{"report_id":"2130d613-4fa4-440a-8f75-664f322fc603","version":6,"status":"done","tags":[],"date":"2026-01-24T13:46:28Z","url":{"schema":"https","addr":"exchangedrop.top","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"172.67.179.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"exchangedrop.top/","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"title":"meow","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"exchangedrop.top","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"172.67.179.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T13:46:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":5,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T13:46:10Z","timestamp":1769262370,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48848,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-01-24T13:46:10.640670+0000\",\"flow_id\":1381071650466191,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.40\",\"src_port\":48848,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3436,\"start\":\"2026-01-24T13:46:10.633231+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T13:46:10Z","timestamp":1769262370,"ip_dst":{"addr":"54.155.90.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":35808,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)","source":"{\"timestamp\":\"2026-01-24T13:46:10.749098+0000\",\"flow_id\":839278705922967,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.40\",\"src_port\":35808,\"dest_ip\":\"54.155.90.171\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058795,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed1.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-01-24T13:46:10.676759+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T13:46:10Z","timestamp":1769262370,"ip_dst":{"addr":"52.50.109.164","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":40252,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)","source":"{\"timestamp\":\"2026-01-24T13:46:10.752753+0000\",\"flow_id\":1611281897510066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.40\",\"src_port\":40252,\"dest_ip\":\"52.50.109.164\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058791,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"binance.nodereal.io\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":921,\"bytes_toclient\":3168,\"start\":\"2026-01-24T13:46:10.677042+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T13:46:10Z","timestamp":1769262370,"ip_dst":{"addr":"54.155.90.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":35812,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)","source":"{\"timestamp\":\"2026-01-24T13:46:10.756651+0000\",\"flow_id\":7725792781854,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.40\",\"src_port\":35812,\"dest_ip\":\"54.155.90.171\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058795,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (bsc-dataseed1 .bnbchain .org)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"bsc-dataseed1.bnbchain.org\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-01-24T13:46:10.681502+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T13:46:10Z","timestamp":1769262370,"ip_dst":{"addr":"52.50.109.164","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"ip_src":{"addr":"Client IP","port":40266,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)","source":"{\"timestamp\":\"2026-01-24T13:46:10.760276+0000\",\"flow_id\":1436270570138597,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.40\",\"src_port\":40266,\"dest_ip\":\"52.50.109.164\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2058791,\"rev\":1,\"signature\":\"ET INFO Observed Smart Chain Domain in TLS SNI (binance .nodereal .io)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_01_03\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\",\"TA_Abused_Service\"],\"updated_at\":[\"2025_01_03\"]}},\"tls\":{\"sni\":\"binance.nodereal.io\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"50a9e7b112931e541503e8a2499252b9\",\"string\":\"771,49199,0-11-65281-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":3168,\"start\":\"2026-01-24T13:46:10.682981+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"exchangedrop.