{"report_id":"5e20068c-1f1a-4304-b074-ea5d7b4c5a3b","version":6,"status":"done","tags":[],"date":"2026-05-11T12:44:00Z","url":{"schema":"http","addr":"cmeproexchage.com","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"title":"CME","dom":{"size":28535,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21771)","md5":"53d17cf2761f95383bb182d33b285e1e","sha1":"e48ad0f66d03af80608c5c249b071334da5d8ff3","sha256":"0a8ac24e5774d9cbfd893062dd4b4e3f1332d693b88222d27ae9afc1e92b3271","sha512":"8e72847798b07ab56e646fbccfac06b2dbbebc47e863c963d0cdcf46e659341502f597413e0119488008d44b0a18b1d090059ebd1724e1c18432a9f7601f05d3","ssdeep":"192:eSR7KiqMcZCxfe2nfD3bBp/fQB/5WqFlSvSM1hoyealt+ml6IUqQs1OedB1nYOYb:ZMi6ZCxW2pp/fQB/5WqFkvcqnhYr8I","tlshash":"3ed2dc74b10120a302b7b8c5e0a17f4b71e7e30bc04a91147eec86d59febeb5b75a961","dom_hash":"domhash85e680ef80585346b36c3d5a8be57888","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"cmeproexchage.com","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-15T12:44:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":13,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:38Z","timestamp":1778503418,"ip_dst":{"addr":"Client IP","port":55164,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 25","source":"{\"timestamp\":\"2026-05-11T12:43:38.822962+0000\",\"flow_id\":619934757033199,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"134.122.128.163\",\"src_port\":443,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55164,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400024,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 25\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-05-11T12:43:38.529647+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48318,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.568161+0000\",\"flow_id\":505203296000413,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48318,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-11T12:43:43.022941+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48342,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.571829+0000\",\"flow_id\":444154630855274,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48342,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-11T12:43:43.023146+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48352,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.573490+0000\",\"flow_id\":466153453345480,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48352,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-05-11T12:43:43.023240+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48354,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.578712+0000\",\"flow_id\":1708915125345069,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48354,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":908,\"bytes_toclient\":6037,\"start\":\"2026-05-11T12:43:43.023341+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48326,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.586024+0000\",\"flow_id\":2002450370222585,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48326,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":908,\"bytes_toclient\":1634,\"start\":\"2026-05-11T12:43:43.023033+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48312,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.597456+0000\",\"flow_id\":1670891779873039,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48312,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":908,\"bytes_toclient\":4662,\"start\":\"2026-05-11T12:43:43.022799+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48400,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.807314+0000\",\"flow_id\":1904641079980264,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48400,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-11T12:43:43.274664+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48378,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.815955+0000\",\"flow_id\":696282096021575,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48378,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":908,\"bytes_toclient\":4662,\"start\":\"2026-05-11T12:43:43.274503+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48394,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.821923+0000\",\"flow_id\":328272118231195,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48394,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":908,\"bytes_toclient\":1634,\"start\":\"2026-05-11T12:43:43.274587+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48414,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.824294+0000\",\"flow_id\":710468373000503,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48414,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":908,\"bytes_toclient\":1634,\"start\":\"2026-05-11T12:43:43.274743+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48372,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.824274+0000\",\"flow_id\":1248863998390239,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48372,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":908,\"bytes_toclient\":6037,\"start\":\"2026-05-11T12:43:43.274399+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-11T12:43:43Z","timestamp":1778503423,"ip_dst":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":48364,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-11T12:43:43.835090+0000\",\"flow_id\":1682879033585479,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.9\",\"src_port\":48364,\"dest_ip\":\"47.79.64.224\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"bansksk012002.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-05-11T12:43:43.274247+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cmeproexchage.com","ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2026-05-05","domain_rank":0,"first_seen":"2026-05-11T12:44:05.514988Z","last_seen":"2026-05-11T12:44:05.514988Z","alert_count":57,"request_count":57,"received_data":5640279,"sent_data":26868,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-05-11T12:44:05.494337Z","last_seen":"2026-05-11T12:44:05.494338Z","alert_count":0,"request_count":8,"received_data":50690,"sent_data":3792,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"webapi.cmeproexchage.com","ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2026-05-05","domain_rank":0,"first_seen":"2026-05-11T12:44:05.496086Z","last_seen":"2026-05-11T12:44:05.496086Z","alert_count":33,"request_count":33,"received_data":663109,"sent_data":17121,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-11T12:44:38.703289Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-05-11T12:45:10.044013Z","times_seen":820,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-975fa331.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"239b82fa6f2b05b82e4464c4ee3f2468","sha1":"207ca19a52ea0f14715dfaf5125fbb68ecd0ab4b","sha256":"3746ce16b8dc512bdb2eb00441c5eda3c42e64020db5943538a9e043bb5d65d9","sha512":"649b30ca3890b33bb7ed49921ff0d2c6a332da50b3c3e1ad06db3ef5987b1f00abf6d3efdd6361b40d32d3191926af528314a8f68521d7625a44f347f87c52d3","ssdeep":"96:CfshcwfPrblYqTqCw59i8TrDYTIy4CwRLzrb7Itq+l/3hrzK33EInFapCjH:CfshcwfFY+qCwvtgrpwF/ydvhrG3pVH","tlshash":"7c91aa89b803c97da9b3948048e4102125687bf6b11d44f2f3fdbc5e67b5b7ae345721","size":4621,"data":"","first_seen":"2026-05-11T12:44:11.840353Z","last_seen":"2026-05-11T12:44:38.604545Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/kline-1a2f5bdc.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"5b65ddb1b434813c9649c2e471aabe58","sha1":"f2c6001ba1031b87601f1b93d39bc0b7b09e828a","sha256":"8e1c59c7b4ba06be3ab478d22381194137c6b7aa7001481822861135cbb32d5d","sha512":"c1218edda3ee7b81976846f4a6cc062858f5222c4bcebc7927489e40c92089dd10b19798f5e4346691f509c4ff2973f1ff7c7302b61daee272b1bcd7534e569e","ssdeep":"","tlshash":"9fa0110b0a8aa0f00a280cc8a2a88e022a3028b823a28ee8a002820022200c2808ea00","size":81,"data":"","first_seen":"2026-05-11T12:44:11.839155Z","last_seen":"2026-05-11T12:44:38.655023Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-05-11T12:44:38.67647Z","times_seen":669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"74ee75f7ff0102c01289da5adac6baae","sha1":"d23c2ebb59ed05c5f557c3ad4d9f60aad59243c5","sha256":"9cc1b81fb164e5b2abf6af6a4bb7687e99246305f4d088d37e0d9b52f1b3f5e2","sha512":"8b008fd670ce47f4bfd5424a4bda9f30c0fdeaec8a5bc5d70faff6f97fb35cd88e973e32d37e2191c8a07b7ebd57eba69f8252644b81a3d170f4b299982da621","ssdeep":"","tlshash":"0a11abfe291a642a6303404e976b7801642260a9000a184177cc9a9dbbaab7dd0cfb8c","size":1048,"data":"","first_seen":"2026-05-11T12:44:11.927068Z","last_seen":"2026-05-11T12:44:38.672369Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-05-11T15:38:30.235552Z","times_seen":33695,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-8ccebcce.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5baad7cca7c819718acbbf024715108d","sha1":"9a0ec88f054fc4df83d161ed7b49fa107bb4fa5f","sha256":"3ea68fb35c174f4799f921c428634ed25bf0cef76777751a0d58c970b2d5a444","sha512":"ed0b88d63e06660817b87423d9433fdc276647ae21e94bf93608c9e84fac8db60d14712abec67de6b92bc14a9068e243a72a8a2626d3c76b70a665337eab2365","ssdeep":"768:Y96UmPgXNQTEVsHqeHTg2HZIDCx5q52I672+EbpmCX6yG6C8WVnR2Gk5JqiGnvNk:1gWMsYjCxs6KNpmo6isNTXwu+oZDNm","tlshash":"26a33b89a50b1fbf6dbd0844a98a451031690fc39c8dcc93b3ba6e5627fecd96349718","size":100348,"data":"","first_seen":"2026-05-11T12:44:11.891097Z","last_seen":"2026-05-11T12:44:38.579207Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"338a9fac24d8e9eb7eca99e84b829fdb","sha1":"7a81d6a12ee875e2181818ac6d54ebff81848085","sha256":"9538e036ace74824a3fa7b843c7088dc541e0a6350325e3711ce96d34718b4a8","sha512":"6cadb556b277c643d0958d4116f6bf12a64f9afbf45c08c90203d43493310b784e94d293c6820d104fa0aced91d1c1ff7428b25b65a983d427a8f44ec41eb13d","ssdeep":"","tlshash":"8ac012e631a196042d7007395acd1e21f4114333884c460e78bc5c002f734001168c74","size":192,"data":"","first_seen":"2024-12-02T08:41:53.660962Z","last_seen":"2026-05-11T12:44:38.707794Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-10f31a6f.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"3e0052b33a8b92a80ab1d4d9652492d6","sha1":"74e0b3489f4a6ac99f4c3e7ba723ed135d9bfb62","sha256":"2ff14f90892923dbe764d30f61afcbd871ab9baf68ea5fdae65b0a5dc082651e","sha512":"3254bbe9a04eb368422115e1de65bb1d586e224ae1d1afe260d55600d224c101ba751f869d1f9b0e53f53da321f92310eb209af46f433fae29a331cf89d11970","ssdeep":"","tlshash":"cde0ec8b2a018bf3e5720ee8fa625d44f56637798fea65e4482adc16510c880627918a","size":317,"data":"","first_seen":"2026-05-11T12:44:11.86245Z","last_seen":"2026-05-11T12:44:38.574536Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-661048e5.