{"report_id":"62baeed0-68da-4ce3-b1c4-080089f78d86","version":6,"status":"done","tags":[],"date":"2026-02-24T15:51:30Z","url":{"schema":"http","addr":"exsme.geminis-pro.com","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"172.67.192.164","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"title":"Gemini","dom":{"size":29142,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22739)","md5":"084aafaa06665a342be11bf976faa8e8","sha1":"736c3c7d7f0db5a983671bd2ad375f87999f3e5c","sha256":"d15ec36c2f9141faf1d561e907e60a7b7e80271d668be2b22bd2b9407a076a99","sha512":"c9109e7f5ae873c524a3597da9ad178b59bbe1b559b5028f5ddfc04964b3b9dfebcb7c4774c103a79dc95539df49e1f57c828b1c25d34bffec42e94bf2610e26","ssdeep":"768:m1Qxc2lTaasKwyfT51Wn03uxYHXsXIGxDzYOAI:m1ngTaasKwyfT51Wn03cYHXsXIGxDz7","tlshash":"55d20135f24170461273f9c8f8713f0ab2a5b70b820295587aad45e47fcacf5b6d29b8","dom_hash":"domhashae3866adf0367e15120ef073c3e0a5ab","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"exsme.geminis-pro.com","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"172.67.192.164","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T15:51:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":12,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52046,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.571512+0000\",\"flow_id\":694160280619973,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52046,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":753,\"bytes_toclient\":3148,\"start\":\"2026-02-24T15:51:13.035781+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52072,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.587002+0000\",\"flow_id\":773144729193966,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52072,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.036334+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52056,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.592454+0000\",\"flow_id\":1730102097448076,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52056,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":908,\"bytes_toclient\":3148,\"start\":\"2026-02-24T15:51:13.035980+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.609900+0000\",\"flow_id\":2139219207227828,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52034,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":908,\"bytes_toclient\":1634,\"start\":\"2026-02-24T15:51:13.035252+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52038,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.616764+0000\",\"flow_id\":338348009949830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52038,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-24T15:51:13.035462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52120,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.832870+0000\",\"flow_id\":697342851375098,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52120,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.286714+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52102,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.837139+0000\",\"flow_id\":1333775400263466,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52102,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.286506+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52090,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.840005+0000\",\"flow_id\":1481041238908599,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52090,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":908,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.286391+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52078,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.847357+0000\",\"flow_id\":617499409341978,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52078,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.286234+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:13Z","timestamp":1771948273,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52130,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:13.857159+0000\",\"flow_id\":1123884643475550,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52130,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":908,\"bytes_toclient\":4662,\"start\":\"2026-02-24T15:51:13.286814+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:14Z","timestamp":1771948274,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52058,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:14.352702+0000\",\"flow_id\":66768637889866,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52058,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":6,\"bytes_toserver\":1324,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.036170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T15:51:14Z","timestamp":1771948274,"ip_dst":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":52108,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T15:51:14.568820+0000\",\"flow_id\":2165474342297492,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.51\",\"src_port\":52108,\"dest_ip\":\"47.79.64.