{"report_id":"d2c10425-4005-4f33-9c4a-396b425d9f98","version":6,"status":"done","tags":[],"date":"2026-02-11T04:20:27Z","url":{"schema":"https","addr":"usdt.xgc5188.com/","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":0,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"usdt.xgc5188.com/index/index/sell.html","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"title":"自助出售USDT","dom":{"size":12558,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (691)","md5":"ae58373251568513d6ff7cf2e0d84fa9","sha1":"d4fa059816f12c0c4ebae0bd9ca0268846b218d0","sha256":"0fefbc8df95efec1ecd9fc7f881c77e8604470b4dd01a10f1ae7c82e3fe41224","sha512":"7c8201cf1fd33ebe29274e0a36bc56d73a73737efdc40bf4cf00ce805b05df55b9055d3299786d067064b07bf36f59c089ed238f5e89511bc998a09d871be043","ssdeep":"192:xX1F2UOtFQ8ok50hPCXaaNKgS1NF/SIV4vKmXUyvhgJIhAl3LC/SIyG:xyUIr550m4hgyG","tlshash":"43426614b4f11817565370b09efedb1afed5a403cb088e04b96c3ad46f86e61d93bb94","dom_hash":"domhash75a9ac18b175cd3942cf3678d10bf7a5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"usdt.xgc5188.com/","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":0,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-18T04:20:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"usdt.xgc5188.com","ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-11T03:15:33.575451Z","last_seen":"2026-02-11T03:15:33.575451Z","alert_count":0,"request_count":11,"received_data":266991,"sent_data":5207,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"chat.xgc5188.com","ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-11T03:15:33.573625Z","last_seen":"2026-02-11T03:15:33.573625Z","alert_count":0,"request_count":4,"received_data":47491,"sent_data":1812,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/layer.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d4d12cdd633b95755ad71e87e5b1d76","sha1":"205e320f7dcbb5e8626f507882cfef5a48ae25a5","sha256":"3be4ad0f52084cf691a457666dbfdfbab2e8f65a892e5eca15e72f371bfde1fd","sha512":"12bb4f67c6745762eb6bb6813b3307cc9f2a8cf7c4dbddf4f0c96ac7fc75539ff7253a42eafe1be3b975888d91fcd441b4e7d206995cac756a88b72488f4b65a","ssdeep":"384:J19Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:J14iV3iaWtXIKiF13k8","tlshash":"1ea2b66a754034976323906ad11fba0b31f21d24d7078128f22aa4be1dbcd95a2b7f5f","size":22016,"data":"","first_seen":"2023-03-11T20:36:53Z","last_seen":"2026-06-07T21:39:06.962582Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/jquery.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1e6d976cb447e561b41cc4b1b3ca118","sha1":"4393bfc02b0db2796675a9fa529767caf642bf4a","sha256":"86936e8ed7d10001ec121d8e18ae60ca2e6b480534b2860ee622c5c0904f6a1c","sha512":"445aeccd2e4dd6b3dca5407243f3d8c833be737f4c6fae7ac6e7c21166d75b20908907d8cb3b2294ace08b96915a692ccbf18d977915e363e899e2ea98ee04b5","ssdeep":"1536:PgEn52ohICi4QoZygOH+/1foZxdnVuPDHQNB1E3VpTPAftM3D0Bs4Bs6BN6AMPik:PruMUSF0Mz0wqN6TPKWjZ/","tlshash":"79931addb6c5b06287a720ba40af510ff236599d680c4410f264d8f5bcbca49927bf7e","size":97623,"data":"","first_seen":"2023-03-12T06:10:06Z","last_seen":"2026-05-14T17:46:16.107988Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/upload.