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":4,"received_data":5730714,"sent_data":1779,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-18T22:25:16.015191Z","alert_count":0,"request_count":2,"received_data":798873,"sent_data":902,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bsc-dataseed1.bnbchain.org","ip":{"addr":"54.155.90.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2020-01-13","domain_rank":2973508,"first_seen":"2023-08-09T23:52:32Z","last_seen":"2026-01-19T13:34:44.708702Z","alert_count":0,"request_count":2,"received_data":5971,"sent_data":1033,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-01-19T08:09:39.571643Z","alert_count":0,"request_count":2,"received_data":512,"sent_data":866,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"binance.nodereal.io","ip":{"addr":"52.50.109.164","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"2021-07-19","domain_rank":1804985,"first_seen":"2022-10-20T10:44:48Z","last_seen":"2026-01-22T05:29:42.585109Z","alert_count":0,"request_count":2,"received_data":7443,"sent_data":1019,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"exchangedrop.top/60a1adfd-754a-4d2c-9560-29e5770cd16a","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"05997da4a9c3d58ef33a7cf3d716af57","sha1":"3a7a7913c31aa2787a11dc6ba6fb5b5f2c525ac1","sha256":"e268ded9f58238c3885b4e0e83ddf10ea9552c488dd25538c8569ec2beff7eb9","sha512":"83413571115e6b39abe7e3b6573a81b3198125b35ae13e31d14c7cb3c81790b24a11cd81531a58922386bbf6e2d41ab6e449fc3206c8b7f20932820cdf58aefe","ssdeep":"49152:D+2KKNjyR5WP4CQjNn9GU6lCLsSPOnLUfJ8KZTcbQQqG7r8aQO/iSJNHoRO2sxSQ:RD8ew45JV","tlshash":"20f591496bf660358213f0795e6f8801b234a40b2949ed5c7e9c92f09f4953c8bf6fe9","size":3517001,"data":"","first_seen":"2025-07-12T22:38:09.134446Z","last_seen":"2026-06-13T15:26:27.773639Z","times_seen":4172,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-13T16:32:47.087926Z","times_seen":692877,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9c6de0df2bf028d93924aff92487904","sha1":"6596050516dd12af52d9b0e7b18ed837f1d81300","sha256":"769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc","sha512":"6be4940eec0dcd70efcf85eb21c5c7b827f4f3dfe2240a0de259ab5c9835f179ddb8a2ba6250c73516a5bf8c9dd4de3438a23cd2d162745faba9314a18fa1615","ssdeep":"1536:R8K6Znxmj9rlvCOhI64j7AtSPtNPU9ArHMLlk:RV6+jKOh4z","tlshash":"65535bc0629c5491a3b76480087f740b7073353b0a1d5aacf658faefacacad6907cd39","size":60819,"data":"","first_seen":"2023-11-02T21:20:28Z","last_seen":"2026-06-13T15:26:27.661092Z","times_seen":31228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-06-13T16:30:57.157004Z","times_seen":228887,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"268d19762594655239a29d058a7e8b44","sha1":"f06da2f7a68114b8dda38a0d782d65ddacc9c0e8","sha256":"95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618","sha512":"55e6b3e48536891a5ad0106b26525e4607c9ece0075ad5496535ef81d1fbb377dfb0b50286594c0aa0b405bf9e791c4696b674ea260813f4772ac7220ab82fdc","ssdeep":"12288:TfLmYQI/yjP+H8Xb29/nNUgE6te1R5WJW:TfCPalnNfE6taD","tlshash":"29f42b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","size":735973,"data":"","first_seen":"2023-03-07T12:58:29Z","last_seen":"2026-06-13T15:26:27.670053Z","times_seen":8463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/1f5fc05d-2460-451b-8d64-c41cb34f8665","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"594e6d8f428ce089d702f1f46c01e304","sha1":"a7173eec2fdd0829f5da084346129089dff91205","sha256":"cf756739079113ab08c5d45c1ed14f63f184ae9d26ee43f003412683726eb01d","sha512":"7e9b999973221b4e011fd96ee42e14ee74f657f0e5bfa8aa18da305a6c178f86bc5bb330d4bba4bad3bd594090229f7636f398f75dd927f73a7