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":6,\"bytes_toserver\":1324,\"bytes_toclient\":6037,\"start\":\"2026-02-24T15:51:13.286612+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"exsme.geminis-pro.com","ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-18","domain_rank":0,"first_seen":"2026-02-24T15:51:32.574648Z","last_seen":"2026-02-24T15:51:32.574648Z","alert_count":38,"request_count":38,"received_data":3605908,"sent_data":16814,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-01-20T10:42:11.41777Z","last_seen":"2026-01-20T10:42:11.41777Z","alert_count":0,"request_count":27,"received_data":573785,"sent_data":12727,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"exsme.geminis-pro.com/charting_library/charting_library.min.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-17T16:05:43.135431Z","times_seen":1024,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2cb9030274017713592e1f1881652b10","sha1":"c2c538ff7c429114daa1991fdcf81e193d73c7f6","sha256":"c2f7de45899b9e05da2fa131157564005bc95ccd9da3e5eb7795a177201a2416","sha512":"be857146e2b7e7168f098cf884966afb33fd8283365f3171080ae2c3d808027b8648469b3531b96707d40f856d782f069833ac5d4babc1501029a2404f09d199","ssdeep":"","tlshash":"22c08cc4a0d22d041712681460af35e89024402670481b428c94d8682e220b48233e98","size":139,"data":"","first_seen":"2023-08-02T21:25:38Z","last_seen":"2026-06-14T15:06:46.447331Z","times_seen":251,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2b72232ed380a528eeb3a552d77ae9c7","sha1":"6dc118004f8c5dcbcb571446e544948e5884cd56","sha256":"b7d4991a24ab4ba72ab4e3cfa67e51ed181d0f21335bd7adb062d024a1564c4a","sha512":"9a7cba48645dd78c7a719297ffad44b3da7263835e444e0fde947908fd4345a1cbb1d672b3e53338231cd6a11b38c7d45e5395f1387d368b0e8f93beea4d6347","ssdeep":"","tlshash":"77c08cc4a0c26d001602649010af34e890244027b0485b028c94d8482e220b08233e98","size":139,"data":"","first_seen":"2024-09-19T22:02:28.519141Z","last_seen":"2026-06-14T01:03:30.685347Z","times_seen":213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5ddcf000fe640727c37a007add885f01","sha1":"c03cacf1f7fa18c439f4df83c545efdc7947979a","sha256":"1002ce8702b1ab8819bbaaa1107fcac63cc383b1ac134849914669ea3a821780","sha512":"16d0825adacbef5b34caf9e925d789b63afba408f7b8f9cf8ea2cd4de1bf92c21d1edb4a5f233fb755c7a9df1d0bdd22a86bfaac106e69457cd2832ace015a7d","ssdeep":"","tlshash":"bcc08cc8a1c26d001a06641010bf28e49034802674481b029d94d8482e320b08233ea8","size":139,"data":"","first_seen":"2024-11-12T13:07:34.2755Z","last_seen":"2026-06-01T14:38:29.856207Z","times_seen":113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-d2b93fe7.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2477f9e10439b7d01db3ebbd91a9089c","sha1":"1005eca18f8c75469674018add141688132b22c1","sha256":"671b3a0ab6da8cd2c82688bc92874edd133c0f244d6a155250b59c91bed03826","sha512":"1c06d77c511eda67ddfd8257cb854e8ce5dbb021f2c0c12acdd8c23c038eaf2e103e21da4f5721995159425c4b908997676d2d497eeb0ad754cf5041e5d302d3","ssdeep":"768:F96LmtgtNXeowpRXMcKDjDnDsDmDxJiNzPEk0wPtsw022BPPl4J7KsdvZzFehsXp:T0hUpOPDgivilNtril49KCN+o26DKJpQ","tlshash":"36a32a8d940b1fff6cbd0844b94f591020691fd36d89cc93b3ae6e552bf9cd8628a718","size":98781,"data":"","first_seen":"2026-01-20T10:42:16.629106Z","last_seen":"2026-02-24T15:51:35.575382Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-9990013b.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8f3db74c5254eda253431d9eb631bfd4","sha1":"81f52ccb1aaff57e95f49051ff1bb758611cb9c2","sha256":"813cb8c0ba5fab8819550b4987fc59fbc15169a08d30e07c2de8dd2fd9ccb5bc","sha512":"66dfe3b658fb77697d5b744eb891d65166a09db926a3b2a4945c041bfa55364f22e8c613680890abfeb49c5cb8e5b87ca27ef6d4e5a07afe90e308dcc6db6742","ssdeep":"","tlshash":"7d0120f8fc0ccebb1f62064001903500140a2fedfa1419f198877e661be0940d7ce32d","size":772,"data":"","first_seen":"2026-01-20T10:42:16.612659Z","last_seen":"2026-02-24T15:51:35.56395Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/tw-c6d8fa3a.