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6042559ef0b59a2b5ffff9ae61023f4c","sha1":"5332d9d0b00ef3946f94c281387ae67a4fbe30ea","sha256":"737b39c7ff47a17a3fadff7714204193a70b64cdd22ca70d94e49fce5cc42480","sha512":"c777d80cc894dd2c70dc14138e3d2bcee0532ccf4fdd975dd2afa168f1e4843d49b01fcaee77386527bebbf428e9fa81c90c0bab1cf88e48994387171b44f2d7","ssdeep":"96:R4jcpetehsuIZo6qF3CS4pMrqwj+EV+L+CgegZzlUx9ugRFS3MZYCX3/niEs9L16:RvuDocMrp+QrC2UTduc/3/nARo/","tlshash":"83e1b54dba19b82362b374f5018f460d25bf046e590ac288b193d4ca9ebed5d1163ff9","size":7441,"data":"","first_seen":"2026-02-11T03:15:37.767208Z","last_seen":"2026-02-11T04:20:28.387579Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/layui.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ecf0648fd24314cfa43d647ab0b03dc","sha1":"be7c5c17e379692723b459bf8a6f882b201b3c30","sha256":"7091b5d337c0403b986f28731020cf02f6418a9e86b83f7813f27fde13b8324d","sha512":"3ac55748de389d3ab2873564dedd522dc0600a0851aca0a4648df04527b723f6fa221d5b9fea34567d7d2f83a811be06501569ead13531801aa4a3f9191c90b2","ssdeep":"96:63aT4iKlGXo3xUW1U07aSEf1ERrUn8AIT7il3Ju8uqls/D01b3/JLuVvu2:4aTZXU9b7+N8DKl3g8uqS8z/h4W2","tlshash":"8df19688baf23462437b3065b2af801da67b44ad394c4190d1dad9e53c76cae4377f5c","size":7600,"data":"","first_seen":"2023-03-08T01:45:17Z","last_seen":"2026-06-07T21:39:06.951369Z","times_seen":475,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/index/index/sell.html","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"04dbd4bb32e3c66b30305a985aa87864","sha1":"fb1657e88fbbaa985aabbede60a3b32c5b7b2eac","sha256":"27a040e049ee40dddb42eb169e3d55e7c0b68ec5b1d72f74cf98e6d26ed9a357","sha512":"5751681b8c6e0ebb54be016b56a1abb9ef9265b1ec022f7dcb50fd28d34f1c038a4d6c1624be15eabf9a3b85e2e1668f2f0172430dde1fe87b84fd590fee79f0","ssdeep":"96:JpPPCXaaNKgS1NF/SIV4vKmXl+yd/11bgJ4fhAl3LC/S2:JhPCXaaNKgS1NF/SIV4vKmXUyvhgJIhX","tlshash":"71c1e00cf9f32946972335744abf8105b6baa4571618cf00bd0d3ac46f54f79e9bab88","size":6067,"data":"","first_seen":"2026-02-11T03:15:37.795353Z","last_seen":"2026-02-11T04:20:28.389431Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.xgc5188.com/assets/layer/ai_service_diy_2.js?v=1769337419","fqdn":"chat.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1fe9f5ed9b5b2613cd233b02fd7d900e","sha1":"45041a3fb649c0dd6ee37722a8559b786320b102","sha256":"05357f53f744109eb20bbeb678bc709ce63f5dd0f9e182766f2083a58063db2d","sha512":"ad50dc783e2da82d9a05a0d8e5f6efd206fcbee76c26dffb95d0623a987595f726dc49244e913f82071ab8d3096b92e54e76b9e4583304fe3f13f96e4471ce82","ssdeep":"96:oDe7Yi70OjzVF7+TMyOQE4/tscp6qymx47UKj:oD0Yi70ozVF7+gyk6rp6qymJKj","tlshash":"06b142b395664070187b207a567f5388f825a027c640ab25febc58b0dfb2e56453affc","size":5339,"data":"","first_seen":"2026-02-11T03:15:37.789555Z","last_seen":"2026-02-11T04:20:28.380037Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/form.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"505bd2f75f9b3d9b87ed1c8ef866ebfc","sha1":"89d34b00f0b0905068e40e70a388e3888b152803","sha256":"8563d8a926fb1a408afbb60447653bb3f4657fdbd6f36eb5304e6050478ff74e","sha512":"2a848bf0e481dae812d8de81877816b66ca6cb3781765869d81acbc64a3d18b43cdd2b4aa2f86a48c89db9404d21eace542d0eb19108a530198bce118c14e771","ssdeep":"192:R7J+EjWWSTmyANS4BlR6EoHv9w5iaHe160L:R7JhqmHBb6LP9yiaH65","tlshash":"8b12931c719135e2367b60a1401f981b60bf4635ab09c8947093e4f92ebec9492f3faf","size":9474,"data":"","first_seen":"2023-03-11T20:36:53Z","last_seen":"2026-05-14T17:46:16.112968Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/jquery.