG20kYPzI","tlshash":"87f2b661622851b382b799c2e1717f2b7e96f30fa40685647eaf818e6fd3cb5bd01170","dom_hash":"domhashdf7c971b01919cf81f1eee69a9d81c32","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"h5.usdsavings.cc","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":0,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-23T15:59:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"webapi.usdsavings.cc","ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":9,"received_data":5778,"sent_data":4984,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"s3-symbol-logo.tradingview.com","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2010-03-20","domain_rank":110931,"first_seen":"2020-11-23T08:22:37Z","last_seen":"2026-06-12T17:43:56.902593Z","alert_count":0,"request_count":1,"received_data":1293,"sent_data":552,"comment":"","tags":null,"fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"h5.usdsavings.cc","ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"domain_registered":"2025-09-04","domain_rank":0,"first_seen":"2026-06-18T15:59:56.389872Z","last_seen":"2026-06-18T15:59:56.389872Z","alert_count":0,"request_count":27,"received_data":2407969,"sent_data":12293,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"huobicfg.s3.amazonaws.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-08-18","domain_rank":5277579,"first_seen":"2021-11-22T07:40:25Z","last_seen":"2026-06-16T03:28:20.160478Z","alert_count":0,"request_count":10,"received_data":105770,"sent_data":5433,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"adminapi.usdsavings.cc","ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":24,"received_data":256442,"sent_data":12897,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-26T19:16:55.950042Z","times_seen":4150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"e29cc4b739166fb0de3dd3960891cf94","sha1":"32bf92595a210346b3fa579ce87df4987f109d95","sha256":"d3b8857aaf83eedf7762ae5079cebc09d4924e13766d06fd68dbb746634f95e3","sha512":"854eba232753dfc9183d3029c72a8ec545156e6a966cbf69fbad7acd252632ee09b17f9666f3edfb4541f58d3d3bbfc9841f999c37cac48586997700b245e0af","ssdeep":"","tlshash":"7bc08cc4a0c26d102602651021bf38e490248027b0481b038c94d8482e630b08237ea8","size":140,"data":"","first_seen":"2023-06-05T11:50:58Z","last_seen":"2026-06-26T19:16:55.945528Z","times_seen":3253,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"5d31ff7e60917b0ed4a4b70d37f66a2b","sha1":"c50f1dcef18065974e84265a1a49bdd0ee29e449","sha256":"aa6fd728eecb263d1055ba5f0b243644492895c8b51fdf396aeb35f2026ac848","sha512":"37b9cf72e1f471ea4b8ab70e1ced41fd251b10d068879907f2f7dd3276ac5c5cd9b0c3b90a731ee5449d42ba3b181ce145207561b4e72ddb32bbf1337361fb8e","ssdeep":"","tlshash":"72c08cc8b0c22d001606641010af24e49024402670482b028dd4d8482e220b48233e98","size":138,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-25T23:53:27.12087Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-7e522df0.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"e23fdd34e773a2070c47c6d66f713fe1","sha1":"9035eca92419d6074792ac3d640d26829ea02b17","sha256":"b5cf7c4613d6b1e7938b2bd5a39b1a8ad5af1bd3b91f270dd9a5ea75c5571e18","sha512":"05562b9f4b9ba4b0c3588128e2a19f6783415cddb73c71657ee1218f1392d09cdd3866609ee3bd451d6fcec30dbcb0f766729dab7f913c8163b1322e2f223d7b","ssdeep":"1536:06Zxyxxxtvw9BSth2CkhwEdamjFR88XQbp/BWYBzZI:04wv3WSth2CyamjFR88XQ/B9I","tlshash":"76935c49a8070fff68fe0448795b1840116d1f9799cdc8d3b7baae9a27f9ce1624d324","size":95010,"data":"","first_seen":"2026-06-18T16:01:02.251666Z","last_seen":"2026-06-18T16:01:02.251666Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"b9fb31cae71997d72572eaa6cbc7b6e2","sha1":"e1c79ea017e60161a1cb2c60f8d878851dceb8ef","sha256":"ea28bc646daad934b6c6b153923f47dd144437a454f6ba4fdfb7bb14dc2c3f32","sha512":"024215dfa24a0e89b59876b462db62776f56966a0ff0776a1ee30ca66c3a73f6178cd6854925e1d2a655946903249d880228eb77f01cd367f407bf2d097b917e","ssdeep":"","tlshash":"b911abfe191ab0296303404e976b7811642290a9400a184177cc9a9dbb9abade0cbb8c","size":1034,"data":"","first_seen":"2026-06-18T16:01:02.264472Z","last_seen":"2026-06-18T16:01:02.264472Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-26T22:12:16.14333Z","times_seen":38455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-26T22:12:16.144145Z","times_seen":40544,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-be026aab.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"450591f5e7b230b964d42cf062838529","sha1":"a4896d7a266c3690754821bce78d80f25a4bf234","sha256":"7a850cc6497f25c74e640b728dc2757b7ba815637b34e42cd0433152a5574151","sha512":"07b9d6e79ce9fa365451e60f51de7cff29f0ea4c23433b0dfaad8e8d7c4ae1f29cdb20bb1472938e3112f67b60fbef4e44b2e1be5ffe4ed656c076fc11f61833","ssdeep":"","tlshash":"2bf0051f6c7a91b31ba3c4fcf2131811660c1f517325c5e4e1470f114b388d7d24e624","size":513,"data":"","first_seen":"2026-06-18T16:01:02.248795Z","last_seen":"2026-06-18T16:01:02.248795Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-8e8b1e36.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcac2fc8dd15a1b02e5aeb6d7765fb52","sha1":"40d27e6ffc3dd06ad8b3e69a0c76996fc447cfc2","sha256":"376ee70388701d623071f9a15b6061a3d444546110f1db08e90c8d8021e2dc80","sha512":"80dfc770f4cc273dc76b46f5dad3150e1d6c48424680ee8390fcc2214ba27195a4ef9c63f74e399f81ee67b8d1f5f00244d75bce2bbd0f9972ec6654423c2996","ssdeep":"96:vZY5OPNLuw9ivYsd9iqCwW8+mh+Yw+GvnU0AjtBmt3hr2r33YeXqAumtrj9:vZY8PNLuw92YsiqCwphlw+anQZg1hrEN","tlshash":"7da1a58db80285baaa7b144188580420615c3bfea26c44f6f7bdad0e37b5eb9d394320","size":4639,"data":"","first_seen":"2026-06-18T16:01:02.259141Z","last_seen":"2026-06-18T16:01:02.259141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"ca2c8a513ba4ddd84c4c4857faf9f8b6","sha1":"29c6e6c68ff201ae5b1df93335a1170398f20b2c","sha256":"4466292d90055a17bde39e5aa47cf9fb23a76ce5d88f990de0cb7983d451a0df","sha512":"e886ba9c1a87b369d2ccd457d266da56dab3237f1446981dca3c9fda74e822dde664b62d3272bbe59b1e04b5ab7c49fd34668ad0e99528ef6850c3def75f668e","ssdeep":"","tlshash":"33c08cc4a0c27e509622641820bf28e89038402674485f529d98e84a3e760b08233eac","size":147,"data":"","first_seen":"2023-12-04T02:29:51Z","last_seen":"2026-06-18T16:01:02.268156Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"926ad28c98be26c2ab7d8f231631853c","sha1":"c1c7788df347ea5ab2369ae95456a8a1f7d9f150","sha256":"ec5e8816f60cbbf34b660d2d1455234d92295ab1a210868d6bbfeab7359e438a","sha512":"6f8eb48bc8638821747a26fc6370ee240e58d47699acbe5a1fb2bff1b25d62c6918f6df77dd78da3bc1b3e3d14eb849ccd4e0d1e01593294187bfd509be2ebdb","ssdeep":"","tlshash":"a5c08cc4a0c22d001a02641410af24e49024402ab44c1b029dd4d8482e220f08237ed8","size":138,"data":"","first_seen":"2023-12-01T02:41:08Z","last_seen":"2026-06-26T13:23:43.709118Z","times_seen":371,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"fb2ad6fbf558d006be1faef6465ffbcb","sha1":"6c217d3b153d4813c5690c11582376bb8562c26e","sha256":"3de5f332589e87277ea2a5ec216e1c703bb4f9a0349499cf837d4760d5cbb55e","sha512":"8b0f5909af93366f9eeae818885b9f84d95ead31d049bb178b8cb856c51a1fc77d9082c1dff16919075b1e42e42ad570001f67f6dee0d2d8dd9fcbd464c0d0f0","ssdeep":"","tlshash":"dcc08cc4a0c22d006602641120af38e49028402770482b028c94d8482e220b08233e98","size":137,"data":"","first_seen":"2023-12-21T09:30:10Z","last_seen":"2026-06-18T16:17:49.312737Z","times_seen":1212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/charting_library/charting_library.min.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-25T17:45:58.613328Z","times_seen":1070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/currencyItem-505e751b.