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b262bf5f1df196b41bb8923b3ee02abf","sha1":"147c26b574bf3e55aacf4ff8b77800874f215ec3","sha256":"dca90f0e715c8316dbb9cf29b1cb5760ea424a0867f927308a6b72d2cbe21d47","sha512":"8f6092a2d607ee0c0f71a1c3efe8e6dccd0436b6cb7a6685aff839ac4c6994c65b4da1288d62485892ee710159cb1e1c8e96481a5860239bb20c08189e423c73","ssdeep":"12288:YNPxPLn1H16O2ipZO3aHbHebtrtcr30L0n7e9rQSvUrfTJ3M2z8o:YNPxPT1Hl2mZ9/T7e9sSvuTJ3d8o","tlshash":"07f41a98b254b03543e771a1017f050ba33a690db44b85a8f669e4ee6cbd44e327ff78","size":734555,"data":"","first_seen":"2026-05-11T12:44:11.857866Z","last_seen":"2026-05-11T12:44:38.532727Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-05-11T12:45:10.020964Z","times_seen":840,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1d0663d39d873f0eb6f219b0801c983c","sha1":"2da20244f55d5a15a7a0695b8fd3dcedad9f3cd3","sha256":"67602cc36eb6e60ad520d10b21efd241ce5e573e9935a6901302dcca11f36ac5","sha512":"77e9b49e9a35d6d792ce3cb1b552b1c44ab4ae81a5ad37b9149421dfee57450e0346d0cfed0b1c131f2d050e3f69153fe1bc1da2848fd0351dfba6f15fd1e8c2","ssdeep":"","tlshash":"02c08cc8a0cb6e001a02665015bf25e4a034402a70489b038c94d8482e230b0a233ea8","size":143,"data":"","first_seen":"2023-05-08T20:49:32Z","last_seen":"2026-05-11T12:44:38.678539Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"83678961efc93c088d42dd78bc6ea6dd","sha1":"8007d82eec4894fa2867c628e925f1fcfa443fa3","sha256":"d6045334796ceaf006da578968c4ce319e6d4127c9c36ea88297daf6c6713026","sha512":"cd5e028a3850ceca98e01b30d338a9874404eba5a4d8fce81855dc9f8a6189c9c202e6caf3fe736b10295b4c81a1361a68fda5abeeca58d358c8fdb9c02a282d","ssdeep":"","tlshash":"13c08cc4a0c23e106602681124af24e4a0244027704c6b02cde4d8492ea34b8a233e98","size":147,"data":"","first_seen":"2023-07-28T08:36:26Z","last_seen":"2026-05-11T12:44:43.718825Z","times_seen":636,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"fda026047e8eb1a5882e868c6621ecb4","sha1":"94912222851f4eef4664202cb513d7f3d45993e5","sha256":"389ca4866842c71e748f3385526f79ec5d78e6fc86cf71a48a0c44012c59fd8a","sha512":"c7ddb08213f5190b3cb67a8b6cdb51338e1763bed5a088339a123b7fb1f6e67f25289f103a5664785612b1782a4301d3d9d16f8a6d466cceca1e1c1814af3145","ssdeep":"","tlshash":"d3c08cc4a0c62d002602681111ef28e8a028842a70481b039cd4d8893e620b48233e98","size":141,"data":"","first_seen":"2023-08-10T20:40:22Z","last_seen":"2026-05-11T12:44:38.682925Z","times_seen":260,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a9f0cc9bf0d20d059efb11ee21104845","sha1":"53dbb945e48d29466807d93036584b8f80131e28","sha256":"25ea7f517bce714d7755d616ec88a5e3a8f243e0d972f68e8931bf6512736f91","sha512":"b937158d8f045d9c8fff37d1f01a368771624b43a0696eeb222501070e807789a204ffa5713a089464529a0088666a47ed5b83fa7f09cb0ec0ace33923ed3d61","ssdeep":"","tlshash":"e3c08cc4a0c23d001622642010af28e49034402670481b029c94d8582e220b08233e98","size":136,"data":"","first_seen":"2025-09-28T17:49:51.738882Z","last_seen":"2026-05-11T12:44:38.67915Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-05-11T12:44:38.702679Z","times_seen":903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/en-039dbbbe.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3fc85954d1688a7198a5050ed853fb23","sha1":"526d06783eaae3624c362c13145da674e1c4e754","sha256":"60dbb9db5968a91d8f6130143894c381854a5afb0ee9239be0564f205e8f21ee","sha512":"8b3f81789a214037c14f5e080ba7e84489f276f7183ddf0871cefc8ff51533be92609d959e922877bf0d326fbf331f24c4c6f294954bcd6e6ffbd952503c5992","ssdeep":"768:u8tZcEw/o7r8aAFsicnAMC2rAaAMFiQP6+6seG9i1mwO6fpk7aO8xO:kpon8aeQE2rdFiDseWiq8xO","tlshash":"9f03c5897e1a889a05f3537674ce6e1120f60ac18265881f4fedc9fd93d2b67a363734","size":40770,"data":"","first_seen":"2026-05-11T12:44:11.870225Z","last_seen":"2026-05-11T12:44:38.540029Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-11T12:45:09.869371Z","times_seen":624,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1797b90369a99ff22f1c40b0d94ec9a1","sha1":"aec8ba7bbf7bb80c7a4669d074c61aefb319ecfc","sha256":"e7129c3c36ef7b4a55f09622f14d1a60dd64551f16fd0f7a070edf2c75a13680","sha512":"a578a2dae3c0843433b3aca46d828da3db506e6c048302d6e857b77767968b4cac8e71e6d56dbd81aca28909b96a5f23447544a7a24ac9e3486478aa64b977bd","ssdeep":"","tlshash":"70c08cc4a0c72e001646641018af26e49034402ab0482f568df4d8492e620b08233ed8","size":146,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-11T12:44:38.695323Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"36e2f88986cecc3db12e6fa8496104e1","sha1":"c3981192f5af22636418f0ff8cdab86a855a041f","sha256":"8b26aea1cc1066775b2ea900134a39c72394e5b324e8157192744da717ecba53","sha512":"95331691ee6e0c8d73939a7f39404cf682e49dfa2a3ce4e20610125c62c03e9b7e27cb9df3e39279f2fec204bf85053a3aa29daf9c21b803fa98b59809d9c2bc","ssdeep":"","tlshash":"83c08cc5e0c26d209b06666551af25e49034402a74885b068d94ec883ea20f48233ed8","size":157,"data":"","first_seen":"2024-12-02T08:41:53.632223Z","last_seen":"2026-05-11T12:44:38.698573Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-05-11T15:38:30.248103Z","times_seen":36697,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/vendor-df62c849.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"60163d033467041dd64e3d9920be6be2","sha1":"bbf2c2be0b2e2e954cef823095e0dd95d9a7406a","sha256":"6a7d683ac9f254dc5538af1034c0f745b7243c6dac7f83e62067f4b71f1ec2de","sha512":"ff9177517d32b46fc722bd5ddd5111759226742809ed24b4270bb74191b9d7b9a018cbe3bb7c9f1c44676a177ec6c559609ee49570da38b9a7dbab0cc01802a3","ssdeep":"24576:NckRssFLy5ziEf6DKYZSJsMHnWHEDOsa2s:NckRssFLy5ziEfWKYZ7MHnWHw1s","tlshash":"d21529c97282f06147ab20e250bb1006f3396e59744e84a4f16d98db7d7ad89d2b7f3c","size":877079,"data":"","first_seen":"2025-07-25T22:00:14.991714Z","last_seen":"2026-05-11T12:44:38.571498Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/filters-0dec89be.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"d9940fd61963d09f4ce8cc4d1e77e83b","sha1":"bf2be87a4b738dd3f16c1c367c4b5a76314da6e0","sha256":"6d5f014af3a4d296938f9bab0aa55e71dfff954856f237421f398889c40706fb","sha512":"20591afcbfbb89183f63eee34b4f421a6c6ab12b511f12cf3bf8212fb3142d21216894e23cb94b983ec69f2ac51f333ec01fb1a78369fb359e7a7e629e76a031","ssdeep":"","tlshash":"4d5135fdfcd7613356e96df940288010728ebe20686e0a4df54bd0455a73888e07f764","size":3102,"data":"","first_seen":"2026-05-11T12:44:11.893698Z","last_seen":"2026-05-11T12:44:38.56169Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/currencyItem-7c86e19b.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"05c8165e8c6f79b164efebf341f82852","sha1":"826e5effd1f2d2104d71e4e224662340b7a0f4e1","sha256":"7cb7823574765a5bb5f62cb507ba04b2268389ef0bf708c39ad3185c08274f18","sha512":"8e9c64e4c9f6d84798dffe5e767dcd21e0e094bc148aca0501c3d7d7907091fc2c2c6a44acfe91372032f3240562d9ab302805031ffcbdf6844e166b4a9ddd25","ssdeep":"","tlshash":"c331c9999902c7b6d7be9452c0b90034175d7fc620008592eaef18693b9a9bce338a72","size":1561,"data":"","first_seen":"2026-05-11T12:44:11.863633Z","last_seen":"2026-05-11T12:44:38.559432Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e29cc4b739166fb0de3dd3960891cf94","sha1":"32bf92595a210346b3fa579ce87df4987f109d95","sha256":"d3b8857aaf83eedf7762ae5079cebc09d4924e13766d06fd68dbb746634f95e3","sha512":"854eba232753dfc9183d3029c72a8ec545156e6a966cbf69fbad7acd252632ee09b17f9666f3edfb4541f58d3d3bbfc9841f999c37cac48586997700b245e0af","ssdeep":"","tlshash":"7bc08cc4a0c26d102602651021bf38e490248027b0481b038c94d8482e630b08237ea8","size":140,"data":"","first_seen":"2023-06-05T11:50:58Z","last_seen":"2026-05-11T12:44:38.682261Z","times_seen":3144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-11T12:44:43.70108Z","times_seen":503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-05-11T12:45:10.026776Z","times_seen":1257,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-11T12:44:43.720134Z","times_seen":326,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/charting_library/charting_library.min.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-11T12:45:09.856892Z","times_seen":947,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-05-11T12:45:10.031186Z","times_seen":3378,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"41bbcc2c56aa15aca722543a89a6c730","sha1":"406498af64c571b878803bce96126d82f84fe1fb","sha256":"dcdb9d7d09bbc4280e61709eba14765c1788e29f96bb2d757d7e41e1ca174807","sha512":"48052a6d22581aefb3f456e7ef17080ec74175298ef4d6f05275e19043375211c712175b86b2a51347902345cd7d2d47535dc383acc4b70757be798e6d778136","ssdeep":"","tlshash":"bcc08cd4a0d62d002a12a45430bf25e890344026b0486b03ccd4e8592e234f08233e98","size":148,"data":"","first_seen":"2023-11-01T14:09:04Z","last_seen":"2026-05-11T12:44:38.697534Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-05-11T12:45:10.044636Z","times_seen":958,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-25b4f3fa.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"ca53b42609183cae8723b9b82b082c2c","sha1":"32a58cf753c03ce1d3be1895ccd91b245c5d3ee9","sha256":"815ee648a9169e1153fa064a87df493fa20d8d153ca9ca811a572342c6ee7b96","sha512":"904d839538830eacdade29ea02db47cc38a646f3075761e14b8c58e266b7d3cbe7c7a81de748d9a281237cc9d3d9f698fab067cc0d49f4d49368f73657632494","ssdeep":"","tlshash":"0a01fdf8fd0c8ebb0fa20a4041d02600140a1fddfa1419e198867d661be5940d7ce32d","size":776,"data":"","first_seen":"2025-07-25T22:00:15.119474Z","last_seen":"2026-05-11T12:44:38.530704Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f049705ded586ec888809453ddb97eed","sha1":"c04197dd58fab49f9d3974f390695d56e388a792","sha256":"3b2046fc0d9b54e8f978fcbe69edf1eb43f35320283ed2e39b12c20deafe4f45","sha512":"9f33bd944891eeddb142780f0236713298022b151db1db846f52e53f4399bfdf96834a0a86908aa80ba71c1a60b8e717df28c7c85ab59dc7b3734f4757e02849","ssdeep":"","tlshash":"f4c08cd4b0ca6d00a603691011af35e49024806770482b029ca4dc882f234b09237e98","size":147,"data":"","first_seen":"2024-12-02T08:41:53.640766Z","last_seen":"2026-05-11T12:44:38.708328Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-05-11T14:35:20.290598Z","times_seen":5177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/#/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ced6204993ccd4d4792486f3b3c899b1","sha1":"c16ea5b8c59dcea2b9b03d844467f9db0d358cdc","sha256":"317f80fdd1cb3e7b69648541320cfeb07fd3ea3d1b70d3aab180edce7c3c4ac5","sha512":"dbf99b86ffabe8deeb56f836821b1f3c58fe9b502b89210ec5082f60b4cb4e30f060645fc970bf48f5c3f20073f0e79845925b0dfb4ac89df0319d4c26bdb795","ssdeep":"","tlshash":"b8c08cc4a0c22e509622651410af38e89034402ab08c5b52dc98e94e3f260f49237eac","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-11T12:44:43.700563Z","times_seen":337,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-6cda2b3c.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-6cda2b3c.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-4b71\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19312)","md5":"89957bfb3766cd2118f25e92a82e81a3","sha1":"7370edc81f0aa0b8d49b1c67c498eaf7c6469cb7","sha256":"6cda2b3c03aecd14aedebd8db783ae9f6c10c44e75c052a7e4016e4057d2175f","sha512":"5b5679412b2b4c209e98e0c7cbe98b7e5f16a522a5c4c1c0e591d33e3619b7b718b70fccf59c0bcdcea7ff7d6676efcdbb8f3a9d66472789dd47a9bfd06fe5ea","ssdeep":"192:wMwCI1CY5mUJbiKnehJTJdKSme+jeHu50sikgii01ErPWL8J3p:wMcJkUbehJFdKW+SEMp","tlshash":"ad82e538f7582535683bd96e7ec04adca51c6a02d5a3ce54e2134e66cdfb2f3172c289","first_seen":"2026-05-11T12:44:11.829636Z","last_seen":"2026-05-11T12:44:38.527733Z","times_seen":2,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":376,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/svg/dark/en_lang.svg?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/svg/dark/en_lang.svg?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2563-4f1\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1265,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"74f7caa8f50e160999c253e5d315b2a6","sha1":"2f1696906d341d1c3d407fece60026229bd00b63","sha256":"8026781810f96d6934aa34314431caf173f238c6453c90b019f859a162d2c04f","sha512":"658b9b50e25e13cd05ec17ba49106eee02959db884ff27091af8394fd7db345482087b162d093d1fc34fc866c62cdda6ee13a7e4c2d34570fd31f732a04c3ac5","ssdeep":"","tlshash":"f221fde4470ea79eca43d3ad7728424d675d80cea9831769c59e9c34c1d7864cb03eee","first_seen":"2025-07-25T22:00:15.048714Z","last_seen":"2026-05-11T12:44:38.656254Z","times_seen":3,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img9c9f0c470137435ea4ea2006321f1f9a.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img9c9f0c470137435ea4ea2006321f1f9a.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6486\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CEFFEE2400313264F30A\r\nAccept-Ranges: bytes\r\nETag: \"F95EE7BB3B4B45503DF335AF3D2A510C\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12193447911647208789\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: +V7nuztLRVA98zWvPSpRDA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 86, 8-bit/color RGBA, non-interlaced","md5":"f95ee7bb3b4b45503df335af3d2a510c","sha1":"9ee7560c7986ad0c65c6b6138b02066235a5911b","sha256":"535d65caf8db928057cdad8c3a83dcad0a57ec492235bd28ed05483817ffc267","sha512":"5b8b16df23c36dec5b9b1fd97abe7f9025aa18e8fbcef6f55cf4287e0f6d9000cb6bef8bea46932d3b22dd79fb9a17ca9f4484e73ba346d00db8ea5d663c61ff","ssdeep":"96:1knmWIHyRc/VNGAGOHNSH5SeDyviEdXGcf4YABXIrBJH2+3ALchLhDVaDCQbUvtC:1knzRyHtS12ff0XGBgTLchJVaG0Yc","tlshash":"85d15ba8d954ace02e8ca6c56dcca37f7a57cb8475505146edeec68344704f9fd02e83","first_seen":"2023-12-05T13:25:24Z","last_seen":"2026-05-11T12:44:38.576449Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1953,"timings":{"blocked":835,"dns":17,"connect":273,"send":0,"wait":276,"receive":0,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:52.