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/lay/modules/jquery.js HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Nov 2020 16:02:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd19c-17d57\"\r\nexpires: Wed, 11 Feb 2026 16:20:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97623,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"b1e6d976cb447e561b41cc4b1b3ca118","sha1":"4393bfc02b0db2796675a9fa529767caf642bf4a","sha256":"86936e8ed7d10001ec121d8e18ae60ca2e6b480534b2860ee622c5c0904f6a1c","sha512":"445aeccd2e4dd6b3dca5407243f3d8c833be737f4c6fae7ac6e7c21166d75b20908907d8cb3b2294ace08b96915a692ccbf18d977915e363e899e2ea98ee04b5","ssdeep":"1536:PgEn52ohICi4QoZygOH+/1foZxdnVuPDHQNB1E3VpTPAftM3D0Bs4Bs6BN6AMPik:PruMUSF0Mz0wqN6TPKWjZ/","tlshash":"79931addb6c5b06287a720ba40af510ff236599d680c4410f264d8f5bcbca49927bf7e","first_seen":"2023-03-12T06:10:06Z","last_seen":"2026-05-14T17:46:16.107988Z","times_seen":14,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/index/index/sell.html","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T04:20:06.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /index/index/sell.html HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11960,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"f73237f46c19ce57fafb117bfcb4cbcf","sha1":"98997d4ddfff686cdb3ae1d20c6d7cfe29e90aa7","sha256":"1c54243885a1685144eb988ba3eca6329a34c5e284da0fc5c38fb224bfff303f","sha512":"b310e74ca453f5aa38dde3a87e29b79f89edbba0a4faf919f2d38ec630ca3b95fbe1e4249e9689d97684a4626c545c596fe720a41979307a252071a89226b9ea","ssdeep":"96:BXm61lXVvW6Pg7vB3sbVU5QnY1GfvgouiG5XGbNyN2DX/vyqmUo:BXm61Xx2QQLobG5XGbNyN2DX/Kq5o","tlshash":"b5321014b4815c56597373b08ebe8b1affa6515397058700b9ac3acb2fb6d10d93bf84","first_seen":"2026-02-11T03:15:37.778128Z","last_seen":"2026-02-11T04:20:28.36257Z","times_seen":2,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":326,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.xgc5188.com/assets/style1/css/chatStyle.css","fqdn":"chat.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chat.xgc5188.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:17:38 GMT","end":"Sat, 25 Apr 2026 06:17:37 GMT"},"fingerprint":{"sha1":"4F:F9:F0:0A:75:03:3E:B3:70:3B:EC:AB:6E:C5:4B:EB:08:68:32:8D","sha256":"D2:76:E4:61:92:E6:F2:99:58:01:54:CF:74:7A:9A:6B:2E:DF:1B:F1:2C:2B:02:13:6D:C6:11:9C:6E:13:A9:43"}}},"request":{"raw":"GET /assets/style1/css/chatStyle.css HTTP/1.1\r\nHost: chat.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Nov 2021 02:07:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"619463e4-9b8f\"\r\nexpires: Wed, 11 Feb 2026 16:20:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39823,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"22afc8f0fccbdd59ee3f760eb4eb37da","sha1":"0908e2deeaaf79ce980f3e8089c9d8243f20ad6d","sha256":"b739af31ee3e118f21f035c3a662fe9db5d22376f696ff4cfc403df8a51026cd","sha512":"a12e42e8e32e83ba74872f8c14254173d63f53aefa070ce0a7ed2178d8d84973e96d831de9b9ab6b16e692e4801388ff184da2e79d8b5dc68391efc5e5df823d","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKdD:IzCl","tlshash":"fe031238eb65218da127b4a8bfb16ae5bf514053df0f0aa1f5f17a38c1508bd39712d8","first_seen":"2024-09-19T21:47:06.9727Z","last_seen":"2026-04-11T11:28:19.670542Z","times_seen":16,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.xgc5188.com/assets/style1/img/up_arrow.png","fqdn":"chat.