a500b1591c346","ssdeep":"24576:CBBjN0giZs+8qQemhnW+1m711ii1VWUIGu7MCgSYq9pYul5fdNr83kB9ecb4PB0c:CLigi+4SgVnBUM0am7POWLF7Iq1S1","tlshash":"383673709836efa0496d22ac4b35cc16c4026f519998b6d174ededfd7b8977203e382b","size":5052050,"data":"","first_seen":"2026-01-24T13:46:37.571721Z","last_seen":"2026-01-24T13:49:01.636328Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/c5e261d9-1ce8-4508-af11-67df2dbdf7ee","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec26a722169cb2cef03353fcf8dd144a","sha1":"6eec6673abcde3d29547796a38361256d9efde1c","sha256":"01861fcd47bc63bb7be76c480bad4c6cc987c8996ab0e023a4e692b68c94b05c","sha512":"c885e5d94bd96fa4a573524356e0ca7398b1489f5a39fc1120cf7f4e469950630ad3e9f48dd0392acd36da390c27a4be1e81da943d1d9ecd48890d1691e416cf","ssdeep":"6144:Ufg7z90bnvLZqnWTI9esVTMuyEvtzXNglxQP92L:VzBe6kEdOxQoL","tlshash":"bf740980b261b07247da24e10477540af339e96c744a40acf6a8d8fb7dbd589957ff38","size":357754,"data":"","first_seen":"2025-07-12T22:38:09.13306Z","last_seen":"2026-06-13T15:26:27.778147Z","times_seen":5085,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"api.ipify.org/","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://exchangedrop.top/\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c2ff9b8bc50c272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-06-07T08:12:19.538389Z","times_seen":27001,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.nodereal.io/","fqdn":"binance.nodereal.io","domain":"nodereal.io","tld":"io"},"ip":{"addr":"52.50.109.164","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:11.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.nodereal.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:EC:8E:68:9E:56:EA:CE:48:DE:13:D2:0C:5B:55:18:C3:74:A8:48","sha256":"09:E3:92:97:59:92:96:9A:A3:FC:76:BF:B6:57:D8:2B:24:69:0C:72:DB:30:57:8C:4A:F2:4B:56:9E:2E:65:1F"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: binance.nodereal.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://exchangedrop.top/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"method\":\"eth_call\",\"params\":[{\"to\":\"0x158862Ec60B7934f1333e53AC1e148811A2E3BeB\",\"data\":\"0x53ed5143\"},\"latest\"],\"id\":1,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-nr-trace-id: dd513311eebe0921bfefdc2a07342466\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6374,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fa3dbe9e7a67f351ee2d52c99850bf9c","sha1":"294cd26f4c0198841057707ed0b44b3cf616e5a8","sha256":"efe3b5e2a041edfb73e010d9c7b8321b7c075c78f0b5d972fe7783da8844f87b","sha512":"d46f4edc8d511404ba6bb32a1a375a1a1c66b24a11f072dbe332243df7b1489af0816a8506fb648a97dd28b0c5ceac714915bc46221ef78d12e9a8a5f1d51d45","ssdeep":"24:YUtXa257vaoWH3eGZsthXvUzZ5+hdex1qx1xxNU6xvQaNBtXX60jv:YKam3QytxvU15+doY1jNNTt9jv","tlshash":"52d108f098c98e50f19baa81b798bc9400213caf7fdf8f40415cf8b6a0f54a176a448f","first_seen":"2025-04-07T11:53:19.749574Z","last_seen":"2026-06-13T15:26:27.692259Z","times_seen":5256,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/fancybox-3.5.7.min.js","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:03.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exchangedrop.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 13:18:33 GMT","end":"Sun, 19 Apr 2026 14:16:53 GMT"},"fingerprint":{"sha1":"F3:44:46:8E:95:56:9D:59:C8:25:0E:DE:F1:0A:11:1E:F2:C8:A6:A3","sha256":"19:37:9B:22:28:C2:02:E0:BA:A3:BF:F6:AF:88:C2:58:29:33:8C:F7:1F:B1:4F:9F:08:DE:1E:C6:18:0D:11:2A"}}},"request":{"raw":"GET /fancybox-3.5.7.min.js HTTP/1.1\r\nHost: exchangedrop.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exchangedrop.