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:52 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19602,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19586), with no line terminators","md5":"ba0a820dd62ec962f5c5acfe9702fc86","sha1":"7a711bbcdc826584ab9c29cd2124084cf157db0a","sha256":"3ee3eac03021b63e98ec7ad8594d6519485c235f8a2ad14cf36d3ee5376887df","sha512":"8fbeebb5c1ecb51edf8822089a1fff1eae6b6e15b0f50eab3acba7e60dc74200e03c94244aa7c617b5800a9a43e0dfd65ca82d00d811508dc53425495ba6f534","ssdeep":"192:VXr+X6oXeTUX/QWX1OXAfSXjB0Xtd/hX6GX4uS3guFwXMwY8K7eYfe/yCKVnj5fE:BSZGowzV6t","tlshash":"02923292112868b9c57ed1d12fbf7d15509d326fecc58d1ac3ce8e9c8ed4ab0690af02","first_seen":"2026-05-11T12:44:11.835039Z","last_seen":"2026-05-11T12:44:11.835039Z","times_seen":1,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:57.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:57 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19602,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19586), with no line terminators","md5":"fc773f62b6ac08174a608217f2357f27","sha1":"87ad023184161eb4e86665be5de28446966b8f8f","sha256":"e9e6b9cfc8598a764c7c184f78ea87b5debf7e0f37fff3054dc40e8452291fd1","sha512":"66535aae41d92e8f8655033c19ee311c274314db187768ce6692c0177522328703449392457071e0cb42ca69787a32555e40e04fa0d6bf153c54447503d5c00b","ssdeep":"192:VXrBX6oXeTUX/xWX1QXACSXjB0Xtd/hX69X4uSMguFwXBwY+K7dYfe/yCKcnj5f+:aSNDonFs6t","tlshash":"80923292112868b9c57ed1d12fbf7d15509d326fecc58d1ac3ce8e9c8ed4ab1690af02","first_seen":"2026-05-11T12:44:11.836937Z","last_seen":"2026-05-11T12:44:11.836937Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/kline-1a2f5bdc.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/kline-1a2f5bdc.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 81\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-51\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"5b65ddb1b434813c9649c2e471aabe58","sha1":"f2c6001ba1031b87601f1b93d39bc0b7b09e828a","sha256":"8e1c59c7b4ba06be3ab478d22381194137c6b7aa7001481822861135cbb32d5d","sha512":"c1218edda3ee7b81976846f4a6cc062858f5222c4bcebc7927489e40c92089dd10b19798f5e4346691f509c4ff2973f1ff7c7302b61daee272b1bcd7534e569e","ssdeep":"","tlshash":"9fa0110b0a8aa0f00a280cc8a2a88e022a3028b823a28ee8a002820022200c2808ea00","first_seen":"2026-05-11T12:44:11.839155Z","last_seen":"2026-05-11T12:44:38.655023Z","times_seen":2,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":505,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-975fa331.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-975fa331.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-120d\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4621,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4614)","md5":"239b82fa6f2b05b82e4464c4ee3f2468","sha1":"207ca19a52ea0f14715dfaf5125fbb68ecd0ab4b","sha256":"3746ce16b8dc512bdb2eb00441c5eda3c42e64020db5943538a9e043bb5d65d9","sha512":"649b30ca3890b33bb7ed49921ff0d2c6a332da50b3c3e1ad06db3ef5987b1f00abf6d3efdd6361b40d32d3191926af528314a8f68521d7625a44f347f87c52d3","ssdeep":"96:CfshcwfPrblYqTqCw59i8TrDYTIy4CwRLzrb7Itq+l/3hrzK33EInFapCjH:CfshcwfFY+qCwvtgrpwF/ydvhrG3pVH","tlshash":"7c91aa89b803c97da9b3948048e4102125687bf6b11d44f2f3fdbc5e67b5b7ae345721","first_seen":"2026-05-11T12:44:11.840353Z","last_seen":"2026-05-11T12:44:38.604545Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/btc.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/btc.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-2203\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8707,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"23b2d67f4fac198177a6f835a24552b7","sha1":"281fbd3c9ff168a5d452bcbec6140091f348dc07","sha256":"ebc3a7fd60aaed829245b3e010a91bfbd59619f4b302e31151875685cd01cc96","sha512":"b3a6e6230976ac651fcc9998eb63cc74ac249ddc8fbb15820d5c8afdb972473adab96bc682c25c6a1db718d0a3721d4f7342a1cc1f50d8e87f99ea0341c5858e","ssdeep":"192:MslQdqjkkRhqO04euIwS17z2cACY6gYLRwZ7YjJzw4:AsFvqO04ej5z2czgYikv","tlshash":"be02b0bbb56239361ab7bf90934f70986b799ee4e73655eb0d0c1889640737ba4044b0","first_seen":"2023-10-21T04:15:11Z","last_seen":"2026-05-11T12:44:38.536672Z","times_seen":109,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/xrp.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/xrp.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 953\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\netag: \"6977008a-3b9\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit colormap, non-interlaced","md5":"92f9d15be55070c0f267e7b9609211da","sha1":"d25e8395244487e169b16cb9508e434ea1ea61dd","sha256":"0e7d0965ce52308846834de79ad8305ea31542444a1ba54888843fc0214418f4","sha512":"d39d1087b689cf8f8d543a282dfc802e0e996ddbdb0553b7376958b0be63dd8f6230451cc3cd3df7d63748ab2165e8e82433c35d4131a7a2c137445ecfeee95b","ssdeep":"","tlshash":"e91188a14b659e01632bcd7fcb2a0142b20b22efb465d716a88f533d0795d871059f85","first_seen":"2023-05-07T19:16:40Z","last_seen":"2026-05-11T12:45:09.989787Z","times_seen":1473,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/hyal.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/hyal.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-4dd79\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":318841,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3","md5":"106f6a9e124870c555df7b82b506adde","sha1":"b8623212a59478d7455c444c23c2be1caef06610","sha256":"aa76eb48288e23ee41873ae6eea3daad2125e2ca60f8fc327f932dbae662c573","sha512":"e5a0a945f0ee0263b31657342bb19f920be7947250f9e4f2497fabb635c48cee91567e78f5f6e7f8d46a063aa03b21a75177c495b090163e4177502c9de197a9","ssdeep":"6144:fIt9G8Siq0ONBHaq/393EgFAN1SuPqUEdlUEgeW3ZZQgUdyQ3:KGquPHaQ3d3Fm1Su9E/UEgpZhUz3","tlshash":"0464238396d59a818dd320bcf4df17c3900afd0d5949ea376485439bfbfa1c99432aac","first_seen":"2026-05-11T12:44:11.84386Z","last_seen":"2026-05-11T12:44:38.595584Z","times_seen":2,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"LTC\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71360,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"c0890ee4c4c25a49c09302b2e448ab11","sha1":"afbb7e29057400855a93ca35525c15557b5f1939","sha256":"91d56c473f371ddd20e9c5bd4873202eefb6f0f3aa29e5aca4f2e69eb12583fb","sha512":"309447aa0350e54d830a14295f688766903268bfa5a428521e3500a4ab86eddc897c118c0ab69fdcc21e780e913dfd132e0ba0b7ad4ea04011ef519f43263f8a","ssdeep":"384:soefORjIuEduE8A8Kec/YTcOVxiBkKaIs8BmiMxHkTMqebG8wxBPSQE3duv21wRv:EfOR+qcOVxOs8BfAhweXbCN7","tlshash":"ea632b749f9a9029da349d939bd3dce0480733cf07ce6de196ab69401ad5b3fa144f82","first_seen":"2026-05-11T12:44:11.845536Z","last_seen":"2026-05-11T12:44:11.845536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":541,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"db005905216912fce8e57b7385b09a23","sha1":"aa23357ada0a1a0a8a5544f31779ca9c36e28c56","sha256":"4d922b44f5bffc567b4f40039315fe5f2c7ebd994804a678eff3e61d5a29a33f","sha512":"1f6cdf01f22623d116ff958813d215b61deec51a3a5d9f2ea3fcec8fe272b3cca9bdb6e2e308cb37e9cdf8d1c36165139a4392f59a3656ba57fcdd32fc7ed712","ssdeep":"","tlshash":"28f0500f25788d650c1589cb54cd7dc9a55e1647d770cc309a97cf5c41f59f71b07544","first_seen":"2025-07-25T22:00:14.999255Z","last_seen":"2026-05-11T12:44:38.564226Z","times_seen":3,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/charting_library/charting_library.min.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:39.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:39 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2562-2a6b\"\r\nexpires: Tue, 12 May 2026 00:43:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-11T12:45:09.856892Z","times_seen":947,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/platform/dev/config.js?1778503421333","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /platform/dev/config.js?1778503421333 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 166\r\nlast-modified: Tue, 05 May 2026 17:14:10 GMT\r\netag: \"69fa2562-a6\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"e576f20ffc3ddc9fe92ef7c388869315","sha1":"67e798a79a81fe3672c3a6e52fb73f026b49ef12","sha256":"f9a5dbbbadf3e57e4e8d292e18fbb7c6d9b588ada4973cce1baf330cc41a2422","sha512":"9fd5adc74568933197e508158a8a316b30c077704aca8a3678d54fb8044258db1864d7a76b0bc804359cdf0ca9bd4beae54b0b5656654c52a1d911c24131802d","ssdeep":"","tlshash":"84c04ce625759b092d70473a9acc5e31f4424333c85d421fb8bc5c002f7340415a8c71","first_seen":"2024-12-02T08:41:53.512891Z","last_seen":"2026-05-11T12:44:38.649948Z","times_seen":24,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":411,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-ccbf6f25.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-ccbf6f25.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-a01\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2561,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2560)","md5":"451f70af79fa42189dedaf38944a27e2","sha1":"e7ad3c74a90558358da7298a6b5cd98311789877","sha256":"ccbf6f2560fb6d3fd425294f304a72271a7988e847057a24e7962dd1305265ee","sha512":"f3200b745e28b00013364a298a3636005292578a6a98016535af5046bdf5cc510eaa0ca038be43041bcd1cdec6ec49944f6d64547c3be7532ab310e30e375645","ssdeep":"","tlshash":"4e51104cb6d511352d33c5cfae545a88d2007e92e486dee5f8438a560edfae31a2435e","first_seen":"2026-05-11T12:44:11.851148Z","last_seen":"2026-05-11T12:44:38.65432Z","times_seen":2,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":356,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/platform/dev/logo_144.png?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2562-208b\"\r\nexpires: Wed, 10 Jun 2026 12:43:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8331,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 200x200, components 3","md5":"27262b043cc8ff7aef796f5bff6cffda","sha1":"b839acc6ef8bd928d3c64248dfbae343ba5e43c0","sha256":"8d2393d61cbde580bf8bb826020e6d5b072d5a48ba803a93e66ead893ec2abcb","sha512":"9597fa3d180ae2bfda0db9519a697a0d678c8c6c8f0e7aac4dbd5aa1e1c17196ffcf3e25f357256637cc8662d900e8cf67a67fb94cf6feab5d4f992806687167","ssdeep":"96:48viiQLi7s+PRbRtd7QAdqUM6Aw/4BdqQqV+us+yuV2yAi/tiO7bWxfRVm7YVd5y:48Ku7s+ZFtgV6N42D+4yc2yAEV2xK79","tlshash":"71029d185768ba31cc620cff1e53e387d0516a4ede13cfcceb851817d4095b98cb2289","first_seen":"2025-02-18T15:07:56.66803Z","last_seen":"2026-05-11T12:44:38.541857Z","times_seen":5,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/eth.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/eth.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-2674\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9844,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0d24b27d05b7b3011b53d83822985551","sha1":"3ee739624a4b581cb59cc07c38e18192259514c4","sha256":"073a619dd22d64d0db9f60ef8199b7b216a9efba06a4bc40fd319ebbf3611bc0","sha512":"08372cd184e4584d98ef097a68c49865d6977d7b19e32e1b5b62fd280185e469bf5dacf906313ec644f528d14e477d25ce87b26d974e69046d5b2e44fb9a64dd","ssdeep":"192:YiewTUfmBxN7siq+mnwBx1jOHd353+N26xyBqWnyrex41z4lvcouO:YJs1Bx1q+mnajah5u+B1x48couO","tlshash":"7f12af2316599f2d60be4c66305eafe23d6f2e0c44410b72a9100e6716a3bc2ac855cf","first_seen":"2024-01-21T15:57:30Z","last_seen":"2026-05-11T12:44:38.650803Z","times_seen":69,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/trx.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/trx.