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chat.xgc5188.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:17:38 GMT","end":"Sat, 25 Apr 2026 06:17:37 GMT"},"fingerprint":{"sha1":"4F:F9:F0:0A:75:03:3E:B3:70:3B:EC:AB:6E:C5:4B:EB:08:68:32:8D","sha256":"D2:76:E4:61:92:E6:F2:99:58:01:54:CF:74:7A:9A:6B:2E:DF:1B:F1:2C:2B:02:13:6D:C6:11:9C:6E:13:A9:43"}}},"request":{"raw":"GET /assets/style1/img/up_arrow.png HTTP/1.1\r\nHost: chat.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 132\r\nlast-modified: Thu, 02 Sep 2021 01:35:32 GMT\r\netag: \"61302a64-84\"\r\nexpires: Fri, 13 Mar 2026 04:20:08 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 9, 8-bit/color RGBA, non-interlaced","md5":"4af64edee0af14b3b24a4c7a6eaa5458","sha1":"ce1ed899bf1d29512cb762063875c1649734af92","sha256":"2892d970afafcb1751c2ba0743c1a6f9fee0f1c6ad7d417645069baaa0ec7f50","sha512":"c90e6c5fdb48140398946347b65d9030949278023b95bd4bdf28c5fa66625b7088f3f775cc33412f069cb95da92917edd2aae81712087b25883657cfdd7ba7fe","ssdeep":"","tlshash":"9bc02b966347cc38e78447338d140088946429c0d01a7824f063c1300ca4d05c05eb35","first_seen":"2023-06-10T05:42:44Z","last_seen":"2026-05-30T22:18:19.751295Z","times_seen":84,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/css/modules/layer/default/layer.css?v=3.1.1","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 26 Nov 2020 16:02:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd19a-3840\"\r\nexpires: Wed, 11 Feb 2026 16:20:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14400,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14368)","md5":"867b23083d2999030a0e5c7f544fc89e","sha1":"804698118cd94d3adf51b3fd22137ed7c44b6926","sha256":"6133577aee8bea9e518571972d3a178078ede55b99c35cb5c2fb11bc71da49de","sha512":"dd8874f835385cbbc074cfcf742d6f7442322138ea6b56456527290c0f0e47beb628d96ed2d0f7a64aeb2243a94f6de5eb7be98bcc4042be1569232d499385f2","ssdeep":"96:Mp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:HWmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"e05231e144811299b0278721d6dc7eba32f88d43e5630daef2573c1f874c6dba2b6647","first_seen":"2023-05-22T11:51:09Z","last_seen":"2026-06-07T21:39:06.968724Z","times_seen":150,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/css/layui.css","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:07.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/css/layui.css HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 26 Nov 2020 16:02:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd198-12261\"\r\nexpires: Wed, 11 Feb 2026 16:20:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74337,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65504)","md5":"defe062a02a02ff8f6f67d0fe4353721","sha1":"b2769cceb2d57fabd27e46616ad054f84ff45682","sha256":"013b6d47529039d31670f5c6f1ab780d1345bb6d1a643beeca1176f6311067b9","sha512":"74307e63485a4f89c5a7b8e6c79680f1427e3f696ba7d670d816ce4aa7087b47db97265bc0742c7a28879174a678e271fb9ec220876063aaaf91f683ebb5fcd8","ssdeep":"768:4/nEWwcY/8zYbRzyclDj1JpZlwyQaIYKsR3zdVhlu9Tr1BpRBtfKa6G6nr4wdk7p:tWwcY/8oG68weHmavq8","tlshash":"d8739632e6012ca5762bd215b1dcbdfda0789512ea634e6df3823b1b87848471077f6b","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-04T07:33:41.506558Z","times_seen":80,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/layui.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:07.