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 21 Nov 2025 13:02:29 GMT\r\netag: W/\"692062e5-575add\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v%2Bmh%2FCmwArKqFpT3bwaUQYMupwlieWP6fJz%2F1sz87NT4w0uJLdb46DcWLXV9PiW0tq4Ij1O%2FcaTrmuBxa8TY2d03iUhCxK6aGnjf%2Fp8k\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c2ff98abf1256c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5724893,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5f732f5380ed9aa3d17a2c743b1558db","sha1":"2534c7074b45b64df4bc0fe94c46d5eeae0ef965","sha256":"6c0101e0a665c58b951606d5bb3be9bb96389661d9bd76cdb99049e7dfa04b44","sha512":"31296c43905eac538c04bc7357931b7cdf9bb51c7ee688eb60bb9cf7993ee3385d4e7f8b2aaccba9c15e7572b7c1541460e019cb66d8bf336e34397cdfdec177","ssdeep":"24576:ux+CMSnKNkfu98abDzXCIRBVl11jvBDlB:ux3W997XCIHLnvh","tlshash":"f3252301c122c6b86b0a0b7d3964d68015c9d8b6d5ee3fefadead0f9924657123e113f","first_seen":"2026-01-24T13:46:37.553791Z","last_seen":"2026-01-24T13:49:01.625344Z","times_seen":3,"resource_available":false,"data":null}},"time_used":769,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":487,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/favicon.ico","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:08.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exchangedrop.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 13:18:33 GMT","end":"Sun, 19 Apr 2026 14:16:53 GMT"},"fingerprint":{"sha1":"F3:44:46:8E:95:56:9D:59:C8:25:0E:DE:F1:0A:11:1E:F2:C8:A6:A3","sha256":"19:37:9B:22:28:C2:02:E0:BA:A3:BF:F6:AF:88:C2:58:29:33:8C:F7:1F:B1:4F:9F:08:DE:1E:C6:18:0D:11:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: exchangedrop.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exchangedrop.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 21 Nov 2025 13:02:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnxQ2EiHhaEf3YIb8Qu5bcj8LNM0MBgehED4wWdfBbi5%2B4ZbBE6z93ZeAZE7JpnUHI5uABST7nD7hkinWI4t16u3luE3B7qYPvfOINL1\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c2ff9abcad856c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1059,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"5c0fe5dab0c322e8381f42c253fbb13a","sha1":"5af791fad33977ace4c6c5636a40a836f90aab54","sha256":"defaf51ea7482d17ad2582e8470502c7c101e938997ee0e914756980dd170469","sha512":"e821391f142ee88857f7268ee2ef7eb1114d0b7af69b18f8272691dd1085a47e1057e2bfd5804e62fc3906cc5f17a8626acdd97851e7c448d866412a6edb5913","ssdeep":"","tlshash":"93118c86dae31c46711346150bf6e20456759443e685ce693bdf71f48fc93c898a7398","first_seen":"2026-01-24T13:46:37.558414Z","last_seen":"2026-01-24T13:49:01.623311Z","times_seen":3,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exchangedrop.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 125841\r\ncf-ray: 9c2ff9b72d7b56a5-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ad87d5-1eb91\"\r\nlast-modified: Sat, 18 Jun 2022 08:07:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1017175\r\nexpires: Thu, 14 Jan 2027 13:46:10 GMT\r\naccept-ranges: bytes\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jF%2FY%2BG%2Ftf9A4B5m8yZnkdiLHoAZuNHsLp6h%2BrSIdaVuAMSNkHRnJv4in4gGsw%2BfW1zMEsn39%2BI%2FyKxDhzQ4ht9uhKh2FN9qBKhqyYkqGllKF%2FTjMNduVtOlsICCcYl3uMln0NMYo\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":735973,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"268d19762594655239a29d058a7e8b44","sha1":"f06da2f7a68114b8dda38a0d782d65ddacc9c0e8","sha256":"95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618","sha512":"55e6b3e48536891a5ad0106b26525e4607c9ece0075ad5496535ef81d1fbb377dfb0b50286594c0aa0b405bf9e791c4696b674ea260813f4772ac7220ab82fdc","ssdeep":"12288:TfLmYQI/yjP+H8Xb29/nNUgE6te1R5WJW:TfCPalnNfE6taD","tlshash":"29f42b80b3b1b0b583c729a4143f6046f63af46a505840a8f659faf279f9d4c957bb3c","first_seen":"2023-03-07T12:58:29Z","last_seen":"2026-06-13T15:26:27.670053Z","times_seen":8463,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed1.bnbchain.org/","fqdn":"bsc-dataseed1.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"54.155.90.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: bsc-dataseed1.