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-1ea7\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7847,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"029b0580175550cbe067bf8781e69a40","sha1":"46b168adb93aeb70a6a8253b1c8e3c10374592b0","sha256":"bb8241a147d46fd92dc194cd463f3bb615161b5d03cbaa21ea147fc9b17a1401","sha512":"3d7f016df41eaf21bc57aabf74624c9c5d4f0511d08cc62a516c4fbdc97456e510f5d9a8d5e21e04c0efdb8461b06ceeeef65fc4b92a9b6775339283a2e61c94","ssdeep":"192:CS66knlg4JWiUWq9gOfKRziMyDba4kYjhoE4mCiMfSJHcHKMXJaZYAX9sBmHpGu:d6Jnlg4JW3F9gOfKROMoe4pL4mCnfS5p","tlshash":"4ef17d46fe42b858860cdf087aeea32723bb4ac6cb8af141fcdac615bde1038d545185","first_seen":"2023-11-01T19:36:22Z","last_seen":"2026-05-11T12:44:38.659952Z","times_seen":154,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img7e0c52a424de4a37b32fbcdce28079c1.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img7e0c52a424de4a37b32fbcdce28079c1.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6949\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CEFFE61358383822FAEB\r\nAccept-Ranges: bytes\r\nETag: \"E42448179A7E4CFD76149FC4E340C190\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:19 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6711906540530159050\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 5CRIF5p+TP12FJ/E40DBkA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"e42448179a7e4cfd76149fc4e340c190","sha1":"8c9bf373b329b7cbabb770586167fadc13c34fb6","sha256":"aad8f325c9108c1b4b9a5f5fd40bc6ad910e12a81b6014d4586f6f8e8131da19","sha512":"265b4ef947931ddd88d013c03c50a6546989ef54312ed83bff4dffcbf03588ac5a37ec62e2dfd38760fe8c34a911f5b14973249c06f7a1e2d06522e92b4b4e17","ssdeep":"192:MknihKLD6GjZm0AqoXmXXTEHuh3O4nG5rg2c1sQgl:fnihKtjZm0AqoX05h3O2Wg2ADgl","tlshash":"d5e18e0d78d15ca04e635781ffcd90a30b535581fee0b8427ca6ae5bae702b1ca2d9d7","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.626607Z","times_seen":137,"resource_available":false,"data":null}},"time_used":1956,"timings":{"blocked":838,"dns":26,"connect":271,"send":0,"wait":273,"receive":0,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/vendor-72ef657d.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:39.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/vendor-72ef657d.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:39 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-16997\"\r\nexpires: Tue, 12 May 2026 00:43:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92567,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"b40940e3efd47e3e653fe1fbec0ab363","sha1":"3911d44e1bceb07e83746e6bc68de9dbb587b11a","sha256":"72ef657df5906e9f23040a4ceb49985bf894ddcb4324d7d873a0c20b15d3e864","sha512":"f3706c9146b2091fb1a864ab4180d0a1538e801686af21bab4c7231421859a99fba7dd694632faaf1c457fb06711fcb16809e2221fe692c16390e7e98ccbf4d5","ssdeep":"1536:ZTIyNBi3MFYaQj73rx3WqyrtpqoSWEDZEnX73:ZdN0rxmNH9yDWr3","tlshash":"0193c5a5e9c4a1fc6f26f6659b4766d8f13cf661cc01daa0f109512d0fc7bf50223a2a","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-11T12:45:09.835974Z","times_seen":223,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-661048e5.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-661048e5.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-b355b\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":734555,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b262bf5f1df196b41bb8923b3ee02abf","sha1":"147c26b574bf3e55aacf4ff8b77800874f215ec3","sha256":"dca90f0e715c8316dbb9cf29b1cb5760ea424a0867f927308a6b72d2cbe21d47","sha512":"8f6092a2d607ee0c0f71a1c3efe8e6dccd0436b6cb7a6685aff839ac4c6994c65b4da1288d62485892ee710159cb1e1c8e96481a5860239bb20c08189e423c73","ssdeep":"12288:YNPxPLn1H16O2ipZO3aHbHebtrtcr30L0n7e9rQSvUrfTJ3M2z8o:YNPxPT1Hl2mZ9/T7e9sSvuTJ3d8o","tlshash":"07f41a98b254b03543e771a1017f050ba33a690db44b85a8f669e4ee6cbd44e327ff78","first_seen":"2026-05-11T12:44:11.857866Z","last_seen":"2026-05-11T12:44:38.532727Z","times_seen":2,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/type/defi_activity_type","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getAllSetting","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12843,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (12511), with no line terminators","md5":"3f6ec889c915a9fd0447e967d40bc688","sha1":"237d01cac4c18bfb647ec5e5204f9394b5265897","sha256":"d642feffe98217474ec9f5e659e1a981083258ee9318454563d74a76d019fc8c","sha512":"0525e61256a019978a0ba061117974d6a3a07a3358ce8c902d124a694b3d49a46a9de7e984c99f887f7e39cfd971472881f3109952757659b9f83744d85af07b","ssdeep":"192:cUhbTzOSpQ+oQD+RbvcNlUHlVJigbAIoMq8Odt2seznMNiTimFNZuz5c7gludjCo:q1u2vMg2mncYTh","tlshash":"3d42532a31d8ccbc92e61dcdd0bb3a5eb8dc34abe6409c5594e6af4c9859db7440b04e","first_seen":"2026-05-11T12:44:11.860186Z","last_seen":"2026-05-11T12:44:38.647662Z","times_seen":2,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-10f31a6f.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-10f31a6f.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 317\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-13d\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":317,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (316)","md5":"3e0052b33a8b92a80ab1d4d9652492d6","sha1":"74e0b3489f4a6ac99f4c3e7ba723ed135d9bfb62","sha256":"2ff14f90892923dbe764d30f61afcbd871ab9baf68ea5fdae65b0a5dc082651e","sha512":"3254bbe9a04eb368422115e1de65bb1d586e224ae1d1afe260d55600d224c101ba751f869d1f9b0e53f53da321f92310eb209af46f433fae29a331cf89d11970","ssdeep":"","tlshash":"cde0ec8b2a018bf3e5720ee8fa625d44f56637798fea65e4482adc16510c880627918a","first_seen":"2026-05-11T12:44:11.86245Z","last_seen":"2026-05-11T12:44:38.574536Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/currencyItem-7c86e19b.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/currencyItem-7c86e19b.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-619\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1561,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1560)","md5":"05c8165e8c6f79b164efebf341f82852","sha1":"826e5effd1f2d2104d71e4e224662340b7a0f4e1","sha256":"7cb7823574765a5bb5f62cb507ba04b2268389ef0bf708c39ad3185c08274f18","sha512":"8e9c64e4c9f6d84798dffe5e767dcd21e0e094bc148aca0501c3d7d7907091fc2c2c6a44acfe91372032f3240562d9ab302805031ffcbdf6844e166b4a9ddd25","ssdeep":"","tlshash":"c331c9999902c7b6d7be9452c0b90034175d7fc620008592eaef18693b9a9bce338a72","first_seen":"2026-05-11T12:44:11.863633Z","last_seen":"2026-05-11T12:44:38.559432Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-bg-7db6d768.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-bg-7db6d768.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmeproexchage.com/assets/index-6cda2b3c.css\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-2dabb\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":187067,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 750 x 531, 8-bit/color RGBA, non-interlaced","md5":"cb97c37693d681a4dc8fb53d83fd0c3f","sha1":"7c7e02a326ef78773ae70ca06e428a4c1e9268da","sha256":"7db6d76800b4482bbef3ece1d2db75ea235bb799edff049635046fdfb8617ac9","sha512":"0477d0a3cdbc30bbd59bab9453ba89bcb8d9acf495f8175c35df26fd46fa3a2712bc126d481f24bd7d5f718e16126867ecd155370a02825924c59c7572db297d","ssdeep":"3072:N55TxTi4zf+oLjtpDCZ31sZ+iskI8ao668LQ0oxPL11xYWnhIipCtyuJm3ecG3q:BFe4v/tpDWsZ3aD68LtWhHCyuJmGa","tlshash":"b8042200a41aec6ead7d78b3d25501e2835624ae27f5f076c23638cddae6e01156cfe9","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.603701Z","times_seen":117,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"XRP\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76087,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3d37e16da92a4f8163c6add02a6de0e4","sha1":"e45a48801a4bd217f887f25988191ff58c325db2","sha256":"1400968253e10e6b6a74e1780402d8253af5b5b440e3a0c2a48de5fdf0dd6443","sha512":"0b8e9026da506959e012f6baa7cff0979493dba3f4815d25d62c6eb9bdf0aa99fdbe89d72d7cbd5a4b3628d5e3b5e60324d31108aa484139f562a9eaad238679","ssdeep":"1536:5L7V3hSvsV1u/S2pPIhEkpgzYq5BDtK9US3JA+VWwT+x8PwUROwSzaXliKE711Ds:5HksV18SEPI9pgzYqZKBJcwTUaFRsGd","tlshash":"6e7351775ac9c489df378cc29fc39ee03c2231d6aadd3c0255999d046ad4ae8f1153ba","first_seen":"2026-05-11T12:44:11.865533Z","last_seen":"2026-05-11T12:44:11.865533Z","times_seen":1,"resource_available":false,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.cmeproexchage.com/ws/e03a9b77-b59e-448e-af7d-eb955c95a620","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"GET /ws/e03a9b77-b59e-448e-af7d-eb955c95a620 HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://cmeproexchage.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: frBmK6vmjaTtRKD+nEamEw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Mon, 11 May 2026 12:43:42 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://cmeproexchage.com\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: WoA3CCbHGk0KcMcmZuhXC0SsSjA=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nSet-Cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":2633,"timings":{"blocked":-1,"dns":870,"connect":1161,"send":0,"wait":294,"receive":6,"ssl":1176},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-d253bac1.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-d253bac1.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 61\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-3d\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c88360cef8df86c995e562333879873a","sha1":"8674b487cf92f20149c0ef681b42a599469813bf","sha256":"d253bac175b5b52734c192e96d18c8b26b0c92b881584f63b7de91bff96c6149","sha512":"eeeb5ec01fe8c7d483182fc60a2b54ee1d02994718fd9b23a6182f49ead49d889889f21592b2955bcac8cc859023204782db3210d3a0c706a3e4677564db3636","ssdeep":"","tlshash":"f6a0026d11156404b2225341ff5ff95dce686917da91820453421c9135cbe8f25d821b","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-05-11T12:44:38.670017Z","times_seen":305,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/en-039dbbbe.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/en-039dbbbe.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-9f44\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40772,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (40749)","md5":"3fc85954d1688a7198a5050ed853fb23","sha1":"526d06783eaae3624c362c13145da674e1c4e754","sha256":"60dbb9db5968a91d8f6130143894c381854a5afb0ee9239be0564f205e8f21ee","sha512":"8b3f81789a214037c14f5e080ba7e84489f276f7183ddf0871cefc8ff51533be92609d959e922877bf0d326fbf331f24c4c6f294954bcd6e6ffbd952503c5992","ssdeep":"768:u8tZcEw/o7r8aAFsicnAMC2rAaAMFiQP6+6seG9i1mwO6fpk7aO8xO:kpon8aeQE2rdFiDseWiq8xO","tlshash":"9f03c5897e1a889a05f3537674ce6e1120f60ac18265881f4fedc9fd93d2b67a363734","first_seen":"2026-05-11T12:44:11.870225Z","last_seen":"2026-05-11T12:44:38.540029Z","times_seen":2,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/bnb.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/bnb.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-3245\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-05-11T12:44:38.653809Z","times_seen":657,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/doge.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/doge.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 862\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\netag: \"6977008a-35e\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":862,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"83cd3c399fa44569b075fbccedb03246","sha1":"dcc0acde908c0453d561465ed8a5d2d2b6c42f8a","sha256":"0694700012cf8fe9a3347c7b54f6a2a5a40ac982f686632383e6cf2f1bca7235","sha512":"7b0b424aa5345e53c044003a463f1554d38bc5ccb091815542c63a8438da54c9c6b5b57e4a1ee375778b2faeb2e1b98b530e505f20c11afbbdde28e05b71316a","ssdeep":"","tlshash":"101196357b43ec5c5c841951c84a40a0d1da476c654880cace69bc3ec54fc9144a0545","first_seen":"2026-05-11T12:44:11.871727Z","last_seen":"2026-05-11T12:44:38.658673Z","times_seen":2,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img468e74b0253443aba280ed3ff9d4aa58.