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/layui.js HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Nov 2020 16:02:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd198-1db0\"\r\nexpires: Wed, 11 Feb 2026 16:20:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7600,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7554)","md5":"4ecf0648fd24314cfa43d647ab0b03dc","sha1":"be7c5c17e379692723b459bf8a6f882b201b3c30","sha256":"7091b5d337c0403b986f28731020cf02f6418a9e86b83f7813f27fde13b8324d","sha512":"3ac55748de389d3ab2873564dedd522dc0600a0851aca0a4648df04527b723f6fa221d5b9fea34567d7d2f83a811be06501569ead13531801aa4a3f9191c90b2","ssdeep":"96:63aT4iKlGXo3xUW1U07aSEf1ERrUn8AIT7il3Ju8uqls/D01b3/JLuVvu2:4aTZXU9b7+N8DKl3g8uqS8z/h4W2","tlshash":"8df19688baf23462437b3065b2af801da67b44ad394c4190d1dad9e53c76cae4377f5c","first_seen":"2023-03-08T01:45:17Z","last_seen":"2026-06-07T21:39:06.951369Z","times_seen":475,"resource_available":true,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.xgc5188.com/assets/layer/ai_service_diy_2.js?v=1769337419","fqdn":"chat.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:07.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chat.xgc5188.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:17:38 GMT","end":"Sat, 25 Apr 2026 06:17:37 GMT"},"fingerprint":{"sha1":"4F:F9:F0:0A:75:03:3E:B3:70:3B:EC:AB:6E:C5:4B:EB:08:68:32:8D","sha256":"D2:76:E4:61:92:E6:F2:99:58:01:54:CF:74:7A:9A:6B:2E:DF:1B:F1:2C:2B:02:13:6D:C6:11:9C:6E:13:A9:43"}}},"request":{"raw":"GET /assets/layer/ai_service_diy_2.js?v=1769337419 HTTP/1.1\r\nHost: chat.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 25 Jan 2026 10:36:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6975f24b-14db\"\r\nexpires: Wed, 11 Feb 2026 16:20:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5339,"size_decoded":0,"mime_type":"application/javascript","magic":"Generic INItialization configuration [description]","md5":"1fe9f5ed9b5b2613cd233b02fd7d900e","sha1":"45041a3fb649c0dd6ee37722a8559b786320b102","sha256":"05357f53f744109eb20bbeb678bc709ce63f5dd0f9e182766f2083a58063db2d","sha512":"ad50dc783e2da82d9a05a0d8e5f6efd206fcbee76c26dffb95d0623a987595f726dc49244e913f82071ab8d3096b92e54e76b9e4583304fe3f13f96e4471ce82","ssdeep":"96:oDe7Yi70OjzVF7+TMyOQE4/tscp6qymx47UKj:oD0Yi70ozVF7+gyk6rp6qymJKj","tlshash":"06b142b395664070187b207a567f5388f825a027c640ab25febc58b0dfb2e56453affc","first_seen":"2026-02-11T03:15:37.789555Z","last_seen":"2026-02-11T04:20:28.380037Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1481,"timings":{"blocked":595,"dns":22,"connect":285,"send":0,"wait":286,"receive":0,"ssl":289},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/form.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:07.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/lay/modules/form.js HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:07 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Nov 2020 16:02:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd19a-2502\"\r\nexpires: Wed, 11 Feb 2026 16:20:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9474,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9294)","md5":"505bd2f75f9b3d9b87ed1c8ef866ebfc","sha1":"89d34b00f0b0905068e40e70a388e3888b152803","sha256":"8563d8a926fb1a408afbb60447653bb3f4657fdbd6f36eb5304e6050478ff74e","sha512":"2a848bf0e481dae812d8de81877816b66ca6cb3781765869d81acbc64a3d18b43cdd2b4aa2f86a48c89db9404d21eace542d0eb19108a530198bce118c14e771","ssdeep":"192:R7J+EjWWSTmyANS4BlR6EoHv9w5iaHe160L:R7JhqmHBb6LP9yiaH65","tlshash":"8b12931c719135e2367b60a1401f981b60bf4635ab09c8947093e4f92ebec9492f3faf","first_seen":"2023-03-11T20:36:53Z","last_seen":"2026-05-14T17:46:16.112968Z","times_seen":24,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/layer.