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"241f90a33ca93c8198487458432f2625","sha1":"13f36a74ac83adbfc5bc2620e10c39312704afb8","sha256":"0deb6460c83eb1dbb68683617fe37737eb227660aba756cf4579776269e2d871","sha512":"b975b4dcd3071a0296a0f1d756451fe4be5ff6dda92de32ccaa60015f8b4390b77b0a1e16f2331ee997503ade044509ecde47d2fee5a606cc75782a520ac84fe","ssdeep":"","tlshash":"5c21df89ae11c7b1cbbe906285bd1414170d7bea700181c1fbee148a37969fcd728a31","size":1206,"data":"","first_seen":"2026-06-18T16:01:02.232316Z","last_seen":"2026-06-18T16:01:02.232316Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-06-25T17:45:58.763048Z","times_seen":1481,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"5eefe40b85e8c2db9ca6b62c4c3c5399","sha1":"00c3b8914ba6e7b5e9f47b5111b63e9e0ed7a556","sha256":"5e0f7543b9c01385fd8fcf8669408e298108d313227ab99067161b46c5d60ad4","sha512":"8aeda493afb753af1917f681b30c17a5c5941366be426c10cdc863eac91477e17264c4ac13c3b2924fbd47d3df739e703a6b609e7681530d4df3b3889987eaf5","ssdeep":"","tlshash":"a8c08cc4a0c26e005612641210af28e4902440a6b4481b038d94d8482e624b09237e98","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-23T17:43:15.627332Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"b9fb31cae71997d72572eaa6cbc7b6e2","sha1":"e1c79ea017e60161a1cb2c60f8d878851dceb8ef","sha256":"ea28bc646daad934b6c6b153923f47dd144437a454f6ba4fdfb7bb14dc2c3f32","sha512":"024215dfa24a0e89b59876b462db62776f56966a0ff0776a1ee30ca66c3a73f6178cd6854925e1d2a655946903249d880228eb77f01cd367f407bf2d097b917e","ssdeep":"","tlshash":"b911abfe191ab0296303404e976b7811642290a9400a184177cc9a9dbb9abade0cbb8c","size":1034,"data":"","first_seen":"2026-06-18T16:01:02.264472Z","last_seen":"2026-06-18T16:01:02.264472Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-26T22:12:16.14333Z","times_seen":38455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-26T22:12:16.144145Z","times_seen":40544,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/vendor-ceb1fff5.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"1edb6c86ee6643c435d42c0469cd139e","sha1":"2c505b94413aaafee5997c7a6293403c9ca6d90e","sha256":"36768950a65fc84191fa89dce211dd5c10264f50bfac901d5622e9f410ffc2cb","sha512":"5acb88ea9cb5696631d4d0e937f9159a2a9016b702a0c86428c776930f7e5b1e25c6486572302fe3c1f7a8ead66ac6022350fd9002d39a1ee45b4f79a8d84b8c","ssdeep":"12288:vk5AwysSETldvsOQ2Xv9DD5799fSZQjQqczu+ru5X:vkCwysSmwOf/95799AQMqydrI","tlshash":"d7a418d931d2f02153bb24e6407b0006f33e5e59780ec5a4f169e8da3d7a99992b7f2c","size":473076,"data":"","first_seen":"2026-06-18T16:01:02.261372Z","last_seen":"2026-06-18T16:01:02.261372Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/en-8b16e2f0.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"importedModule","is_inline":false,"md5":"6f80df1ea1a43bb991dc303cdd8676ac","sha1":"d638fa1f759a72d3b6e09e981842e787fa26a15a","sha256":"c3b66c76bad108c28a920fa20941ae08ebbfe88425498e53b21793ad450827e4","sha512":"c8acfa817af8565eb141d217281b54a626536d9114c0198c79c095aa97e26fc01983059bdf031f054d81fa8503412d7ef10f309729e9c082cd74a8b34f7f7432","ssdeep":"768:+GtZcEw/o7rEj1iihnAMRor2aAM1soP6+6sPR9hmwL6fpk7aA1h:iponEjhjorT1sLsP751h","tlshash":"7a03d6893d1a889a04f35376b4ce6e2120f60ac18255881f4fedc9fd93d2b676363734","size":40559,"data":"","first_seen":"2026-06-18T16:01:02.240017Z","last_seen":"2026-06-18T16:01:02.240017Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"a5098911c06d7157605dd3b899679de2","sha1":"84de6941df9069d65274ebb86209afe2de4cf428","sha256":"5132dcfef5d98b1b951e3a4f1bbaae148d55bbc591632ffbc15c5d7ef5639a11","sha512":"8f8f3eeb86093d036702d0e0b4041281b2bb4d974554c7badb63bc00cac3428fba0e8220bf82dd748c8ca58f0c0558bdf08aaea46bed6b01a691faae13188194","ssdeep":"","tlshash":"58c08cc4b0c22d001602681020bf24e49024802670481b028d94d8582e220b08233e98","size":137,"data":"","first_seen":"2024-08-20T15:10:19.332214Z","last_seen":"2026-06-18T16:01:02.271006Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"b9fb31cae71997d72572eaa6cbc7b6e2","sha1":"e1c79ea017e60161a1cb2c60f8d878851dceb8ef","sha256":"ea28bc646daad934b6c6b153923f47dd144437a454f6ba4fdfb7bb14dc2c3f32","sha512":"024215dfa24a0e89b59876b462db62776f56966a0ff0776a1ee30ca66c3a73f6178cd6854925e1d2a655946903249d880228eb77f01cd367f407bf2d097b917e","ssdeep":"","tlshash":"b911abfe191ab0296303404e976b7811642290a9400a184177cc9a9dbb9abade0cbb8c","size":1034,"data":"","first_seen":"2026-06-18T16:01:02.264472Z","last_seen":"2026-06-18T16:01:02.264472Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-26T22:12:16.14333Z","times_seen":38455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-26T22:12:16.144145Z","times_seen":40544,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-a9c50dbf.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb653091bb12436bcd48ed50cc06f7a8","sha1":"dbca14021f5e3109c4c1a66b1a6657fccc569d79","sha256":"3c6fd39a46013a50b547a58c779ab245d5b08ad011543fa958905d8e23779800","sha512":"54c092988c2f01e811f85c2b3adfbae9b0735f6c19e5147565a3895d5c91f9bd6e75bdc063e612a6459cf431eb581da0d464ccd32087ac8c67e3f942107f5cba","ssdeep":"384:D8u+ljDPHTr4/JHO78qGi3P25SFtfRfirdA0OylwadCkx/Xx7r9MsCrI:D8Z4YrpbtfRfCKBqL7r9MsCk","tlshash":"c562d655bc45973ce6b3a421509d0410b15d3fdb500c8ca2b4bead9627ebff8b749a38","size":15352,"data":"","first_seen":"2026-06-18T16:01:02.24753Z","last_seen":"2026-06-18T16:01:02.24753Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-62a2ab30.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d141314cf3091a6812fcebc33a60bf2","sha1":"46bbfeedeaec86d22e326af7d2f25a1f5e26e24a","sha256":"6b77af6d5759119db4d573afea7dd8c31c14dbb8b9ab7456d374425fa05d04ea","sha512":"a036c2e0424c6542887853c62a56503d70fc8076cd2c0abd751f7c477761f3224120112d886f809a895de6cb837d381fb598eebd3ca821c2966f4960b5218f68","ssdeep":"","tlshash":"6601fdf8fc08cebb1f62064001a13501140a1fedfa1409f1a8877ea61be4940d7de32d","size":772,"data":"","first_seen":"2026-06-18T16:01:02.245164Z","last_seen":"2026-06-18T16:01:02.245164Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/filters-54c0dafd.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"scriptElement","is_inline":false,"md5":"084d8354d55a28e6e530bf6c8a2188b0","sha1":"ae4b4f428f880c03c457ee88b821ebe886203aef","sha256":"b1c08dd4d00f4909cc48fc7ac555ae8155dff7e086f782f9675c27c0d7af95ec","sha512":"9c9f2467639bded89ef95acae286cf6594d4c30b439eb555c4c526c2c16103f37f00672dddd0ff43e9376531ee90efb87f6514d8979f6e1cae286ae006f94a45","ssdeep":"","tlshash":"ce5145fdfcd3a13356e96df944288414728ebe20686e0a4df55bd0426933888d07f764","size":3078,"data":"","first_seen":"2026-06-18T16:01:02.241657Z","last_seen":"2026-06-18T16:01:02.241657Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/#/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-25T17:45:58.761644Z","times_seen":1240,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/currencyItem-505e751b.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.427Z","timestamp":1781798365427,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/currencyItem-505e751b.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-4b6\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1206,"size_decoded":1120,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"241f90a33ca93c8198487458432f2625","sha1":"13f36a74ac83adbfc5bc2620e10c39312704afb8","sha256":"0deb6460c83eb1dbb68683617fe37737eb227660aba756cf4579776269e2d871","sha512":"b975b4dcd3071a0296a0f1d756451fe4be5ff6dda92de32ccaa60015f8b4390b77b0a1e16f2331ee997503ade044509ecde47d2fee5a606cc75782a520ac84fe","ssdeep":"","tlshash":"5c21df89ae11c7b1cbbe906285bd1414170d7bea700181c1fbee148a37969fcd728a31","first_seen":"2026-06-18T16:01:02.232316Z","last_seen":"2026-06-18T16:01:02.232316Z","times_seen":1,"resource_available":true,"data":null}},"time_used":862,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":862,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/eth.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.480Z","timestamp":1781798367480,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /currency_icon/eth.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232608A043.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.602Z","timestamp":1781798367602,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232608A043.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:26:08 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232357A032.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.609Z","timestamp":1781798367609,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232357A032.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:23:57 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1607,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":1065,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/29/pic_20260429013415A002.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.598Z","timestamp":1781798367598,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/29/pic_20260429013415A002.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 17:34:15 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1630,"timings":{"blocked":-1,"dns":23,"connect":273,"send":0,"wait":1058,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/currencyItem-eb9b6d04.