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img468e74b0253443aba280ed3ff9d4aa58.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2188\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CF00C390C33434094486\r\nAccept-Ranges: bytes\r\nETag: \"0C71B0C7E8E6BF8BC8FF705CEB91FD75\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:31 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16505526984728285850\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: DHGwx+jmv4vI/3Bc65H9dQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced","md5":"0c71b0c7e8e6bf8bc8ff705ceb91fd75","sha1":"bc10e3faaa2f4b8418f389a656365c964af85ea0","sha256":"7c3772a963211db666f795feb1aa3d5b577041a6d66cc83bea331a97f569a43a","sha512":"676a7d8757f4aaaf6b8cc1b42e65e35af7f9f90e49de9207e3a75adf5909b6e0135e99000e6af671774aa8855d6d2a008eef202ef76ffef625e5a26f0a9b5b88","ssdeep":"","tlshash":"b841e94cf9002c242346ed466ada929b591b0b81dac0fe967ccec88795350f5ce8dfda","first_seen":"2026-05-11T12:44:11.872621Z","last_seen":"2026-05-11T12:44:38.636837Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2050,"timings":{"blocked":876,"dns":25,"connect":286,"send":0,"wait":287,"receive":0,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/imga3bf508253d9446aaecf227abe716e5e.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /imga3bf508253d9446aaecf227abe716e5e.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6486\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CF00E61358383885FAEB\r\nAccept-Ranges: bytes\r\nETag: \"F95EE7BB3B4B45503DF335AF3D2A510C\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:49 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12193447911647208789\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: +V7nuztLRVA98zWvPSpRDA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6486,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 86, 8-bit/color RGBA, non-interlaced","md5":"f95ee7bb3b4b45503df335af3d2a510c","sha1":"9ee7560c7986ad0c65c6b6138b02066235a5911b","sha256":"535d65caf8db928057cdad8c3a83dcad0a57ec492235bd28ed05483817ffc267","sha512":"5b8b16df23c36dec5b9b1fd97abe7f9025aa18e8fbcef6f55cf4287e0f6d9000cb6bef8bea46932d3b22dd79fb9a17ca9f4484e73ba346d00db8ea5d663c61ff","ssdeep":"96:1knmWIHyRc/VNGAGOHNSH5SeDyviEdXGcf4YABXIrBJH2+3ALchLhDVaDCQbUvtC:1knzRyHtS12ff0XGBgTLchJVaG0Yc","tlshash":"85d15ba8d954ace02e8ca6c56dcca37f7a57cb8475505146edeec68344704f9fd02e83","first_seen":"2023-12-05T13:25:24Z","last_seen":"2026-05-11T12:44:38.576449Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1401,"timings":{"blocked":1104,"dns":0,"connect":0,"send":0,"wait":284,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img9a7c4e205bb742c8bbce433ef27e3263.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img9a7c4e205bb742c8bbce433ef27e3263.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6597\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CEFFACF6C53231784BBA\r\nAccept-Ranges: bytes\r\nETag: \"F65BBF6247B64AB0AA4D192730F5BC62\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:59 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8786305277697004838\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 9lu/Yke2SrCqTRknMPW8Yg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6597,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 87, 8-bit/color RGBA, non-interlaced","md5":"f65bbf6247b64ab0aa4d192730f5bc62","sha1":"58f64d34c30d0efbe91b2ecfd6cd1d1eedefb592","sha256":"11812f741ae3c78eb8840fb986f6b2b65c8f580d2db6be4d58d40d0567b12e1e","sha512":"f3ec7c165a0845bb40fb39f3d3acf66a3aa1e8258f6f892f76e71db09783dd04bf60db6905d6a6042c32e6e133f3013a70442fd114fbfcadb9c8ffa0ff9c274b","ssdeep":"96:xknmWIHh/TsyNGjmGg37HuH5/M1WVSX2RzBFe5qVqS+nISx/e1MCx5hyncMGyC+/:xkn27O5M1BGR9Fv1a//C9yncFyC+xwi","tlshash":"32d17e01ff6d0db84a9f59a046d9e16a1b310bd48fc134967ccdc5230e216f9ce1d5d6","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.607105Z","times_seen":62,"resource_available":false,"data":null}},"time_used":1964,"timings":{"blocked":840,"dns":14,"connect":278,"send":0,"wait":278,"receive":0,"ssl":551},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-11T12:43:38.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:39 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 10 May 2026 16:25:19 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a00b16f-1511\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5393,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094)","md5":"c4433885524acb8b8874a6feb7939a32","sha1":"b473b84747f666ca5a7997fe274987dc96f8eb6b","sha256":"604876873492f1aa2319fd46b2ce419975e689c75da68fc123301cdb1966a1bc","sha512":"f3a53cbef7e364ba2ca6e99f6156a2eaed390b9abceba2cc62c18b4dc70c5f6996d4aee8c14e2ea696d273b849b0e0c0d83f8130ea0dbce47d800a567f59f4e6","ssdeep":"96:Tr82TW5AAuc67Dv9hHft/L8r6TCZydHRH/g42mUsGKAiowGpuB1niHuiHpOH/w:TFS167DvHuZCxf92nfD3bpuB1niOi8fw","tlshash":"36b161b39cb1d82b2392052bebd7f0185e61219385194868b4dd80ed8fe5fe584dbbb4","first_seen":"2026-05-11T12:44:11.874112Z","last_seen":"2026-05-11T12:44:38.556088Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1625,"timings":{"blocked":665,"dns":67,"connect":294,"send":0,"wait":295,"receive":0,"ssl":300},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/vendor-df62c849.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:40.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/vendor-df62c849.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-d6217\"\r\nexpires: Tue, 12 May 2026 00:43:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":877079,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"60163d033467041dd64e3d9920be6be2","sha1":"bbf2c2be0b2e2e954cef823095e0dd95d9a7406a","sha256":"6a7d683ac9f254dc5538af1034c0f745b7243c6dac7f83e62067f4b71f1ec2de","sha512":"ff9177517d32b46fc722bd5ddd5111759226742809ed24b4270bb74191b9d7b9a018cbe3bb7c9f1c44676a177ec6c559609ee49570da38b9a7dbab0cc01802a3","ssdeep":"24576:NckRssFLy5ziEf6DKYZSJsMHnWHEDOsa2s:NckRssFLy5ziEfWKYZ7MHnWHw1s","tlshash":"d21529c97282f06147ab20e250bb1006f3396e59744e84a4f16d98db7d7ad89d2b7f3c","first_seen":"2025-07-25T22:00:14.991714Z","last_seen":"2026-05-11T12:44:38.571498Z","times_seen":3,"resource_available":true,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-25b4f3fa.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-25b4f3fa.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 776\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-308\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"ca53b42609183cae8723b9b82b082c2c","sha1":"32a58cf753c03ce1d3be1895ccd91b245c5d3ee9","sha256":"815ee648a9169e1153fa064a87df493fa20d8d153ca9ca811a572342c6ee7b96","sha512":"904d839538830eacdade29ea02db47cc38a646f3075761e14b8c58e266b7d3cbe7c7a81de748d9a281237cc9d3d9f698fab067cc0d49f4d49368f73657632494","ssdeep":"","tlshash":"0a01fdf8fd0c8ebb0fa20a4041d02600140a1fddfa1419e198867d661be5940d7ce32d","first_seen":"2025-07-25T22:00:15.119474Z","last_seen":"2026-05-11T12:44:38.530704Z","times_seen":3,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/currencyItem-7c86e19b.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/currencyItem-7c86e19b.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-619\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1561,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1560)","md5":"05c8165e8c6f79b164efebf341f82852","sha1":"826e5effd1f2d2104d71e4e224662340b7a0f4e1","sha256":"7cb7823574765a5bb5f62cb507ba04b2268389ef0bf708c39ad3185c08274f18","sha512":"8e9c64e4c9f6d84798dffe5e767dcd21e0e094bc148aca0501c3d7d7907091fc2c2c6a44acfe91372032f3240562d9ab302805031ffcbdf6844e166b4a9ddd25","ssdeep":"","tlshash":"c331c9999902c7b6d7be9452c0b90034175d7fc620008592eaef18693b9a9bce338a72","first_seen":"2026-05-11T12:44:11.863633Z","last_seen":"2026-05-11T12:44:38.559432Z","times_seen":2,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19602,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19586), with no line terminators","md5":"6102cfe483e22933594521cdf4679439","sha1":"1661867f545258236442c4ccdab8fd53193f30d2","sha256":"cc052d1cc4311fe7cc2ffb541b91174e4ba86378b2017c4bacad97226ff617f0","sha512":"306349433ba0f77167e3f03af7e810ee0ca1ae4392bba8c62efea9e4aff3f89baa38b1c8f760f1e36a3eb027db0f366e4701878c74eadda6e6b9ebffbca8de07","ssdeep":"192:VXrYX6wXeTUX/uWX1qXA2SXjB0Xtd/hX66X4uS5gudwX2wYoK7dYfe/yCK5nj5fj:HfuaoaEv6t","tlshash":"df9232521128a8b9c57ed1d12fbf7d15509d326fecc58d1ac3de8e9c8ed4ab0690af02","first_seen":"2026-05-11T12:44:11.877787Z","last_seen":"2026-05-11T12:44:11.877787Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/kline-1a2f5bdc.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/kline-1a2f5bdc.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 81\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-51\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"5b65ddb1b434813c9649c2e471aabe58","sha1":"f2c6001ba1031b87601f1b93d39bc0b7b09e828a","sha256":"8e1c59c7b4ba06be3ab478d22381194137c6b7aa7001481822861135cbb32d5d","sha512":"c1218edda3ee7b81976846f4a6cc062858f5222c4bcebc7927489e40c92089dd10b19798f5e4346691f509c4ff2973f1ff7c7302b61daee272b1bcd7534e569e","ssdeep":"","tlshash":"9fa0110b0a8aa0f00a280cc8a2a88e022a3028b823a28ee8a002820022200c2808ea00","first_seen":"2026-05-11T12:44:11.839155Z","last_seen":"2026-05-11T12:44:38.655023Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-3-626c8f05.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-3-626c8f05.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-b32\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2866,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 73 x 68, 8-bit/color RGBA, non-interlaced","md5":"4995ca21a0ade71688096c4fa4a63950","sha1":"9d19ed16847bbfcbe9072c9c1976e50e563f6250","sha256":"626c8f05fbac681a11b10bb17af81a041010c906bbb6dfefe995a040e67d63a5","sha512":"0359bdc6189af8993a908b48a12488833517af660514bd30984b9d5381e388ce1e68d3957badc5534d1977a61adb54814be72158fffc48a641fb850bb47715ff","ssdeep":"","tlshash":"4b513b3eb7ea845ebb48cc31224a93c9fce01e552e06b50e2117ae133751916d0b6503","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.637995Z","times_seen":54,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/zfxy.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/zfxy.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-56b\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1387,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"aef8727bea8367cd9fd252c025b45887","sha1":"c2ab9d909455bff35181dfd92bcc7baba930867f","sha256":"ce5a07d36768bcb5524044a9e92a606ae6effe1cb0913dfa418703461db62fe3","sha512":"5f97e368e23aa5e501e57917aea9426704ac3c4068b34d803f44944663bab45131170fec2872fb868a5faceb6856ce4d9f8870053aba7e8d08455989a731984d","ssdeep":"","tlshash":"5321085f5b644577dda94dbede05a54b29e30d208d978bc2c404ec1534598a643608ad","first_seen":"2023-05-06T05:54:57Z","last_seen":"2026-05-11T12:44:38.636263Z","times_seen":14376,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-bc011be9.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: text/css\r\ncontent-length: 397\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-18d\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-11T12:44:38.649312Z","times_seen":667,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":360,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/svg/dark/user_info.svg?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/svg/dark/user_info.svg?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2563-c3d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3133,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bb121ffcc2de7d1de1f8002b2bbbb5c8","sha1":"2949d25c7284205911f81ffc927f42ea02455751","sha256":"0633f31a63d40de43d227dfd2d240a825a59d34c79dca45670240bd12089134b","sha512":"75368bea0dd28b403f613060bbf214cae3db679ca49e0813c0b4ebea1f32f13f1c2492d5f4a676426f3ff3822343aa1e36d17c1759603ca051d97aeed35616b4","ssdeep":"","tlshash":"67513bdab720d55d9485fa8bde2b092e3707e06b6fd73a889056cc0db8d3b714501e6c","first_seen":"2025-07-25T22:00:15.175441Z","last_seen":"2026-05-11T12:44:38.671061Z","times_seen":3,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-9-964df417.