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/lay/modules/layer.js HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Nov 2020 16:02:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd19c-5600\"\r\nexpires: Wed, 11 Feb 2026 16:20:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22016,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21984)","md5":"9d4d12cdd633b95755ad71e87e5b1d76","sha1":"205e320f7dcbb5e8626f507882cfef5a48ae25a5","sha256":"3be4ad0f52084cf691a457666dbfdfbab2e8f65a892e5eca15e72f371bfde1fd","sha512":"12bb4f67c6745762eb6bb6813b3307cc9f2a8cf7c4dbddf4f0c96ac7fc75539ff7253a42eafe1be3b975888d91fcd441b4e7d206995cac756a88b72488f4b65a","ssdeep":"384:J19Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:J14iV3iaWtXIKiF13k8","tlshash":"1ea2b66a754034976323906ad11fba0b31f21d24d7078128f22aa4be1dbcd95a2b7f5f","first_seen":"2023-03-11T20:36:53Z","last_seen":"2026-06-07T21:39:06.962582Z","times_seen":114,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.xgc5188.com/assets/style1/img/closewin.png","fqdn":"chat.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"156.238.237.36","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chat.xgc5188.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 06:17:38 GMT","end":"Sat, 25 Apr 2026 06:17:37 GMT"},"fingerprint":{"sha1":"4F:F9:F0:0A:75:03:3E:B3:70:3B:EC:AB:6E:C5:4B:EB:08:68:32:8D","sha256":"D2:76:E4:61:92:E6:F2:99:58:01:54:CF:74:7A:9A:6B:2E:DF:1B:F1:2C:2B:02:13:6D:C6:11:9C:6E:13:A9:43"}}},"request":{"raw":"GET /assets/style1/img/closewin.png HTTP/1.1\r\nHost: chat.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 137\r\nlast-modified: Thu, 02 Sep 2021 01:35:32 GMT\r\netag: \"61302a64-89\"\r\nexpires: Fri, 13 Mar 2026 04:20:08 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":137,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"e2e3960332f9e1fe1d3ce561d66abfd9","sha1":"76c0d53ea3abeedf29eb43d354a6a5a4bb2e3fe7","sha256":"7363fc4255e7114da5fa224fe5ef9a949f1aea7efd294135c3416892e5a55fe4","sha512":"bcc55f02e7db36a122b03fabd2a14ffcf0f91c6ee03fe070a0f9aaec49fcc4273df1151c7c9da5cfdfdb48ea5c726c7f3ed1a0cbcd1556981edce4a6db77e007","ssdeep":"","tlshash":"43c08cc486202a38ca8642a6fb140010be91443422441208c0224e2a2e552392488207","first_seen":"2023-06-10T05:42:45Z","last_seen":"2026-05-30T22:18:19.750693Z","times_seen":84,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-11T04:20:05.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache,must-revalidate\r\nlocation: /index/index/sell.html\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11960,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":1504,"timings":{"blocked":582,"dns":41,"connect":266,"send":0,"wait":335,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/css/sell.css","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:07.