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://exchangedrop.top/\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":260,"dns":1,"connect":39,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.nodereal.io/","fqdn":"binance.nodereal.io","domain":"nodereal.io","tld":"io"},"ip":{"addr":"52.50.109.164","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.nodereal.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 16 Nov 2025 00:00:00 GMT","end":"Tue, 15 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0C:EC:8E:68:9E:56:EA:CE:48:DE:13:D2:0C:5B:55:18:C3:74:A8:48","sha256":"09:E3:92:97:59:92:96:9A:A3:FC:76:BF:B6:57:D8:2B:24:69:0C:72:DB:30:57:8C:4A:F2:4B:56:9E:2E:65:1F"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: binance.nodereal.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://exchangedrop.top/\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T16:33:36.180633Z","times_seen":16390792,"resource_available":true,"data":null}},"time_used":544,"timings":{"blocked":247,"dns":1,"connect":35,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bsc-dataseed1.bnbchain.org/","fqdn":"bsc-dataseed1.bnbchain.org","domain":"bnbchain.org","tld":"org"},"ip":{"addr":"54.155.90.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:11.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bnbchain.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Mon, 08 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:A4:BE:0F:33:E9:DC:36:3B:B7:3C:5A:E4:42:EE:DE:F1:46:52:E4","sha256":"15:55:B7:24:9E:06:40:29:6B:D0:0D:FD:D2:2B:02:D8:1B:63:50:F2:26:B3:56:69:5D:9D:DF:3E:40:64:99:5E"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: bsc-dataseed1.bnbchain.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://exchangedrop.top/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"method\":\"eth_call\",\"params\":[{\"to\":\"0xd24aeC3254652B0ab565E41A945b491e98Bb5FFC\",\"data\":\"0x73d4a13a\"},\"latest\"],\"id\":1,\"jsonrpc\":\"2.0\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:11 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 600\r\nx-nr-trace-id: 8d8390e2d28f0e07890e08fdf0acc63a\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: origin-when-cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubdomains\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4902,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"2188b7f1b90a143020f7faf12d10e91f","sha1":"e6a95e4d574d05948b7c8517861a71e6f69b38b8","sha256":"4a8dd94310fc027a042dc9ca0311f20e9341084839e00b8d7a830ab52cdc8096","sha512":"08e8f648099fac2b075f96396f2f9056ac526f12e5843bc16d07fd725fcd74abeed4021a9ed64f53ef3e1dbb57a707ebee71bc51b230f5b5ee4200c2da1d7b1c","ssdeep":"96:oigW53TB2SzrZYpTbDaOTkSO6mdSInccYGS9FzelVLY:r5TB2SzAT/7kSRRrze3k","tlshash":"e6a179f0ee02c891f1be4768f2ddbe0461383726eedc5a4604b45a991ee5a51bd0dccd","first_seen":"2025-01-17T17:24:07.906471Z","last_seen":"2026-06-13T15:26:27.704261Z","times_seen":4816,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T13:46:02.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exchangedrop.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 13:18:33 GMT","end":"Sun, 19 Apr 2026 14:16:53 GMT"},"fingerprint":{"sha1":"F3:44:46:8E:95:56:9D:59:C8:25:0E:DE:F1:0A:11:1E:F2:C8:A6:A3","sha256":"19:37:9B:22:28:C2:02:E0:BA:A3:BF:F6:AF:88:C2:58:29:33:8C:F7:1F:B1:4F:9F:08:DE:1E:C6:18:0D:11:2A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: exchangedrop.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 21 Nov 2025 13:02:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1Ma6QZlv9aDcwbAaszkgN%2FbK7Eho1dRpfojAS%2FPh0ITABlA1kQbCBzQrjCfL3GQ21kTn94jq0fQT7JzGoGE0S%2BI8W%2FaTIfGSydk3qgqp\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9c2ff9861d915691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1059,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"5c0fe5dab0c322e8381f42c253fbb13a","sha1":"5af791fad33977ace4c6c5636a40a836f90aab54","sha256":"defaf51ea7482d17ad2582e8470502c7c101e938997ee0e914756980dd170469","sha512":"e821391f142ee88857f7268ee2ef7eb1114d0b7af69b18f8272691dd1085a47e1057e2bfd5804e62fc3906cc5f17a8626acdd97851e7c448d866412a6edb5913","ssdeep":"","tlshash":"93118c86dae31c46711346150bf6e20456759443e685ce693bdf71f48fc93c898a7398","first_seen":"2026-01-24T13:46:37.558414Z","last_seen":"2026-01-24T13:49:01.623311Z","times_seen":3,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":266,"dns":301,"connect":1,"send":0,"wait":210,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/crypto-js/4.2.0/crypto-js.