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-9-964df417.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-1016\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced","md5":"96c006351f3bb1ed5a7236df6973d412","sha1":"21e63fd42a6940bbdf4caa8c84080df20716e4dd","sha256":"964df4170b2a82ff0a89d2f8cbd51da5c5ec91058609cf4b067413e182a90ee7","sha512":"fbff1d8e41b9d90a5de270acc44574c0f71acebd75991fc227c10082f4aec543e9c6206d36f9083f0f07405d287685e0448b0e378a37c3601f9dd7c5fca9e3f2","ssdeep":"96:PSTknmWIrD/+NGdGDHCnH5o+U3PfNdIhD1xHQbJDY0bIIzFiEtNg:PSTkn5HinO+UffuDHQBY0bfzUMg","tlshash":"5a815ecee4722e0b4ad9e3865ad562b7a7128b419f949402fccc8c473820479cdcd6e3","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.648641Z","times_seen":86,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-6-115a31c7.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-6-115a31c7.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-1c9e\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 85 x 91, 8-bit/color RGBA, non-interlaced","md5":"51931449f7f1add2f1b23c1d3fb0c50d","sha1":"2472606e33ee28b6d1b24adaa15c2cc2e3f2e3a5","sha256":"115a31c73bb313b73626ce78e057499e508d55d8208315a1590c473dd47030a4","sha512":"2ee2fa2fdd8c200b57884f31fc1ef92115683646bec270d2736fde25ab5f1e5c952a66018efde827acffe759ae84198ccb39fb52a6b85047eecbd0947a7d30e2","ssdeep":"192:MknvFTRsSsJfpk4hEfHtdgcV73LJ6vRrhPnD:fnvFTRsSsBpfEfDlJe7nD","tlshash":"dee18e01ec61bc50a6258a85a4edd14b8f17d3d0ad9858ebbde5d55280d34f8576ccc3","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.594475Z","times_seen":113,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-kefu-5aea45e9.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-kefu-5aea45e9.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-592\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1426,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 41, 8-bit/color RGBA, non-interlaced","md5":"4680a234754b2c0f6d9eaa22acebe5fb","sha1":"0a53ea350b4c48b6e0824f3093f653b5dac76b3f","sha256":"5aea45e956feaa3442b14b1edf550ecc2f825179428c3d55d031803a0d9077a4","sha512":"2cb9b22e32fe8d3d4bf9380d77a8ab8c489a280df1867b2d88dd90b2c6d64a5579d61f41a8d0c3bf6364091a2afa3f550ba333a8579fd3722365c7e66f10a027","ssdeep":"","tlshash":"a021e992120fcb4eab2b83b055199a35ad700500ac8472b4cf4454290dc586b86f054f","first_seen":"2023-06-06T10:11:01Z","last_seen":"2026-05-11T12:44:38.655687Z","times_seen":15,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img17a0c55fa6b94d35a1eb7c6c592f71e3.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img17a0c55fa6b94d35a1eb7c6c592f71e3.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6949\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CEFFCE63A836363DBF28\r\nAccept-Ranges: bytes\r\nETag: \"E42448179A7E4CFD76149FC4E340C190\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:13 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6711906540530159050\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 5CRIF5p+TP12FJ/E40DBkA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"e42448179a7e4cfd76149fc4e340c190","sha1":"8c9bf373b329b7cbabb770586167fadc13c34fb6","sha256":"aad8f325c9108c1b4b9a5f5fd40bc6ad910e12a81b6014d4586f6f8e8131da19","sha512":"265b4ef947931ddd88d013c03c50a6546989ef54312ed83bff4dffcbf03588ac5a37ec62e2dfd38760fe8c34a911f5b14973249c06f7a1e2d06522e92b4b4e17","ssdeep":"192:MknihKLD6GjZm0AqoXmXXTEHuh3O4nG5rg2c1sQgl:fnihKtjZm0AqoX05h3O2Wg2ADgl","tlshash":"d5e18e0d78d15ca04e635781ffcd90a30b535581fee0b8427ca6ae5bae702b1ca2d9d7","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.626607Z","times_seen":137,"resource_available":false,"data":null}},"time_used":2006,"timings":{"blocked":859,"dns":21,"connect":279,"send":0,"wait":282,"receive":0,"ssl":560},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-eac82dd4.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:39.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-eac82dd4.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:39 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-4a4dc\"\r\nexpires: Tue, 12 May 2026 00:43:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":304348,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"0e1eb92bbf30992d844fa34d2d49cbba","sha1":"d4042100257d701ed9d313d66ac85f30f406f05c","sha256":"eac82dd44e104e3ad44cee3502f38a44ad89abefac27765bde51be49849eee40","sha512":"d2c391833842a14c85081ae75242bd1f04ee988036c07fc43ad93999d8798393ccb355949a1eeea3483498b22c3a13a28afe1a44a7939522b9420ebc5ed0bcd0","ssdeep":"6144:nZB/9S/Jk4UkZ8w71ZACkFDS3vyf58rBeV05T9:ZB/54NZ8w71ZACkFDS3vyf58rBeV05T9","tlshash":"2854d6a9a590117c6f27aa7597ce5ad8f23ce6719c118de8f20160094fc3ff92363617","first_seen":"2026-05-11T12:44:11.886985Z","last_seen":"2026-05-11T12:44:38.592689Z","times_seen":2,"resource_available":false,"data":null}},"time_used":885,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":885,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-icon-6-059f4c1b.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-icon-6-059f4c1b.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-aba\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2746,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 81 x 59, 8-bit/color RGBA, non-interlaced","md5":"425470dd8a1e29c0f15eff66021ddb09","sha1":"6b6d04f134dbe6802d250058a232e7411b306916","sha256":"059f4c1b20b74cef836207419e99301aeedc4784a90aca388a0ee21ab5bc2a87","sha512":"31faab5ead30a5b61f9767379916f61b28ff3ad796840ec1f58894b1cad851e1121ab1b8474342b48c7ce8bfcb04fba47f84e892a4ef92709ab6252755fbcb0f","ssdeep":"","tlshash":"d2512aae32e6eb0ef2994103e4bf3143d2a34a441125ba8c84e43cee07842b3a995131","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.625896Z","times_seen":86,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"BNB\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75017,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"49ea2ba2da0d05075926658ecd2b6b4e","sha1":"43f360c7c6f1c0b37284ca8b830e81f44331d9ff","sha256":"894c0543433be102cf0ca43bccb999adb48bf165289221be3bad35ccd344b7df","sha512":"2200dc73a70fba23baae91866e28b2659663ddcf7923403dee6d1db20939723aed1d4617bfde5df15379d8100f0f795a56a1e852db0716c66d5fc9bfae94405f","ssdeep":"1536:2e8bvfhLKyUJP+QbYcUkiCpYOrd4QedBqRlX0UgzjWIHQS9RIW:23asQbYcUkiCp3aaLIHRIW","tlshash":"fb7391b1baccc0daea38ced28bc7ddfc041673cb07dda8c695ae95015960eb5d115b82","first_seen":"2026-05-11T12:44:11.889601Z","last_seen":"2026-05-11T12:44:11.889601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":822,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":822,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:52.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:52 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:57.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:57 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-8ccebcce.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:39.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-8ccebcce.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:39 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-187fc\"\r\nexpires: Tue, 12 May 2026 00:43:39 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100348,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"5baad7cca7c819718acbbf024715108d","sha1":"9a0ec88f054fc4df83d161ed7b49fa107bb4fa5f","sha256":"3ea68fb35c174f4799f921c428634ed25bf0cef76777751a0d58c970b2d5a444","sha512":"ed0b88d63e06660817b87423d9433fdc276647ae21e94bf93608c9e84fac8db60d14712abec67de6b92bc14a9068e243a72a8a2626d3c76b70a665337eab2365","ssdeep":"768:Y96UmPgXNQTEVsHqeHTg2HZIDCx5q52I672+EbpmCX6yG6C8WVnR2Gk5JqiGnvNk:1gWMsYjCxs6KNpmo6isNTXwu+oZDNm","tlshash":"26a33b89a50b1fbf6dbd0844a98a451031690fc39c8dcc93b3ba6e5627fecd96349718","first_seen":"2026-05-11T12:44:11.891097Z","last_seen":"2026-05-11T12:44:38.579207Z","times_seen":2,"resource_available":true,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":1389,"timings":{"blocked":557,"dns":7,"connect":273,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-25b4f3fa.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-25b4f3fa.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 776\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-308\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"ca53b42609183cae8723b9b82b082c2c","sha1":"32a58cf753c03ce1d3be1895ccd91b245c5d3ee9","sha256":"815ee648a9169e1153fa064a87df493fa20d8d153ca9ca811a572342c6ee7b96","sha512":"904d839538830eacdade29ea02db47cc38a646f3075761e14b8c58e266b7d3cbe7c7a81de748d9a281237cc9d3d9f698fab067cc0d49f4d49368f73657632494","ssdeep":"","tlshash":"0a01fdf8fd0c8ebb0fa20a4041d02600140a1fddfa1419e198867d661be5940d7ce32d","first_seen":"2025-07-25T22:00:15.119474Z","last_seen":"2026-05-11T12:44:38.530704Z","times_seen":3,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 70\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":70,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"DOGE\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80921,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"90926a9100b756442ae0deec30ca8e6b","sha1":"c8e833139ad9a17bee1e1573b6c13a427ef462f5","sha256":"ea01dc164bc5ede4999a3047b07cf959516b34b88b3f84edc55bf3c2c190603d","sha512":"db4dcdf97939eb5f19e3e551a6f9547a7e6e15bf09df0bf53b571c9bb32c206a44a58d4fcb81a3218111554a64818a31533c6cdc14ef0feb6521a2c6556b406e","ssdeep":"768:lXCo6xEkSq+oFoYUnf7o2gRcUeTPACXpLs/rZUjg+JMD1f7aVlDx2K6tszZGOE4j:gW3rP2ubf39","tlshash":"4d8387748af88278c6307c99afb3aef40502f9c35add5cc294993f48db54ed09d857a2","first_seen":"2026-05-11T12:44:11.892622Z","last_seen":"2026-05-11T12:44:11.892622Z","times_seen":1,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/filters-0dec89be.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/filters-0dec89be.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-c1e\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"d9940fd61963d09f4ce8cc4d1e77e83b","sha1":"bf2be87a4b738dd3f16c1c367c4b5a76314da6e0","sha256":"6d5f014af3a4d296938f9bab0aa55e71dfff954856f237421f398889c40706fb","sha512":"20591afcbfbb89183f63eee34b4f421a6c6ab12b511f12cf3bf8212fb3142d21216894e23cb94b983ec69f2ac51f333ec01fb1a78369fb359e7a7e629e76a031","ssdeep":"","tlshash":"4d5135fdfcd7613356e96df940288010728ebe20686e0a4df54bd0455a73888e07f764","first_seen":"2026-05-11T12:44:11.893698Z","last_seen":"2026-05-11T12:44:38.56169Z","times_seen":2,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/platform/dev/favicon.ico?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 36282\r\nlast-modified: Tue, 05 May 2026 17:14:10 GMT\r\netag: \"69fa2562-8dba\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36282,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, -56x-58 with PNG image data, 200 x 198, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"8a9fecda7e1f3060e383802f2ede1874","sha1":"2b31be3827820e1b525df29bcdf97a21229d04a7","sha256":"03fef24fbffbf255c3943011968f29f63aecfaeec24ee3571b1f2742bb4d4731","sha512":"0674fafb5f11f21969a02bbd3472b0f855799957940d41a3cbb2999e091a1f67c468b8c8116c9b124699da05985c7ed7e30e259a999e84ddd4286d40874d67bd","ssdeep":"768:OzCcRMUH6GZnshJkRMQiYSjjd0GqVhFhIoAI0DOCToW1Mu:OWcR7jZnsvOFSVqVfXAI0pToWn","tlshash":"cff2f117c7f23502ddeeace4582e8c5da6d0a5b097aa35e10319b11fceaf72dd251903","first_seen":"2026-05-11T12:44:11.894642Z","last_seen":"2026-05-11T12:44:38.634029Z","times_seen":2,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-2-b53157f8.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-2-b53157f8.