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.430Z","timestamp":1781798365430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/currencyItem-eb9b6d04.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-b40\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2880,"size_decoded":1259,"mime_type":"text/css","magic":"ASCII text, with very long lines (2879)","md5":"413e26b7057e9dd3b9d260c3ace08108","sha1":"3225da101b6592ad5ab4cada9d4920c4b91f53e3","sha256":"eb9b6d048a157120e1949c645b3574732b6922854889e8563c4d6501c31e57d2","sha512":"dcdc25c8264323b3d085117aac98333aaad872f42c03d2611520df2a0fc6525d50c1dbaa3ebdc7f2293b8b6ba71540395f817bdcf8c1d670b3dd24e1a37add72","ssdeep":"","tlshash":"b9512d5493190374f937c4c76fb40509e8a46f61f04b8ae8fc8f112f5d5b3a75a30a25","first_seen":"2026-03-23T14:44:34.526692Z","last_seen":"2026-06-18T16:01:02.235516Z","times_seen":7,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":860,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/images/light/kefu.svg","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.472Z","timestamp":1781798367472,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/images/light/kefu.svg HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 22 Feb 2026 09:52:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699ad1f3-54a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1354,"size_decoded":1126,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e724d7ab7843c3085eecc6ca2f2bf45","sha1":"08fb02f6059fec2137bac5b3b2cf2c62acdfc798","sha256":"df985f79874337c4aaa5a582d93e80f71639af38e0877a277a3179d39e379740","sha512":"5b87c4dbc7e1499fe1531f1d3a38706b48174565eec3fc62dce651bd3fdc882b3e80ad3a0ab60890f1b2d77a287994de8f2bbe2553855d9a18ffce0b46d6c869","ssdeep":"","tlshash":"51218a3f031586aed1c0af9887c2590c173ce222f0b545d877535b665c14abb95bcd72","first_seen":"2025-09-14T16:18:45.645426Z","last_seen":"2026-06-18T16:15:09.934598Z","times_seen":24,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/blz.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.151.5","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.517Z","timestamp":1781798367517,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-northeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"46:67:AE:AC:E3:C2:0D:C4:55:CA:3F:CB:B1:64:48:00:87:D7:E6:91","sha256":"18:7F:98:1B:96:0A:EE:5D:A8:54:AC:EE:61:CD:E2:1A:42:79:57:6C:BB:97:D4:54:5F:AD:91:87:86:84:69:D8"}}},"request":{"raw":"GET /currency_icon/blz.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: SPBtguS1hr5AblaYkxVsIDNrIRH7oKgOk0EIYX4Fap3PsWOhts4tEM3Hr0pginkB3aYsaqQoBb8=\r\nx-amz-request-id: ZXR2P98RCWNYPB8G\r\nDate: Thu, 18 Jun 2026 15:59:51 GMT\r\nLast-Modified: Wed, 15 Dec 2021 10:33:36 GMT\r\nETag: \"de0059bbef67f9c3df6064bc1bbbf3f5\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/svg+xml\r\nContent-Length: 6040\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":6040,"size_decoded":6401,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"de0059bbef67f9c3df6064bc1bbbf3f5","sha1":"320868b36c5c9096b5b857d046a51c380b2753af","sha256":"eeef5e65de2a963065a0c6661e38b7d4ab470f4787e64e2fcb92e41189e19b62","sha512":"5b5da844bd0bec1f061e0d9d531be81666c8a5c6c5e201289b2d19ac962eea542b79126bb1b53e3aebf03ae3f1ad371f9b26a7d08c1eb4baee7522a38d4a34d3","ssdeep":"96:T5cAg0U0h3k+pyt1hSyG/wDkB4koyUWEamKTRD3Rpe08sDTZoOkTX/WEyDcT4cdZ:asU6xpe3buwD+uHbaZRDhksDTZdkTvWM","tlshash":"b8c173853375c2edf100d7bc8a0a74793a632de63822d55907e81c86a85492e4de9ce7","first_seen":"2025-06-16T08:54:16.094362Z","last_seen":"2026-06-18T16:01:02.236979Z","times_seen":10,"resource_available":false,"data":null}},"time_used":23496,"timings":{"blocked":23214,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/common/type/defi_activity_type","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.545Z","timestamp":1781798367545,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232530A039.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.606Z","timestamp":1781798367606,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232530A039.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:30 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/vendor-4b39a398.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:23.506Z","timestamp":1781798363506,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/vendor-4b39a398.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-16c35\"\r\nexpires: Fri, 19 Jun 2026 03:59:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93237,"size_decoded":38272,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"2491919d901ad15e82d6c1245fb28968","sha1":"166501022e953ff7bf709e96198c76d4578676de","sha256":"4b39a398237e9aaae03327bd9216047be19b6587a469195ed9160b96c9b5a819","sha512":"c538de42b89cda2c728d4b43d017565e1ac244b948c4dedf116cff1b0d085f16948fbb5d42b798ab020ac7dc3fd8ac2e56ecd365b07edac5e1d25d08edcb73b9","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/Bb:BnNIClDsIxuVS8tb","tlshash":"bb93d4a5a9c461fc6f2ae2659b8765e8f13cf671cc01daa0f105511d0fcbbf60613a3a","first_seen":"2025-06-03T16:32:00.309427Z","last_seen":"2026-06-18T16:01:02.23752Z","times_seen":209,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1019,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232408A033.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.610Z","timestamp":1781798367610,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232408A033.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:24:08 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1606,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":1064,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/02/22/banner3.png?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:28.097Z","timestamp":1781798368097,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/02/22/banner3.png?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Sun, 22 Feb 2026 03:03:14 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":127547,"size_decoded":127872,"mime_type":"image/png","magic":"PNG image data, 686 x 320, 8-bit/color RGBA, non-interlaced","md5":"b407f387de1a3318d16682384d3d1cd6","sha1":"04d9ba4ef808d8cb35917b5ccbfdfb1932e5d998","sha256":"6bb6060c3daea19355107eb57f4e0df3ab3f995e71d89230bed7bc36fc7decb8","sha512":"4a769f17bf4fa0b2a387b3ce2b38cd9741dbbf8e40e1a2b082b1bdbdeff7cb64301b2510d2ff50c3affd296b6764fb9f73b488fa9c621acabf7927a2e039ba03","ssdeep":"3072:59zH6iwI9eWmCxJCwZga99ndPPQ4wPjQ7peopvdrjf:jzVw15CxJPZ39dPPssFeU3","tlshash":"a6c312521f0adf0d5d42c735ac8b5428ecb1d02c0b943ebc21a2e7d1ba6ea4d2b07667","first_seen":"2026-06-18T16:01:02.23805Z","last_seen":"2026-06-18T16:01:02.23805Z","times_seen":1,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":64,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/images/light/notice.png","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:28.644Z","timestamp":1781798368644,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/images/light/notice.png HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 536\r\nlast-modified: Tue, 12 Aug 2025 22:46:38 GMT\r\netag: \"689bc44e-218\"\r\nexpires: Sat, 18 Jul 2026 15:59:28 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":536,"size_decoded":1044,"mime_type":"image/png","magic":"PNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced","md5":"9fcbca8b435fbfaf017365293aefb833","sha1":"b294a558c6e3049919fe1659f1e1450a00037506","sha256":"449b0ce49226d926da6e5fe36b2676129ec7d5defb06e6bc69d037e5573ae0ea","sha512":"8e15ffcad907dda438f0deb6aa650a0ffa80c2bc5d199685f8630fc628bd0f410b77baa26f6592dc3d93695ac3e99a2ab64e088dfc6985d0e9b68add588172b5","ssdeep":"","tlshash":"11f0755636380e2ccdef5a3e355a4110d823f3a0ce009d806544267dcc1f08422b40c3","first_seen":"2026-03-23T14:44:34.625538Z","last_seen":"2026-06-18T16:01:02.238936Z","times_seen":10,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://webapi.usdsavings.cc/ws/353b1f92-4b8b-49a9-a15f-76b5c259afb2","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.437Z","timestamp":1781798365437,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"GET /ws/353b1f92-4b8b-49a9-a15f-76b5c259afb2 HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://h5.usdsavings.cc\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: E+yGqF28+nzF8CT1mlXrSA==\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Thu, 18 Jun 2026 15:59:27 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://h5.usdsavings.cc\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: FC4aCchBcjj98sZIbyQV58KoAng=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":446,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":3101,"timings":{"blocked":-1,"dns":1034,"connect":1374,"send":0,"wait":350,"receive":0,"ssl":343},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/common/getAllSetting","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.544Z","timestamp":1781798367544,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232058A020.