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exchangedrop.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 19621\r\ncf-ray: 9c2ff9b53ea1b50b-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"65384d58-4ca5\"\r\nlast-modified: Tue, 24 Oct 2023 23:03:52 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 4371338\r\nexpires: Thu, 14 Jan 2027 13:46:10 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=SXvje%2BxWptaCnGdLBB4a7iHBnRJcRSdy4DVWAqwLExaYcupM%2FZ%2BxqqSoaRCFYZzhlvwXsbsjxHVxz0ecBRUzmaHwbpt2qBcDyXKwt%2F2c8Q9%2FRY8F7oKRBDX%2Bc%2Btz5b3V8SgoBgRC\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60819,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (60819), with no line terminators","md5":"d9c6de0df2bf028d93924aff92487904","sha1":"6596050516dd12af52d9b0e7b18ed837f1d81300","sha256":"769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc","sha512":"6be4940eec0dcd70efcf85eb21c5c7b827f4f3dfe2240a0de259ab5c9835f179ddb8a2ba6250c73516a5bf8c9dd4de3438a23cd2d162745faba9314a18fa1615","ssdeep":"1536:R8K6Znxmj9rlvCOhI64j7AtSPtNPU9ArHMLlk:RV6+jKOh4z","tlshash":"65535bc0629c5491a3b76480087f740b7073353b0a1d5aacf658faefacacad6907cd39","first_seen":"2023-11-02T21:20:28Z","last_seen":"2026-06-13T15:26:27.661092Z","times_seen":31228,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":29,"dns":1,"connect":2,"send":0,"wait":13,"receive":13,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://exchangedrop.top/\r\nOrigin: https://exchangedrop.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c2ff9b8ac27c272-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"35b0bce9d250429df012c0426f88d0bd","sha1":"f81d80af9cbeb0011316fbba3da8002b32251f7a","sha256":"da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d","sha512":"32c9df1064e730e1a2358dae62aff741118007187d89510bfbdf93efaaa7356b71a570ea8c5d96bdc0b47155bbaa77df86b6847cc4d95d2d1b7fa2a1484a7144","ssdeep":"","tlshash":"dd600003000000000c00c00cc303030303c00003c30f0000ccc00f000c003300300000","first_seen":"2023-03-07T01:19:04Z","last_seen":"2026-06-07T08:12:19.538389Z","times_seen":27001,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":28,"dns":2,"connect":1,"send":0,"wait":119,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exchangedrop.top/secureproxy?e=ping_proxy","fqdn":"exchangedrop.top","domain":"exchangedrop.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exchangedrop.top/","date":"2026-01-24T13:46:10.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exchangedrop.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 19 Jan 2026 13:18:33 GMT","end":"Sun, 19 Apr 2026 14:16:53 GMT"},"fingerprint":{"sha1":"F3:44:46:8E:95:56:9D:59:C8:25:0E:DE:F1:0A:11:1E:F2:C8:A6:A3","sha256":"19:37:9B:22:28:C2:02:E0:BA:A3:BF:F6:AF:88:C2:58:29:33:8C:F7:1F:B1:4F:9F:08:DE:1E:C6:18:0D:11:2A"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: exchangedrop.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://exchangedrop.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 24 Jan 2026 13:46:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nlast-modified: Sat, 24 Jan 2026 13:46:10 GMT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XaRKzCSN5BIrNxNX0x%2Bg9Kisf9iEHcgzcrcoOvTLLXi1x3K2%2BJtOZaJV8%2BIpI652zGNAE541yA0g4LIxEkLKBS3jOaJlSFr1bcpeEWIs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c2ff9b87e6856c9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-13T15:26:27.674345Z","times_seen":8815,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"exchangedrop.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}