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-17be\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6078,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"8edb61a43ebbac5b1c00c183530722fe","sha1":"602712cb46dbce14c871f2ca1ebd29acf6136368","sha256":"b53157f804ec5e41faf0213dfcf9f05a00d55ec3390266848735d3e62275829c","sha512":"2edb5e4f1ac0068c4225b411d622a9c06162cfa2db87e6658df5b4cb14bc4670a6f64537d25471c27295a05549b89f9c3d5d688738591fd26989506019e6fb78","ssdeep":"96:MknmWIHF/KENGWGMHOzH5ogs4rpHggsBRC70n4wj7isQwtJDvv1Wm1VKUi8s528l:MknEj4+X2bsBsANjmsTDVnbfM5Gy3","tlshash":"cfc15c56d8b059751215e6592add30227f3603c08751ea84ecfedc7ab6600bd9dbcdc3","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.657342Z","times_seen":140,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img89b6a3147cc041708c614b2438508996.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img89b6a3147cc041708c614b2438508996.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3842\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CEFFEE2400303863F30A\r\nAccept-Ranges: bytes\r\nETag: \"AF1E80BFF113A7687E542D4FCA416239\"\r\nLast-Modified: Sun, 31 Aug 2025 23:17:28 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16517549061671859254\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: rx6Av/ETp2h+VC1PykFiOQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3842,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced","md5":"af1e80bff113a7687e542d4fca416239","sha1":"83ce6e6d1881f6fa0d2a64873cde529d2fc14055","sha256":"dc41ff7881c27712a7a16d402346b6af5d3de0eda8b78b07a5a537df095393a0","sha512":"cce7ce1bf1894630112a56ba27699ea9a63c436e552cd4b5f052b7d8f40370a6833a37a4ac2ac34e776cf941d3337c831929b7c41be9fa436a1329e2858b57e2","ssdeep":"","tlshash":"29814c89f1c2a81121469c84eae6d1b72b3757e086e0e4a5dcdbc42bd8745fcc8de9d3","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.605695Z","times_seen":116,"resource_available":false,"data":null}},"time_used":1955,"timings":{"blocked":835,"dns":20,"connect":273,"send":0,"wait":277,"receive":0,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getAllSetting","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getAllSetting","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12843,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (12511), with no line terminators","md5":"3f6ec889c915a9fd0447e967d40bc688","sha1":"237d01cac4c18bfb647ec5e5204f9394b5265897","sha256":"d642feffe98217474ec9f5e659e1a981083258ee9318454563d74a76d019fc8c","sha512":"0525e61256a019978a0ba061117974d6a3a07a3358ce8c902d124a694b3d49a46a9de7e984c99f887f7e39cfd971472881f3109952757659b9f83744d85af07b","ssdeep":"192:cUhbTzOSpQ+oQD+RbvcNlUHlVJigbAIoMq8Odt2seznMNiTimFNZuz5c7gludjCo:q1u2vMg2mncYTh","tlshash":"3d42532a31d8ccbc92e61dcdd0bb3a5eb8dc34abe6409c5594e6af4c9859db7440b04e","first_seen":"2026-05-11T12:44:11.860186Z","last_seen":"2026-05-11T12:44:38.647662Z","times_seen":2,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":780,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/currencyItem-2a05b159.css","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/currencyItem-2a05b159.css HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-75e\"\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1885)","md5":"cc35a5d1dbf801d3ea934ced67a1938f","sha1":"bb9fe35011e3f891c4417717ea8f130f8c5ff531","sha256":"2a05b15921b092a9a9e38cdabcce62da1394da6514f0d69416666efd61f8c98f","sha512":"a8b60cbf8376cf59ee2ca4506c0f6348917f05e8776037f2a620c609ab8eae61f1bae11ba4ede6f1b2c4a61b136383bd800bb6fc78453c9f1139d46ece632fcc","ssdeep":"","tlshash":"4041ae5863150374e93bd486aee80109e0693f829047b1d9fd8f9b371ddf6a31f7096a","first_seen":"2025-06-29T00:01:14.328894Z","last_seen":"2026-05-11T12:44:38.623432Z","times_seen":5,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-7-4097ec68.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-7-4097ec68.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-d64\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3428,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 53 x 39, 8-bit/color RGBA, non-interlaced","md5":"d0e9970aca49bfde65abbd3e81671fca","sha1":"4bee6dc635b3cf3a955eeb3faf18bfb5e6e8c433","sha256":"4097ec686d16d31a973257eb5b391498e4da602d35dfc1a9869c385bc02aca4c","sha512":"7b7be4ec6faca2a592f6eb9525028aea003d4a87cca419a3e22406d35e91bdb4109636935bd2bf695cab7c6eca680448dea142982f7e374df92a780aec1b56be","ssdeep":"","tlshash":"2161298df500bcc50261e44aaaf7623b8a235eca4e64aadbfcdf942750312f055371e3","first_seen":"2023-10-14T15:22:24Z","last_seen":"2026-05-11T12:44:38.625075Z","times_seen":28,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"SOL\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72314,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"88696df6454f3c955a74e324d9e8117c","sha1":"24603453be56a2ba9e7f8b02e7d3eca5f75996df","sha256":"ebcf9bbf9d7f8cba3a90b26d2198abbea206b5a94ff24497e4c86087d1e60c22","sha512":"22598bc44a88dc231744a59154d1b13f0103ebcaaaee6c29ea05ca511b308453db4381da14a20726d1fbb2e4de60255a24cde109440b873202a17e230d8c8546","ssdeep":"768:/te8MgAuUwexbGGdahdwxt6xeY2gintrK06t0AWqbiejFw:/XnUVxbGGdahdUMxeY2XK0vqbU","tlshash":"69637234cec9c0d9d6749dc3abb7dce4399333e34ede089189a955220da5bb39421f92","first_seen":"2026-05-11T12:44:11.900414Z","last_seen":"2026-05-11T12:44:11.900414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":829,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":829,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/fonts/Arial.ttf","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:40.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmeproexchage.com/assets/index-eac82dd4.css\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\netag: \"69fa2563-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-05-11T12:45:09.972229Z","times_seen":1268,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":552,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getAllSetting","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":1372,"timings":{"blocked":551,"dns":4,"connect":268,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-975fa331.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-975fa331.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-120d\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4621,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4614)","md5":"239b82fa6f2b05b82e4464c4ee3f2468","sha1":"207ca19a52ea0f14715dfaf5125fbb68ecd0ab4b","sha256":"3746ce16b8dc512bdb2eb00441c5eda3c42e64020db5943538a9e043bb5d65d9","sha512":"649b30ca3890b33bb7ed49921ff0d2c6a332da50b3c3e1ad06db3ef5987b1f00abf6d3efdd6361b40d32d3191926af528314a8f68521d7625a44f347f87c52d3","ssdeep":"96:CfshcwfPrblYqTqCw59i8TrDYTIy4CwRLzrb7Itq+l/3hrzK33EInFapCjH:CfshcwfFY+qCwvtgrpwF/ydvhrG3pVH","tlshash":"7c91aa89b803c97da9b3948048e4102125687bf6b11d44f2f3fdbc5e67b5b7ae345721","first_seen":"2026-05-11T12:44:11.840353Z","last_seen":"2026-05-11T12:44:38.604545Z","times_seen":2,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":375,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/fonts/DINOT-Medium.otf","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cmeproexchage.com/assets/index-eac82dd4.css\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\netag: \"69fa2563-11d88\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-05-11T12:44:38.631636Z","times_seen":915,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":295,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/type/defi_activity_type","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-05-11T12:44:38.609517Z","times_seen":631,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-661048e5.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-661048e5.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-b355b\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":734555,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"72a3dd9d629504dc6ac3359a63bce212","sha1":"c9682ec9fd31b939acf5f3795f64fbd8f34ef299","sha256":"0e2a4b2f25fba8f0768572c66b38df047b3603506e35a8f537cd31346b621150","sha512":"dfd96c47c19215b118d44db5ddd9a27ccb1b20da56619abb9ee0b41b8754beacc2a8263fea12b780bdedec77d288236a86c3a39a8be69eadce3e89cceb8a658c","ssdeep":"12288:YNPxPLn1H16O2ipZO3aHbHebtrtcr30L0n7e9rQSvUrfTJ3M2z82:YNPxPT1Hl2mZ9/T7e9sSvuTJ3d82","tlshash":"3af41a98b254b03543e771a1017f050ba33a690db44b85a8f669e4ee6cbd44e327ff78","first_seen":"2026-05-11T12:44:11.91421Z","last_seen":"2026-05-11T12:44:11.91421Z","times_seen":1,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":374,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/svg/dark/jiantou.svg?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/svg/dark/jiantou.svg?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 250\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\netag: \"69fa2563-fa\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":250,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5e4e54a5487158893ef8fca262aad6f","sha1":"879f44734b22643e6ba791a178c8d11a0fe76b5a","sha256":"1bd4c74e3b54ca46732ddc67b3e4ffaa129f1c4f3dae7b65136a09eda48e2f8f","sha512":"26f9eb0d272fd8df273886adc832d11f5c13e3a168aed3aedacfb97accaf4753dd9e09ef78d2de438e1d6333dd2212aca5330eed91787e26af52667d24b6a4d6","ssdeep":"","tlshash":"48d095ed915d304cf4569660dfe4154555adf107c2a408f4fff0493b927449158545a4","first_seen":"2024-12-02T08:41:53.544239Z","last_seen":"2026-05-11T12:44:38.634726Z","times_seen":32,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-1-aad8f325.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-1-aad8f325.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-1b25\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6949,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"e42448179a7e4cfd76149fc4e340c190","sha1":"8c9bf373b329b7cbabb770586167fadc13c34fb6","sha256":"aad8f325c9108c1b4b9a5f5fd40bc6ad910e12a81b6014d4586f6f8e8131da19","sha512":"265b4ef947931ddd88d013c03c50a6546989ef54312ed83bff4dffcbf03588ac5a37ec62e2dfd38760fe8c34a911f5b14973249c06f7a1e2d06522e92b4b4e17","ssdeep":"192:MknihKLD6GjZm0AqoXmXXTEHuh3O4nG5rg2c1sQgl:fnihKtjZm0AqoX05h3O2Wg2ADgl","tlshash":"d5e18e0d78d15ca04e635781ffcd90a30b535581fee0b8427ca6ae5bae702b1ca2d9d7","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.626607Z","times_seen":137,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-10-b50accd0.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-10-b50accd0.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-daa\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced","md5":"0f68f241c0b1be6b0d358a55726edbfe","sha1":"b89870c0c736f34c4eb9e1a97861fe7169590811","sha256":"b50accd09373fd6a0eae6994ca2070f41986d766e5125c218d05659dfad454f1","sha512":"6ab288b25cecd701cf59adc30b31819a67f1021c3931454e6da5a7fa010540edb9cc13bc36f7b2d856c56e34f49c6b2b99b9e67241a66f4592e67429a502ae51","ssdeep":"","tlshash":"0c713b40db42acf07b58bb5c6be061675a2f87c046c2a0426dffe82325304a7cdca6d3","first_seen":"2023-06-06T10:11:01Z","last_seen":"2026-05-11T12:44:38.671641Z","times_seen":58,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bansksk012002.oss-cn-hongkong.aliyuncs.com/img00c430818f0f43619a8a7eaf99430715.png?2.0.1778001268136","fqdn":"bansksk012002.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.224","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /img00c430818f0f43619a8a7eaf99430715.png?2.0.1778001268136 HTTP/1.1\r\nHost: bansksk012002.