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.596Z","timestamp":1781798367596,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232058A020.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:20:58 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1632,"timings":{"blocked":-1,"dns":25,"connect":272,"send":0,"wait":1059,"receive":0,"ssl":274},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232501A036.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.614Z","timestamp":1781798367614,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232501A036.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:01 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1606,"timings":{"blocked":545,"dns":0,"connect":0,"send":0,"wait":1061,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232540A040.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.616Z","timestamp":1781798367616,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232540A040.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:40 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.543Z","timestamp":1781798367543,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232447A035.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.612Z","timestamp":1781798367612,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232447A035.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:24:47 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1606,"timings":{"blocked":545,"dns":0,"connect":0,"send":0,"wait":1061,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/platform/dev/logo_144.png?2.0.1779363259132","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:26.516Z","timestamp":1781798366516,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1779363259132 HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:26 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65424d1a-1d4e\"\r\nexpires: Sat, 18 Jul 2026 15:59:26 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7502,"size_decoded":7970,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"9c0d9e947d60a07c169d8c90306a5fa7","sha1":"5428cee132fd7f06e7dbae13b64c4ebd32542386","sha256":"7c49d4679d1750629e1564b480822d2dcb34cc72574532bcfa04aad06ce9bab9","sha512":"45cadfe8e926792efebbc0296a05233ac10263f2622a53626fc61fe9e9aac973012f68b1947b954e600e960a4c3de09c83b679a096380861fdf191b302d87a87","ssdeep":"192:LmXHUqh9CnouZrocMqFhlKS9uY/53Ojwwlmmc:LmXHHhuouZrnF9d/5+lmmc","tlshash":"0bf18db39df5a52f833c64bf0646d1930fcca3aa2634ad5d2d23a80f95564d90393c86","first_seen":"2026-03-16T14:41:33.321679Z","last_seen":"2026-06-18T16:17:49.293899Z","times_seen":676,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/en-8b16e2f0.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:26.741Z","timestamp":1781798366741,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/en-8b16e2f0.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:26 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-9e71\"\r\nexpires: Fri, 19 Jun 2026 03:59:26 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40561,"size_decoded":12822,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (40538)","md5":"6f80df1ea1a43bb991dc303cdd8676ac","sha1":"d638fa1f759a72d3b6e09e981842e787fa26a15a","sha256":"c3b66c76bad108c28a920fa20941ae08ebbfe88425498e53b21793ad450827e4","sha512":"c8acfa817af8565eb141d217281b54a626536d9114c0198c79c095aa97e26fc01983059bdf031f054d81fa8503412d7ef10f309729e9c082cd74a8b34f7f7432","ssdeep":"768:+GtZcEw/o7rEj1iihnAMRor2aAM1soP6+6sPR9hmwL6fpk7aA1h:iponEjhjorT1sLsP751h","tlshash":"7a03d6893d1a889a04f35376b4ce6e2120f60ac18255881f4fedc9fd93d2b676363734","first_seen":"2026-06-18T16:01:02.240017Z","last_seen":"2026-06-18T16:01:02.240017Z","times_seen":1,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/fonts/Arial.ttf","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.264Z","timestamp":1781798365264,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://h5.usdsavings.cc/assets/index-5fa93963.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\netag: \"65424d1a-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1047012,"size_decoded":1047469,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-25T17:45:58.602161Z","times_seen":1955,"resource_available":false,"data":null}},"time_used":1024,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":683,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/filters-54c0dafd.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.425Z","timestamp":1781798365425,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/filters-54c0dafd.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-c06\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3078,"size_decoded":1623,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3077)","md5":"084d8354d55a28e6e530bf6c8a2188b0","sha1":"ae4b4f428f880c03c457ee88b821ebe886203aef","sha256":"b1c08dd4d00f4909cc48fc7ac555ae8155dff7e086f782f9675c27c0d7af95ec","sha512":"9c9f2467639bded89ef95acae286cf6594d4c30b439eb555c4c526c2c16103f37f00672dddd0ff43e9376531ee90efb87f6514d8979f6e1cae286ae006f94a45","ssdeep":"","tlshash":"ce5145fdfcd3a13356e96df944288414728ebe20686e0a4df55bd0426933888d07f764","first_seen":"2026-06-18T16:01:02.241657Z","last_seen":"2026-06-18T16:01:02.241657Z","times_seen":1,"resource_available":true,"data":null}},"time_used":864,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-7fae5331.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.432Z","timestamp":1781798365432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-7fae5331.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-42ea\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17130,"size_decoded":3943,"mime_type":"text/css","magic":"ASCII text, with very long lines (17129)","md5":"111306b1513fb73ac0d207a548c4500c","sha1":"b708794011099c4ce8f9d44044c45d6ac05b5499","sha256":"7fae533188fcef871202247ef596417fd5ab33ee2ba966a1f31833d83dedaa10","sha512":"9a9e0250bc8f5bd66559d4a0058aeb0154d2c3b2724b3c84e478c3603e4b1f6567b76d6ef1554c871670135c634cf5b3ff325aaa4942d2cc7090d2d99b6cdb59","ssdeep":"384:L1FVVG0aeYZZp+TnjsCmOqSV5eKch2g3ye5ncqocJnNS5:5LUQ","tlshash":"65728528f680123dec33e1d6bed889cce15dfa22e2439ad8fa5766211dc72d71631199","first_seen":"2026-06-18T16:01:02.242514Z","last_seen":"2026-06-18T16:01:02.242514Z","times_seen":1,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":858,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/doge.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.151.5","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.514Z","timestamp":1781798367514,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-northeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"46:67:AE:AC:E3:C2:0D:C4:55:CA:3F:CB:B1:64:48:00:87:D7:E6:91","sha256":"18:7F:98:1B:96:0A:EE:5D:A8:54:AC:EE:61:CD:E2:1A:42:79:57:6C:BB:97:D4:54:5F:AD:91:87:86:84:69:D8"}}},"request":{"raw":"GET /currency_icon/doge.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: EOFnFbAspIJHLrX6AvkRzvQ3Nm8RqrwbdlYlXe1PkNyCFE5PTUSJ7bj4L/IHP7SxjcM5aah3r4c=\r\nx-amz-request-id: ZXR5EKM1GP6GB0BC\r\nDate: Thu, 18 Jun 2026 15:59:51 GMT\r\nLast-Modified: Thu, 14 Nov 2024 02:02:53 GMT\r\nETag: \"85a9905c5ded19678ea5c2a0e3eb5b92\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/svg+xml\r\nContent-Length: 95699\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":95699,"size_decoded":96099,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"85a9905c5ded19678ea5c2a0e3eb5b92","sha1":"758fd685e61ce28ddab9bcebfc60f62f1f2c150f","sha256":"83785fe3ab9c29b35a4884d93864038593ac03e6f605a5cb6bf9f7567e338abb","sha512":"a88cb74309d3fca02ce1fc32c81f0d78c387a4936c0f2924c603037201d14b26a5fa715723f40d01868d2a41361e26e2a2abb315e32332970ce15a186d8043dd","ssdeep":"1536:LEpYE8EXjfWGPQcIhSWQnGQBMDPla2zoW1:f","tlshash":"da9394d5b7e5e2e8f005e3fc872a98f53a632cfa3922c95893e52c15e95102d489dcd3","first_seen":"2024-12-15T14:02:10.456974Z","last_seen":"2026-06-23T21:41:05.764276Z","times_seen":321,"resource_available":false,"data":null}},"time_used":23429,"timings":{"blocked":21085,"dns":0,"connect":1283,"send":0,"wait":279,"receive":518,"ssl":264},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/notice/list?key=POP_UPS_NOTICE\u0026modelKey=POP_UPS_NOTICE","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.540Z","timestamp":1781798367540,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/notice/list?key=POP_UPS_NOTICE\u0026modelKey=POP_UPS_NOTICE HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232225A025.