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/css/sell.css HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 07 Feb 2026 19:25:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69879190-5f9\"\r\nexpires: Wed, 11 Feb 2026 16:20:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1529,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"829bd4ea8cb134c4db957d333b6aa300","sha1":"1d7d659d8c09f9682c6894dcd28e26e05c60be54","sha256":"ec8837981ceee0c024ae950e287e3d69f116f700fa68a1aa8b6962c2c510dad7","sha512":"4a10cdbba25f43bed5afb35a50cab6dcd8ab532ef4c46a95301dd98ef80f75084f959a1442055ab48b7d02551444ccbc7bf981321ea2979d27bedcfda8f60d96","ssdeep":"","tlshash":"4e317f53aae70946b55dd1987bbea3ae326c0143c109cdb9bf1832a84f895f540b2e4c","first_seen":"2026-02-11T03:15:37.786066Z","last_seen":"2026-02-11T04:20:28.385675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/favicon.ico","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:08 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5156,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (413)","md5":"c5dd4b79f59a6007ae31e02bdbccaec4","sha1":"91b3b698ab5303ed6167ea0754347d29836cb40e","sha256":"99bcf0c8f679f35b3d9c59268a1d14c99992872f4e476cbe9705105a78dd9b1b","sha512":"7371927f2599557336852c928ed580967224d99339dbea2a2a747da1562aedd771d969c14f1c43f3a7aa6ab389eb5d0426ad05bcb3d757358d029195c372655a","ssdeep":"96:KLocijwl436mXtUsz7c/0/+zwA/9qJjnL:ljwg6SrcW+zl9qJjnL","tlshash":"1ab1e0126d602016b96b9a2d3691537839318163c7378bfeb5ddf178cfc99a44ae32c4","first_seen":"2023-07-23T00:19:50Z","last_seen":"2026-05-31T08:05:39.97629Z","times_seen":62,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usdt.xgc5188.com/assets/libs/layui/lay/modules/upload.js","fqdn":"usdt.xgc5188.com","domain":"xgc5188.com","tld":"com"},"ip":{"addr":"103.43.8.114","port":443,"asn":400619,"as":"AROSS-AS","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://usdt.xgc5188.com/index/index/sell.html","date":"2026-02-11T04:20:08.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usdt.xgc5188.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 15:43:03 GMT","end":"Fri, 08 May 2026 15:43:02 GMT"},"fingerprint":{"sha1":"DC:5E:35:B9:DF:ED:12:3A:9C:99:C4:DE:FF:FE:B9:E2:45:5C:D3:11","sha256":"CC:09:5C:B2:DF:1B:88:9E:7B:78:30:E0:F5:FA:CE:40:69:DB:45:3D:39:BF:E4:11:BF:CC:48:B0:DD:82:AC:C9"}}},"request":{"raw":"GET /assets/libs/layui/lay/modules/upload.js HTTP/1.1\r\nHost: usdt.xgc5188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usdt.xgc5188.com/index/index/sell.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 11 Feb 2026 04:20:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 26 Nov 2020 16:02:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5fbfd19c-1d11\"\r\nexpires: Wed, 11 Feb 2026 16:20:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7441,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7185)","md5":"6042559ef0b59a2b5ffff9ae61023f4c","sha1":"5332d9d0b00ef3946f94c281387ae67a4fbe30ea","sha256":"737b39c7ff47a17a3fadff7714204193a70b64cdd22ca70d94e49fce5cc42480","sha512":"c777d80cc894dd2c70dc14138e3d2bcee0532ccf4fdd975dd2afa168f1e4843d49b01fcaee77386527bebbf428e9fa81c90c0bab1cf88e48994387171b44f2d7","ssdeep":"96:R4jcpetehsuIZo6qF3CS4pMrqwj+EV+L+CgegZzlUx9ugRFS3MZYCX3/niEs9L16:RvuDocMrp+QrC2UTduc/3/nARo/","tlshash":"83e1b54dba19b82362b374f5018f460d25bf046e590ac288b193d4ca9ebed5d1163ff9","first_seen":"2026-02-11T03:15:37.767208Z","last_seen":"2026-02-11T04:20:28.387579Z","times_seen":2,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}