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 11 May 2026 12:43:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6597\r\nConnection: keep-alive\r\nx-oss-request-id: 6A01CF00EE24003038D6F30A\r\nAccept-Ranges: bytes\r\nETag: \"F65BBF6247B64AB0AA4D192730F5BC62\"\r\nLast-Modified: Sun, 31 Aug 2025 23:18:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8786305277697004838\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 9lu/Yke2SrCqTRknMPW8Yg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6597,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 87, 8-bit/color RGBA, non-interlaced","md5":"f65bbf6247b64ab0aa4d192730f5bc62","sha1":"58f64d34c30d0efbe91b2ecfd6cd1d1eedefb592","sha256":"11812f741ae3c78eb8840fb986f6b2b65c8f580d2db6be4d58d40d0567b12e1e","sha512":"f3ec7c165a0845bb40fb39f3d3acf66a3aa1e8258f6f892f76e71db09783dd04bf60db6905d6a6042c32e6e133f3013a70442fd114fbfcadb9c8ffa0ff9c274b","ssdeep":"96:xknmWIHh/TsyNGjmGg37HuH5/M1WVSX2RzBFe5qVqS+nISx/e1MCx5hyncMGyC+/:xkn27O5M1BGR9Fv1a//C9yncFyC+xwi","tlshash":"32d17e01ff6d0db84a9f59a046d9e16a1b310bd48fc134967ccdc5230e216f9ce1d5d6","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.607105Z","times_seen":62,"resource_available":false,"data":null}},"time_used":1400,"timings":{"blocked":1110,"dns":0,"connect":0,"send":0,"wait":289,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"ETH\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80239,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"e5833499f9501444ed9e286261ddf859","sha1":"682f24743fa21411b4560b6924b7fc8b311de839","sha256":"86bc0763c83914eb8701fafab71254de3f0d31a4d74a6f170905f5b5384fe6de","sha512":"00fc2e33e9a076ca1ea08c2eaee676f99dfa51055763b884b46d78a54f9a432969e10dda1d36f785516105448a2418f0d799627b818f6107d2fdf2c6ef49a12b","ssdeep":"1536:r1KhTSQWPgCv3cjjdjZTt/KV22L2JHXiM0Ddt:riSQW4Cv3cnfTt0L2tXilJt","tlshash":"ed73c332ca99e0cdcb748f868bc79fe04c6a37f746ed4d5255af90010ad0a60b51abd7","first_seen":"2026-05-11T12:44:11.916723Z","last_seen":"2026-05-11T12:44:11.916723Z","times_seen":1,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":497,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8c2f68c015b0efebf25b04b1619724b7","sha1":"4a243ebbbb8d7d3290af7d42f199c40cace96f1d","sha256":"69e32ef92f19a17c303638007495e4ff981db20e394128015f3174d02f1b23c3","sha512":"1307a7cdb48ca754048b07ab0146766eb4c3444ad1d68b17d424346a5e787160a9e55e11eb9f236858d635c417d32cc32f75a3fdf2eefc9bc6e87b04ab76e618","ssdeep":"","tlshash":"0cf0270e153cde7a480644cb26dcbdcc916f1683da60cd34865bcf1d82f56b60b1ba49","first_seen":"2025-07-25T22:00:15.201327Z","last_seen":"2026-05-11T12:44:38.566089Z","times_seen":3,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:47.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:47 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19602,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (19586), with no line terminators","md5":"023504a611713ced35847b15a8a1c76c","sha1":"eb8f092572181ae395ad151ee0a80df316bf802d","sha256":"9df20fb60bd8a073d4b1af540f64e090978d76c69b4394e538feaecfdafe02f1","sha512":"17aa02d3d9123497ef5dac340cd2707e0de627b2e7851b2da92a2cabd6c7045777c42b6d29ad9db1eb385a33bcbc8658d273d9bece82d0db55a32981c6b32cf7","ssdeep":"192:VXreX6wXeqUX/dWX1qXAVSXjB0Xtd/hX6gX4uSXgudwXxwYoK7cYfe/yCKHnjwfV:QNoBooAr6t","tlshash":"a39232521128a8b9c57ed1d12fbf7d15509d326fecc58d1ac3de8e9c8ed4ab0690af02","first_seen":"2026-05-11T12:44:11.919016Z","last_seen":"2026-05-11T12:44:11.919016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/vendor-df62c849.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/vendor-df62c849.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-d6217\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":877079,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"60163d033467041dd64e3d9920be6be2","sha1":"bbf2c2be0b2e2e954cef823095e0dd95d9a7406a","sha256":"6a7d683ac9f254dc5538af1034c0f745b7243c6dac7f83e62067f4b71f1ec2de","sha512":"ff9177517d32b46fc722bd5ddd5111759226742809ed24b4270bb74191b9d7b9a018cbe3bb7c9f1c44676a177ec6c559609ee49570da38b9a7dbab0cc01802a3","ssdeep":"24576:NckRssFLy5ziEf6DKYZSJsMHnWHEDOsa2s:NckRssFLy5ziEfWKYZ7MHnWHw1s","tlshash":"d21529c97282f06147ab20e250bb1006f3396e59744e84a4f16d98db7d7ad89d2b7f3c","first_seen":"2025-07-25T22:00:14.991714Z","last_seen":"2026-05-11T12:44:38.571498Z","times_seen":3,"resource_available":true,"data":null}},"time_used":452,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":451,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/index-10f31a6f.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:41.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/index-10f31a6f.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:41 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 317\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\netag: \"69fa2574-13d\"\r\nset-cookie: server_name_session=e0d36925e5777206e121bd061c035633; Max-Age=86400; httponly; path=/\r\nexpires: Tue, 12 May 2026 00:43:41 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":317,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (316)","md5":"3e0052b33a8b92a80ab1d4d9652492d6","sha1":"74e0b3489f4a6ac99f4c3e7ba723ed135d9bfb62","sha256":"2ff14f90892923dbe764d30f61afcbd871ab9baf68ea5fdae65b0a5dc082651e","sha512":"3254bbe9a04eb368422115e1de65bb1d586e224ae1d1afe260d55600d224c101ba751f869d1f9b0e53f53da321f92310eb209af46f433fae29a331cf89d11970","ssdeep":"","tlshash":"cde0ec8b2a018bf3e5720ee8fa625d44f56637798fea65e4482adc16510c880627918a","first_seen":"2026-05-11T12:44:11.86245Z","last_seen":"2026-05-11T12:44:38.574536Z","times_seen":2,"resource_available":true,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/home-nav-4-4fdd7d01.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/home-nav-4-4fdd7d01.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-f69\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced","md5":"2d5b9a317f20174f750d5524ab61536b","sha1":"a17ac4797bb6584005694177000915727f98540b","sha256":"4fdd7d0112cc4d7c828747212b0eff8b681d07da84d3209a377ed54b67a37c1e","sha512":"9bfc4bc468a804a3bac5a9263161ee81036e7a41d11cdfab57911b8f3459d884e5591c5025146a5e1407d99584e6a53a3016085da7bac065825b709edfcb51d4","ssdeep":"","tlshash":"d0813a06fec178916a89d6c02fe911a64723a7c0ded0a1599ddec01b69b00b8c5df8cb","first_seen":"2023-05-20T12:09:29Z","last_seen":"2026-05-11T12:44:38.658115Z","times_seen":116,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/sol.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/sol.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6977008a-6431\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-05-11T12:44:38.538143Z","times_seen":658,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/kline","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:43.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"POST /kline HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 69\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":69,"data":"{\"limit\":1000,\"interval\":\"ONE_MIN\",\"symbol\":\"BTC\",\"market\":\"binance\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83754,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"79c9e21f699bb5cb75c6440a32b17236","sha1":"7164d937887c18e9809f048108bf0a6cd0cbf0c5","sha256":"6c04d4e6ec91de099643fa8afa37e87b6de9d42aaed0f3802cb1ed5e2932b226","sha512":"94a0c464783e59d40763d376b4c23921f153d56f23d91306c2a0491e11c70ca482248b97ecee4b5d2619c448a9219455db3f38cd335dc2da42e2ebb763fee60b","ssdeep":"1536:aPMQ5Mnyty9ZFqaJgZUeXb0dO+7TEnXiIhErrm9c5eAYzeT:aE+aoy9ZFqaJmgO+kXiIhorb5LYzG","tlshash":"b38376700f99964adb30acde9f93fce04a523bc747ed4e5091db680d6ea2e30d509792","first_seen":"2026-05-11T12:44:11.922335Z","last_seen":"2026-05-11T12:44:11.922335Z","times_seen":1,"resource_available":false,"data":null}},"time_used":735,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":735,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/assets/filters-0dec89be.js","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /assets/filters-0dec89be.js HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 05 May 2026 17:14:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69fa2574-c1e\"\r\nexpires: Tue, 12 May 2026 00:43:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"d9940fd61963d09f4ce8cc4d1e77e83b","sha1":"bf2be87a4b738dd3f16c1c367c4b5a76314da6e0","sha256":"6d5f014af3a4d296938f9bab0aa55e71dfff954856f237421f398889c40706fb","sha512":"20591afcbfbb89183f63eee34b4f421a6c6ab12b511f12cf3bf8212fb3142d21216894e23cb94b983ec69f2ac51f333ec01fb1a78369fb359e7a7e629e76a031","ssdeep":"","tlshash":"4d5135fdfcd7613356e96df940288010728ebe20686e0a4df54bd0455a73888e07f764","first_seen":"2026-05-11T12:44:11.893698Z","last_seen":"2026-05-11T12:44:38.56169Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/resource/svg/dark/mengbanzu12.svg?2.0.1778001268136","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /resource/svg/dark/mengbanzu12.svg?2.0.1778001268136 HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 780\r\nlast-modified: Tue, 05 May 2026 17:14:11 GMT\r\netag: \"69fa2563-30c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":780,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"18f044763e4a911eabf2f1a1997cf7d7","sha1":"e77a92534b6cbad750c7c0610fa668d96cf0d393","sha256":"1fc962c7bc37823c897a2b82199f0add8fc4c80cd3f4a99648d04cde9087df7e","sha512":"540d4dff4070638f61a25129ff72085ddbe5c63272f7248ba04b8bcd67bb89f15e6ca3bf51aad95dbe542dbefea21c921de1471909915fac6080b9052c75bb3f","ssdeep":"","tlshash":"6e01f17e5321c15da2474b80c6e93f8092bea69ba2d01448b3a32da60d34f2f55bc995","first_seen":"2024-12-02T08:41:53.545858Z","last_seen":"2026-05-11T12:44:38.534743Z","times_seen":5,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cmeproexchage.com/static/images/coins/ltc.png","fqdn":"cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:42.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cmeproexchage.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:51:44 GMT","end":"Mon, 03 Aug 2026 16:51:43 GMT"},"fingerprint":{"sha1":"2D:B0:E9:BA:F9:45:82:BE:5A:F7:F2:A1:F3:49:3D:EE:16:FA:78:B2","sha256":"7B:49:82:29:98:41:A5:67:69:9D:86:14:E7:4B:14:06:39:3A:28:24:E6:F5:4E:C4:B2:05:7D:58:27:E8:61:BA"}}},"request":{"raw":"GET /static/images/coins/ltc.png HTTP/1.1\r\nHost: cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=e0d36925e5777206e121bd061c035633\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 957\r\nlast-modified: Mon, 26 Jan 2026 05:50:02 GMT\r\netag: \"6977008a-3bd\"\r\nexpires: Wed, 10 Jun 2026 12:43:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":957,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 97 x 96, 8-bit colormap, non-interlaced","md5":"db1f13e46508474023e51dac9b924272","sha1":"976aea7b350c3d301a1bcc9350fa9b54bff9c8af","sha256":"50b7635088e72a9f004283284a8d63488fa127afa53e157393ca38bb55db1ff2","sha512":"08f80512e3edb58c31435f259a6d27f0ce55186594e94b3d5883245788edf4b503cae6f5361876896658070c159de7d4ea5457b0bdda11df6673f02e7c598181","ssdeep":"","tlshash":"c511b7abf5cceccad1b1414f118a4490e550cdb0147da74eea127e1bb839ab02d04f1a","first_seen":"2023-05-07T19:16:40Z","last_seen":"2026-05-11T12:45:10.001454Z","times_seen":498,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.cmeproexchage.com/api/common/getCoinList","fqdn":"webapi.cmeproexchage.com","domain":"cmeproexchage.com","tld":"com"},"ip":{"addr":"134.122.128.163","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cmeproexchage.com/","date":"2026-05-11T12:43:47.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webapi.cmeproexchage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 16:52:22 GMT","end":"Mon, 03 Aug 2026 16:52:21 GMT"},"fingerprint":{"sha1":"FF:2B:90:AA:7A:79:93:21:EC:89:ED:F7:3E:7B:1B:36:81:EF:4E:BB","sha256":"FF:32:EA:D0:85:68:1A:DB:A8:70:36:C3:7F:DF:98:F8:11:46:C8:AA:1C:39:D0:45:BB:19:7E:E8:2F:4E:A7:24"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.cmeproexchage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://cmeproexchage.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 12:43:47 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://cmeproexchage.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nset-cookie: server_name_session=152005e3b8458293e0f7ed80ad880440; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-11T16:03:02.259001Z","times_seen":15014758,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"webapi.cmeproexchage.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}