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.600Z","timestamp":1781798367600,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232225A025.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:22:25 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1628,"timings":{"blocked":-1,"dns":22,"connect":276,"send":0,"wait":1049,"receive":0,"ssl":280},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/charting_library/charting_library.min.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:23.500Z","timestamp":1781798363500,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65424d1a-2a6b\"\r\nexpires: Fri, 19 Jun 2026 03:59:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10859,"size_decoded":3705,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-25T17:45:58.613328Z","times_seen":1070,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/common/getCoinList","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.405Z","timestamp":1781798365405,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:26 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":659,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":1011,"timings":{"blocked":-1,"dns":23,"connect":357,"send":0,"wait":270,"receive":0,"ssl":361},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/matic.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.512Z","timestamp":1781798367512,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /currency_icon/matic.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/sol.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.151.5","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.513Z","timestamp":1781798367513,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-northeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"46:67:AE:AC:E3:C2:0D:C4:55:CA:3F:CB:B1:64:48:00:87:D7:E6:91","sha256":"18:7F:98:1B:96:0A:EE:5D:A8:54:AC:EE:61:CD:E2:1A:42:79:57:6C:BB:97:D4:54:5F:AD:91:87:86:84:69:D8"}}},"request":{"raw":"GET /currency_icon/sol.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: prrCgbkuuLcaA9nkTfn6g8dYlmkN/s7+yF8awlABFt9jSWVB0PV8KT4ccV5EygZ5jASYOm7btPw=\r\nx-amz-request-id: ZXRF653XKX1HBQZK\r\nDate: Thu, 18 Jun 2026 15:59:51 GMT\r\nLast-Modified: Mon, 13 Nov 2023 03:50:00 GMT\r\nETag: \"ee89bcfca63b88fd463f28fb7edbadee\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/svg+xml\r\nContent-Length: 1901\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1901,"size_decoded":2300,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee89bcfca63b88fd463f28fb7edbadee","sha1":"e519959e2a57b505820d4dba95aa6d99d3113c41","sha256":"4d4cedd0f67d386a8dda8333c82b599994f110887ee16fd38862d8c04ba6061d","sha512":"273f82fd285071a515fa9cdb0d7fb2a4cec70e73b93c26d803cb46cd819d459dc0a7addd61001eff57dbcf51d4a2081544aa43ec43ee3cf31d5ab07b6f8a1991","ssdeep":"","tlshash":"0a41e1aaf0e9f535f30487e9ca85446108ab42e3a541c261c3d1ff0ff8180d61d9daea","first_seen":"2024-04-18T22:13:30Z","last_seen":"2026-06-18T16:01:02.244614Z","times_seen":146,"resource_available":false,"data":null}},"time_used":22919,"timings":{"blocked":21080,"dns":1,"connect":1285,"send":0,"wait":287,"receive":0,"ssl":265},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232511A037.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.601Z","timestamp":1781798367601,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232511A037.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:11 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1627,"timings":{"blocked":-1,"dns":21,"connect":269,"send":0,"wait":1058,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232135A021.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.604Z","timestamp":1781798367604,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232135A021.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:21:35 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232203A023.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.604Z","timestamp":1781798367604,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232203A023.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:22:03 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232241A026.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.605Z","timestamp":1781798367605,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232241A026.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:22:41 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-62a2ab30.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.418Z","timestamp":1781798365418,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-62a2ab30.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 772\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\netag: \"6a0eedbb-304\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":772,"size_decoded":1291,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (771)","md5":"2d141314cf3091a6812fcebc33a60bf2","sha1":"46bbfeedeaec86d22e326af7d2f25a1f5e26e24a","sha256":"6b77af6d5759119db4d573afea7dd8c31c14dbb8b9ab7456d374425fa05d04ea","sha512":"a036c2e0424c6542887853c62a56503d70fc8076cd2c0abd751f7c477761f3224120112d886f809a895de6cb837d381fb598eebd3ca821c2966f4960b5218f68","ssdeep":"","tlshash":"6601fdf8fc08cebb1f62064001a13501140a1fedfa1409f1a8877ea61be4940d7de32d","first_seen":"2026-06-18T16:01:02.245164Z","last_seen":"2026-06-18T16:01:02.245164Z","times_seen":1,"resource_available":true,"data":null}},"time_used":871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":871,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/platform/dev/favicon.ico?2.0.1779363259132","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:26.517Z","timestamp":1781798366517,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1779363259132 HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:26 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Thu, 26 Feb 2026 05:10:28 GMT\r\netag: \"699fd5c4-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":4727,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"840fe9e5473bbf99f9ba115ac325f469","sha1":"7473c8432a1a4d97357f496c70084e16aa6c079d","sha256":"3213aded5cc005f571cdaf1feb62220c2e9b1dd278250de9037ceeb3cf38ac3c","sha512":"cb3da835aaf6b4569b5664e48bd89c8ba9b572511b5c553fcc6a366c9e7b3e1f5349381c448a26233d731fc95f7e4835a3a6acdb0a741e956428e9545a7d4225","ssdeep":"24:suvacltiZI+qkxUEzvQ5l3Bv0DDUzqYZOKu:JaSGUEgsDUzqYZNu","tlshash":"16913f8f734450cde8e4ba78538bcb3139f87de762602d4b3cb33528ea72006ae25441","first_seen":"2026-06-18T16:01:02.246052Z","last_seen":"2026-06-18T16:01:02.246052Z","times_seen":1,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/images/light/bg.png","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.150Z","timestamp":1781798367150,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/images/light/bg.png HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://h5.usdsavings.cc/assets/index-7fae5331.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 29 Jul 2025 19:16:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68891e20-2a8d4\"\r\nexpires: Sat, 18 Jul 2026 15:59:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":174292,"size_decoded":173191,"mime_type":"image/png","magic":"PNG image data, 1125 x 319, 8-bit/color RGBA, non-interlaced","md5":"30356cc21e6821f9a6098e53e62477f7","sha1":"91b14deb154312d6e0802c1d1ea43bb776391d76","sha256":"ed1a5cd6439a19192ec41188c74ccd27134207aa886d0bc4fc2c177d3d3b15d2","sha512":"7effc74d2a979519e13171231b1c9d5fa2655d097a380b9f6a988002e9ad5305cdbf6e94710165d37e0d7994f7c1ef35b730142aef8802de17b936f2c16e00e1","ssdeep":"3072:NU1ozwOcZbJuOakfFWJsPxHPynIYgYN/j0a/5fSBl/+s/5OlycH:NeZb3akk+ZHPUIYNxFxfAGsxYZH","tlshash":"32041217460a554bccafc6b5ee89efe00ccc7628b8a3dd3e9120dc89592d31f7a256c5","first_seen":"2026-03-23T14:44:34.559955Z","last_seen":"2026-06-18T16:01:02.246958Z","times_seen":12,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/btc.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.504Z","timestamp":1781798367504,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /currency_icon/btc.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/xrp.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.505Z","timestamp":1781798367505,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /currency_icon/xrp.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232302A027.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.607Z","timestamp":1781798367607,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232302A027.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:23:02 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1606,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":1064,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-a9c50dbf.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.394Z","timestamp":1781798365394,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-a9c50dbf.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-3bf8\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15352,"size_decoded":5000,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (15343)","md5":"fb653091bb12436bcd48ed50cc06f7a8","sha1":"dbca14021f5e3109c4c1a66b1a6657fccc569d79","sha256":"3c6fd39a46013a50b547a58c779ab245d5b08ad011543fa958905d8e23779800","sha512":"54c092988c2f01e811f85c2b3adfbae9b0735f6c19e5147565a3895d5c91f9bd6e75bdc063e612a6459cf431eb581da0d464ccd32087ac8c67e3f942107f5cba","ssdeep":"384:D8u+ljDPHTr4/JHO78qGi3P25SFtfRfirdA0OylwadCkx/Xx7r9MsCrI:D8Z4YrpbtfRfCKBqL7r9MsCk","tlshash":"c562d655bc45973ce6b3a421509d0410b15d3fdb500c8ca2b4bead9627ebff8b749a38","first_seen":"2026-06-18T16:01:02.24753Z","last_seen":"2026-06-18T16:01:02.24753Z","times_seen":1,"resource_available":true,"data":null}},"time_used":894,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":894,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-be026aab.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.397Z","timestamp":1781798365397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-be026aab.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 513\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\netag: \"6a0eedbb-201\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":513,"size_decoded":1032,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (512)","md5":"450591f5e7b230b964d42cf062838529","sha1":"a4896d7a266c3690754821bce78d80f25a4bf234","sha256":"7a850cc6497f25c74e640b728dc2757b7ba815637b34e42cd0433152a5574151","sha512":"07b9d6e79ce9fa365451e60f51de7cff29f0ea4c23433b0dfaad8e8d7c4ae1f29cdb20bb1472938e3112f67b60fbef4e44b2e1be5ffe4ed656c076fc11f61833","ssdeep":"","tlshash":"2bf0051f6c7a91b31ba3c4fcf2131811660c1f517325c5e4e1470f114b388d7d24e624","first_seen":"2026-06-18T16:01:02.248795Z","last_seen":"2026-06-18T16:01:02.248795Z","times_seen":1,"resource_available":true,"data":null}},"time_used":891,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":891,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-bc011be9.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.420Z","timestamp":1781798365420,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 397\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\netag: \"6a0eedbb-18d\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":397,"size_decoded":902,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-25T16:53:35.085372Z","times_seen":1311,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":868,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/bnb.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.510Z","timestamp":1781798367510,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /currency_icon/bnb.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/platform/dev/logo.png?2.0.1779363259132","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.547Z","timestamp":1781798367547,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /platform/dev/logo.png?2.0.1779363259132 HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 26 Feb 2026 05:12:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699fd62a-756\"\r\nexpires: Sat, 18 Jul 2026 15:59:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1878,"size_decoded":2415,"mime_type":"image/png","magic":"PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced","md5":"f190cae3f08ff356e0c2724cb6cefeb0","sha1":"4445d4d5150a714185a3e48ca21b6c94c10ab665","sha256":"fb47fa6ee6aa86a6099f7827fdc8de33fe1ac20ed04caf64e81f50d8011a24d6","sha512":"302f3ac78288409b001e1489c1ec5d0cdae2c67e840130a7b40085f1278543795c4a712777386051da10f37aeec20e7a671e9e66cf239d4461e2060f60643ed9","ssdeep":"","tlshash":"70412dd537c33ac490156408f52c1b4df2f739ebe09ca28f0590cd11368a456411afac","first_seen":"2026-06-18T16:01:02.250221Z","last_seen":"2026-06-18T16:01:02.250221Z","times_seen":1,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232045A019.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.581Z","timestamp":1781798367581,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232045A019.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:20:45 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":39,"connect":266,"send":0,"wait":269,"receive":0,"ssl":274},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232437A034.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.611Z","timestamp":1781798367611,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232437A034.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:24:37 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":544,"dns":0,"connect":0,"send":0,"wait":1061,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-7e522df0.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:23.502Z","timestamp":1781798363502,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-7e522df0.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-17322\"\r\nexpires: Fri, 19 Jun 2026 03:59:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95010,"size_decoded":26582,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"e23fdd34e773a2070c47c6d66f713fe1","sha1":"9035eca92419d6074792ac3d640d26829ea02b17","sha256":"b5cf7c4613d6b1e7938b2bd5a39b1a8ad5af1bd3b91f270dd9a5ea75c5571e18","sha512":"05562b9f4b9ba4b0c3588128e2a19f6783415cddb73c71657ee1218f1392d09cdd3866609ee3bd451d6fcec30dbcb0f766729dab7f913c8163b1322e2f223d7b","ssdeep":"1536:06Zxyxxxtvw9BSth2CkhwEdamjFR88XQbp/BWYBzZI:04wv3WSth2CyamjFR88XQ/B9I","tlshash":"76935c49a8070fff68fe0448795b1840116d1f9799cdc8d3b7baae9a27f9ce1624d324","first_seen":"2026-06-18T16:01:02.251666Z","last_seen":"2026-06-18T16:01:02.251666Z","times_seen":1,"resource_available":true,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-3dd01f9a.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.423Z","timestamp":1781798365423,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-3dd01f9a.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-1230\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4656,"size_decoded":1637,"mime_type":"text/css","magic":"ASCII text, with very long lines (4655)","md5":"16f672406beb4924c1e88cd51b5b2094","sha1":"3c5dc4bda0ba2829567e89e4ca6cf03ef66a1143","sha256":"3dd01f9ad09d4a49306b111ff1fc6702ab76e007768c1701703ce9d45f58a5c5","sha512":"810c8610c5ea1ff9898a18a139c228689de24442c026021c4263f6a6c52b03bc3cac51960e51f6f21ec3a574654a11f78cd89e88c33211a3372159e71e364e1b","ssdeep":"48:DUBElfMEX2JNOFfmod66DxIdXuCAfOFfuP7M9oYUOFfqVnFfWWGmplZTo6kQaQ2l:H1FXuswi+Xldkj12fyQ9/","tlshash":"4da1fe18f6490038ad33c38b7e558a09a274bb72f0979ed8ba6721594d9f1db2373253","first_seen":"2026-03-23T14:44:34.55172Z","last_seen":"2026-06-18T16:01:02.252669Z","times_seen":7,"resource_available":false,"data":null}},"time_used":866,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":866,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3-symbol-logo.tradingview.com/crypto/XTVCLEVER--big.svg?2.0.1779363259132","fqdn":"s3-symbol-logo.tradingview.com","domain":"tradingview.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.534Z","timestamp":1781798367534,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tradingview.com","organization":""},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 21 Oct 2025 00:00:00 GMT","end":"Tue, 17 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C4:FE:64:00:30:2A:CD:16:30:95:7E:E1:70:D1:31:3A:D6:33:3A:CC","sha256":"87:D2:67:7D:3E:02:F0:3B:58:BD:38:17:DA:FE:73:C0:CA:25:F9:58:CC:11:14:E0:3A:6E:C3:58:84:9E:BF:52"}}},"request":{"raw":"GET /crypto/XTVCLEVER--big.svg?2.0.1779363259132 HTTP/1.1\r\nHost: s3-symbol-logo.tradingview.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: image/svg+xml\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 1827952\r\ncdn-requestcountrycode: NO\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 30\r\ncache-control: max-age=2592000,s-maxage=3600\r\ncontent-encoding: zstd\r\netag: \"129927b0095957fab8d950552b559a42\"\r\nlast-modified: Tue, 22 Nov 2022 13:38:18 GMT\r\nx-amz-id-2: V2aOdPneoPQ0ehiW5RQVd3Aw5Drqx+78ugctwe+oqlSIqWqeG2PraJxLHGMpwq5IAHWQ/WMXjXjBQ+RhXm0EfZafxwPJ+8RB\r\nx-amz-request-id: 686P4PNDCZV6A3DG\r\nx-amz-meta-hash: 129927b0095957fab8d950552b559a42\r\nx-amz-version-id: null\r\ncdn-proxyver: 1.57\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 830\r\ncdn-cachedat: 06/18/2026 15:59:27\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: c1f6cf4f5414e87c8b89dd6630094269\r\ncdn-cache: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":380,"size_decoded":1152,"mime_type":"image/svg+xml","magic":"exported SGML document, ASCII text, with very long lines (380), with no line terminators","md5":"129927b0095957fab8d950552b559a42","sha1":"e5f6114046afef5cff9751c52f8d95b7a6edfb86","sha256":"3140c3a1092155d0d6aebb3a0684d4dfd15e19b4bea27a059ab3a6f5731f5362","sha512":"b5924f446d3ef3b7d4f992dba4d9c2301122027d21dca301754dfcf24ea162cb8dfd4d51b0fcb1ba8cbd9f34f7cdca70ef6ae95074bf0c8e693ca03766f2a806","ssdeep":"","tlshash":"2ce068caba4c035c2c0283b04ffc326311bf60cdd698038c758062a9724d7dfaca0e94","first_seen":"2026-03-23T14:44:34.53234Z","last_seen":"2026-06-18T16:01:02.253262Z","times_seen":9,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":19,"connect":14,"send":0,"wait":147,"receive":-1,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232557A042.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.619Z","timestamp":1781798367619,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232557A042.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:57 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428231940A017.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.594Z","timestamp":1781798367594,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428231940A017.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:19:40 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1634,"timings":{"blocked":-1,"dns":27,"connect":344,"send":0,"wait":913,"receive":0,"ssl":349},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-18T15:59:21.740Z","timestamp":1781798361740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-1669\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5737,"size_decoded":2390,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1173), with CRLF, LF line terminators","md5":"8ec0c6b25baf2fec938ae14d5a9eab09","sha1":"8a6007558757d2988bd4753ceaf3b5995207c333","sha256":"a4b93b9d94d9ff32ac6b9e8e819aaf1de59afe617035c33c19174a5f1424700d","sha512":"badcb8d92fb613090e3f55930f1d4c803620e0eb4b1407237a1d4aa3fb2260f88169922d0e4a1b3e8c7fed17220c75c8718315bdeb20cb4a9fefb56acdb5b902","ssdeep":"96:+r82ObBxizsmf53uSPEWsbbBxU2WsEsSt/sKsHr6TCZydHRH/g4F2mUsGKAiowGb:+FMBx09PELBxSuZCxf52nfD3bwuB1nis","tlshash":"cfc151b359a0d81a23a1522bebd7f018df21515395195d54b8cc80ea8fa2fd288db736","first_seen":"2026-06-18T16:01:02.254136Z","last_seen":"2026-06-18T16:01:02.254136Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1474,"timings":{"blocked":-1,"dns":106,"connect":340,"send":0,"wait":341,"receive":0,"ssl":686},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/fonts/DINOT-Medium.otf","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.167Z","timestamp":1781798367167,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://h5.usdsavings.cc/assets/index-5fa93963.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\netag: \"65424d1a-11d88\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73096,"size_decoded":73551,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-25T17:45:58.646047Z","times_seen":1545,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":341,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/resource/images/light/avatar.png","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.475Z","timestamp":1781798367475,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /resource/images/light/avatar.png HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 22 Feb 2026 10:06:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"699ad512-22ce\"\r\nexpires: Sat, 18 Jul 2026 15:59:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8910,"size_decoded":9416,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit colormap, non-interlaced","md5":"ce1a2d47601842de82bbabee8ccf6491","sha1":"87ebe0e98b0398a2d114fa062dbdf4e467a6d9ed","sha256":"322c1360671579187b47acd9e687207ae318a07d274f01bb28a3c24b6a1bf56c","sha512":"647cb2c505086d206af692ff753d50265d1b7a084dbd1d55d8f6f564247773ba14713bb169648f33226a1340d80b6a92b2eca219a4f93bc3e0c1b722b2ea3665","ssdeep":"192:YyzLbVvcTHknJrTMFkfI/3YYxHJ1Dt5uSn4+2D5i/xnlTcSUJal90hgZ8:YyzLtcTyxMJvtfDtxnP2EplEfhT","tlshash":"4b02cfe37e8a964eccd23894bf427798a9c531257fc1f217280e56b6dede83e1c42190","first_seen":"2025-09-14T16:18:45.715204Z","last_seen":"2026-06-18T16:15:09.92731Z","times_seen":22,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/29/pic_20260429172416A011.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.603Z","timestamp":1781798367603,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/29/pic_20260429172416A011.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 29 Apr 2026 09:24:16 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232149A022.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.615Z","timestamp":1781798367615,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232149A022.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:21:49 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232547A041.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.618Z","timestamp":1781798367618,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232547A041.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:25:47 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1605,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:28.098Z","timestamp":1781798368098,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-5fa93963.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:23.509Z","timestamp":1781798363509,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-5fa93963.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-4ac8a\"\r\nexpires: Fri, 19 Jun 2026 03:59:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306314,"size_decoded":66678,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"2a59a1bf8ba3ab809afe1a7e5efd8304","sha1":"64e15dee052ca14de8661697acb5223dde314a08","sha256":"5fa93963034d99a15275bb3227ea2b1fef8cf5205deb29b0626316af61ded182","sha512":"fe8ba0961436c9dbb4b64553df6808436841cbd1cce8107e7d454d78c0a8d7acf4c9c9c7222c23a63c34dab1a9c5b2366901ac4b607543434efd4715d8168efc","ssdeep":"6144:nIvxsal1W9EkZ8w71ZACkFDS3vyf58rBeV05Tb:Iv1C9dZ8w71ZACkFDS3vyf58rBeV05Tb","tlshash":"cc54d6a9a590117c6f27aa7597ce5ad8f23ce6719c018de8f20160094fc3ffa2367617","first_seen":"2026-06-18T16:01:02.256273Z","last_seen":"2026-06-18T16:01:02.256273Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1017,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1017,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-d253bac1.css","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.399Z","timestamp":1781798365399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-d253bac1.css HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 61\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\netag: \"6a0eedbb-3d\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61,"size_decoded":564,"mime_type":"text/css","magic":"ASCII text","md5":"c88360cef8df86c995e562333879873a","sha1":"8674b487cf92f20149c0ef681b42a599469813bf","sha256":"d253bac175b5b52734c192e96d18c8b26b0c92b881584f63b7de91bff96c6149","sha512":"eeeb5ec01fe8c7d483182fc60a2b54ee1d02994718fd9b23a6182f49ead49d889889f21592b2955bcac8cc859023204782db3210d3a0c706a3e4677564db3636","ssdeep":"","tlshash":"f6a0026d11156404b2225341ff5ff95dce686917da91820453421c9135cbe8f25d821b","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-06-25T17:45:58.604262Z","times_seen":330,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/ltc.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.507Z","timestamp":1781798367507,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /currency_icon/ltc.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"huobicfg.s3.amazonaws.com/currency_icon/trx.png?2.0.1779363259132","fqdn":"huobicfg.s3.amazonaws.com","domain":"huobicfg.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.151.5","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.515Z","timestamp":1781798367515,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_CHACHA20_POLY1305_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-northeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"46:67:AE:AC:E3:C2:0D:C4:55:CA:3F:CB:B1:64:48:00:87:D7:E6:91","sha256":"18:7F:98:1B:96:0A:EE:5D:A8:54:AC:EE:61:CD:E2:1A:42:79:57:6C:BB:97:D4:54:5F:AD:91:87:86:84:69:D8"}}},"request":{"raw":"GET /currency_icon/trx.png?2.0.1779363259132 HTTP/1.1\r\nHost: huobicfg.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: D+9W1bkgbJ+4r6A2zdNJbD1g1+XJxk4OhADPF4eeZ2I+k3TRvrKwc70zY8HYaBAnSBPgSN9QrPA=\r\nx-amz-request-id: ZXRERV6WGPVRACVR\r\nDate: Thu, 18 Jun 2026 15:59:51 GMT\r\nLast-Modified: Tue, 27 Jul 2021 10:16:15 GMT\r\nETag: \"6868416c3e73ea6862b7595bc18525e3\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/svg+xml\r\nContent-Length: 610\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":610,"size_decoded":970,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6868416c3e73ea6862b7595bc18525e3","sha1":"4c77ac014aecec29e584cb03972aaddd98c8738d","sha256":"e9c728057aad1b6bb1c591a6a462787ed05ab7371d71e1070abddbe84f6ac4f5","sha512":"7ac560e7c2c27a593f5a5924b79e8eedc5e5155779d61de17d24f9105129fd666a164ade4d25763af42c889378fc9f24653e711009b85c8936fabcffb75bf253","ssdeep":"","tlshash":"a0f0783e72e837747409d732737f88f239271f96f27a510822a51a04752261e144e9ce","first_seen":"2023-05-25T08:09:47Z","last_seen":"2026-06-18T16:04:29.428058Z","times_seen":591,"resource_available":false,"data":null}},"time_used":23214,"timings":{"blocked":22920,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.541Z","timestamp":1781798367541,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:27 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":669,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adminapi.usdsavings.cc/profile/upload/2026/04/28/pic_20260428232335A030.jpg?2.0.1779363259132","fqdn":"adminapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:27.608Z","timestamp":1781798367608,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adminapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:32:44 GMT","end":"Sat, 08 Aug 2026 11:32:43 GMT"},"fingerprint":{"sha1":"C2:5E:06:22:6B:79:0C:37:0C:4A:4E:44:E1:03:65:97:FC:A2:C8:DD","sha256":"69:A4:61:4C:AB:36:39:B7:EE:A5:B7:2C:B4:BC:81:B9:2E:58:BF:C9:E1:23:D5:0D:56:87:73:CA:EF:5A:90:E8"}}},"request":{"raw":"GET /profile/upload/2026/04/28/pic_20260428232335A030.jpg?2.0.1779363259132 HTTP/1.1\r\nHost: adminapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:28 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Tue, 28 Apr 2026 15:23:35 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5024,"size_decoded":5285,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5b98ccd3c099a10d479694e32358a","sha1":"bfdca465fab90a2c1bd320aa45a983898ec6004f","sha256":"7b4d037ed4567ac27e250734a3021981c656392d0e4c7da26ee4bea06307391e","sha512":"f26ba8a4d61809a4f57ad92db10572b63ba39d1edea0f203ce98319a786b234c9f1ba292ab4b9864cd40301c199d15c163dd533da2e9ece2327c51875f4ae630","ssdeep":"96:96l8U3cFAb2gZ6oS9fEnIgDSaOT9LRnTalTWX/wZYUmVZayL+Fnv:9jmcWygeeAUlTDSUmVlav","tlshash":"faa17d72936703cff89043b5de604e20e7fc7e41baa3382a42d455966f6c980c91c296","first_seen":"2026-06-18T16:01:02.234539Z","last_seen":"2026-06-18T16:01:02.234539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1607,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":1065,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/index-8e8b1e36.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.403Z","timestamp":1781798365403,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/index-8e8b1e36.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-121f\"\r\nexpires: Fri, 19 Jun 2026 03:59:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4639,"size_decoded":2628,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4636)","md5":"fcac2fc8dd15a1b02e5aeb6d7765fb52","sha1":"40d27e6ffc3dd06ad8b3e69a0c76996fc447cfc2","sha256":"376ee70388701d623071f9a15b6061a3d444546110f1db08e90c8d8021e2dc80","sha512":"80dfc770f4cc273dc76b46f5dad3150e1d6c48424680ee8390fcc2214ba27195a4ef9c63f74e399f81ee67b8d1f5f00244d75bce2bbd0f9972ec6654423c2996","ssdeep":"96:vZY5OPNLuw9ivYsd9iqCwW8+mh+Yw+GvnU0AjtBmt3hr2r33YeXqAumtrj9:vZY8PNLuw92YsiqCwphlw+anQZg1hrEN","tlshash":"7da1a58db80285baaa7b144188580420615c3bfea26c44f6f7bdad0e37b5eb9d394320","first_seen":"2026-06-18T16:01:02.259141Z","last_seen":"2026-06-18T16:01:02.259141Z","times_seen":1,"resource_available":true,"data":null}},"time_used":886,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":886,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.usdsavings.cc/api/common/getAllSetting","fqdn":"webapi.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:25.389Z","timestamp":1781798365389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 11:33:57 GMT","end":"Sat, 08 Aug 2026 11:33:56 GMT"},"fingerprint":{"sha1":"5D:C4:59:D9:3B:8B:97:4D:A2:28:E5:02:41:E5:BB:62:58:B5:18:13","sha256":"D7:91:82:81:29:3F:05:75:FB:04:D0:68:42:70:23:C6:39:57:BC:6E:26:77:BE:B6:A4:82:FB:9D:CD:97:5B:25"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://h5.usdsavings.cc\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:26 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://h5.usdsavings.cc\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":659,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-26T22:34:26.70747Z","times_seen":16744520,"resource_available":true,"data":null}},"time_used":853,"timings":{"blocked":-1,"dns":39,"connect":272,"send":0,"wait":267,"receive":0,"ssl":275},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"h5.usdsavings.cc/assets/vendor-ceb1fff5.js","fqdn":"h5.usdsavings.cc","domain":"usdsavings.cc","tld":"cc"},"ip":{"addr":"43.133.158.36","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Indonesia","country_code":"ID"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://h5.usdsavings.cc/","date":"2026-06-18T15:59:23.505Z","timestamp":1781798363505,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"h5.usdsavings.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 10 May 2026 13:08:36 GMT","end":"Sat, 08 Aug 2026 13:08:35 GMT"},"fingerprint":{"sha1":"5C:3F:4D:62:D5:1F:38:56:C4:C7:EC:17:A1:D3:6E:52:58:F1:8B:E5","sha256":"2C:05:34:A9:51:00:F5:3B:D2:8A:6C:79:D1:81:50:49:CC:E7:CB:58:4E:88:45:FE:97:54:12:3C:6B:78:9A:25"}}},"request":{"raw":"GET /assets/vendor-ceb1fff5.js HTTP/1.1\r\nHost: h5.usdsavings.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 18 Jun 2026 15:59:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 May 2026 11:34:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a0eedbb-737f4\"\r\nexpires: Fri, 19 Jun 2026 03:59:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473076,"size_decoded":169450,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1edb6c86ee6643c435d42c0469cd139e","sha1":"2c505b94413aaafee5997c7a6293403c9ca6d90e","sha256":"36768950a65fc84191fa89dce211dd5c10264f50bfac901d5622e9f410ffc2cb","sha512":"5acb88ea9cb5696631d4d0e937f9159a2a9016b702a0c86428c776930f7e5b1e25c6486572302fe3c1f7a8ead66ac6022350fd9002d39a1ee45b4f79a8d84b8c","ssdeep":"12288:vk5AwysSETldvsOQ2Xv9DD5799fSZQjQqczu+ru5X:vkCwysSmwOf/95799AQMqydrI","tlshash":"d7a418d931d2f02153bb24e6407b0006f33e5e59780ec5a4f169e8da3d7a99992b7f2c","first_seen":"2026-06-18T16:01:02.261372Z","last_seen":"2026-06-18T16:01:02.261372Z","times_seen":1,"resource_available":true,"data":null}},"time_used":681,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":681,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}