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4cb22c083ee9f6c7da894efa40094132","sha1":"a1f28aae4069e3b4e9c6a83efb28f0639dd9e9b1","sha256":"de7e524bdada513a01757ebafb7d1482204d7e08247e51daef2c4acff28ad396","sha512":"3cec4b41e395e1012030c80de6f10b5d5aa0f2ed04037077d01b9936e57aa27474d2b887237dac7aff4a876d846d38e3e4b5f9d81b25bdccc8350491f5083fb8","ssdeep":"768:1Bhu4hgcnMH1x55Oy9Wwj/P89Nn82vaFRt5xO4XtS:1LGcMLzO+j/DHXtS","tlshash":"71f2f6c46ceedead44e3a53bb04e694260f75e89c721c0295fec59f9a2c4b139793720","size":37115,"data":"","first_seen":"2026-01-20T10:42:16.623936Z","last_seen":"2026-02-24T15:51:35.598304Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"eff8762701acc1c42deefe4be573f595","sha1":"824fa104a5d64c457d17883e2f807d6f6c2593ca","sha256":"689e64c6f32f3b558307001f640e6839f684a5fb86719a6298afd6c84d2b0c81","sha512":"dbba64d868868efbbd0d1b933a68396dd31643f98f3b925328ce8bf6b230fb90295b60afb90efed806f7249fe9aa87dfd363c531fe2c0fe8a57523a9177e1d4f","ssdeep":"","tlshash":"5fc08cc4b0c22d001a02642010af24e4a024402ab0482b029cd4d8482e230f08233f98","size":139,"data":"","first_seen":"2023-08-02T21:25:38Z","last_seen":"2026-04-23T16:06:19.363227Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-00338204.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"cddf5c2f34721a42804f314dfaa6c56f","sha1":"4716e07a6b0fe2bdfe983e7bdb290592c03a2a06","sha256":"bf41e9032ad8af7a9fa844e4f29999a56f6ed94be9d3e774d786ec99c0c14c62","sha512":"c4278394101a6f384690dfaf4e2e1719259f9ba4e3b4367368f903645d43c7555ec2b7960de7c50bfd5ef402ded6d5f6ed9e478140289ca89d1040e8ca7643af","ssdeep":"96:2+CYlnYkqD+wHX+dI3rtb6cirmDebgP3hvO13XDNahkjA:2+CYlYkqiwHlrtbZqifhv6XxnA","tlshash":"c9a1b699f80286bff9b7144048480420219cbbffb20548f2fbfdad0a63b8979d754765","size":4632,"data":"","first_seen":"2026-01-20T10:42:16.627382Z","last_seen":"2026-02-24T15:51:35.56258Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-0495305c.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6d71ec715084ccc3fd4797782b530452","sha1":"22e0b4cd682a69f1e849d94cb651263b6615def0","sha256":"0db62e2e388bdf1618597107acf636a3447c135b317f0855cffe3b3f3d9f735d","sha512":"d3a0649334513e53e572dfe38556231a7896054ae30d74b9eb62c2e7bc5e61531f38e1ce58e79d6a54df6ed3f817039a94018dca56c0dca78456438f5c09ecc7","ssdeep":"192:g+AlxxBNTN8NbTGiFQElHMIicvFJIyIQCSjUFSET3Z3fTUQoN+NgN3NpI3Kh1IMQ:g+qxxBBOtzZjxIQXoFHT3Z3fTUrAKFF+","tlshash":"e3222a97b9458a3ee5b6e055d56e0050b2ae3fc91109c493b2fe4c213396ff8b729b0c","size":10633,"data":"","first_seen":"2026-01-20T10:42:16.635539Z","last_seen":"2026-02-24T15:51:35.561664Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4e21b6294a159caac1a3e807effc015a","sha1":"71a551b611567182002966a908a0f567c42dfc21","sha256":"ac00017ead4fcfda0c49b9909e5a56d786a1421624ff8538ca221b79dedc47f5","sha512":"b34650bcefc4a13674b51e7afec7db5acf6d63882e9b914be3609c0503a2313d4f294032e38179bc530d549f2569c1a56229a12b3e959674d7ec556d18bcc498","ssdeep":"","tlshash":"b3c08cc4a0d3be046612a41410af28e49024806a70889b12eca8d8883f660b08337e98","size":145,"data":"","first_seen":"2024-12-08T15:39:09.854585Z","last_seen":"2026-04-23T16:06:19.351431Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8bbffdaee7d20c5a82fc382c243dcb3","sha1":"6d791388ff189ff8877e635bc40660c1b9b2f07c","sha256":"9468a67aae269dc233c96e38dff5dc9e1a0d7dd64b72b6506a558aae8bf74f29","sha512":"b82681643819e01789357b1d875987661f3e7d5df98c427111899a0a0e054e8aef72642557ae9647c8786bdf174843410feffd352d540ef4eed39ca0d739677a","ssdeep":"","tlshash":"e2c08cc4b0c22d102a02651114af24e49024502a78481b028cd4dc482e320b0c277e98","size":142,"data":"","first_seen":"2024-12-08T15:39:09.855706Z","last_seen":"2026-04-23T16:06:19.372253Z","times_seen":85,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b424d2cac5b1d5ef3fb29026b512e8b3","sha1":"8b387ec45d59b4b9b44e94afff0a5f7980f3c0c7","sha256":"401e531ae478e4473edc949b064bc71c0fcb5a91c5c80a032e35e80707047d5f","sha512":"586067212a688606d98a804eaa8ac50302ab497c7a23634921c8b08102fa75e61371c3dc7dc69a8c31b96c2225757f3c1f28b7d3ad6df0b766fad7e0ac440fb6","ssdeep":"","tlshash":"8ec08cc4a0c23d101612651020bf24e49024442670886b028c98dc582e220b09233e98","size":139,"data":"","first_seen":"2026-01-20T10:42:16.68035Z","last_seen":"2026-04-12T03:32:44.12781Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"26214cc59124eab6c32b65dc07bb9ea7","sha1":"0fd3b56777f572b7df5c15bdde7c54b9a26faa07","sha256":"ead2cbe056e47eb4cfc8773246a4c204b31ad832df29cf96f8ae80c52c4ea7a1","sha512":"c08a19fb97598efc1758536d775a4d7d9a10e57b86aa2786966b8956eef8485e9d4a9f032d04045e50dc2b5265b6832231095e74cc6a2478dd1392e72de0a85f","ssdeep":"","tlshash":"d611abfe295a602e6303404ed76b7801a43250b9400a184177ccda9dbb9ab7dd0cfb8c","size":1048,"data":"","first_seen":"2026-02-24T15:51:35.605703Z","last_seen":"2026-02-24T15:51:35.605703Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c464eee61a30b35747e8e9848e60be3e","sha1":"3b58c9c7de2dd7f0322fd7bb9947ad3a01ac8cce","sha256":"955a99d585122831f4cabbe60b7755379393349c40795ff761e7ce78b3e491d7","sha512":"d548dacba908d5bd228c19df9e45083444741e1151dc914e356f01fd7fcb666a7077df8a57af5bc72e249160aa32ce3e40c77f22dc01fb2af95a6c3d19be3e4f","ssdeep":"","tlshash":"d3e0abeb3139c16456f09f2b6cec4c1bf69b27334d8c050bf8b4a9051ebad64227c894","size":420,"data":"","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-06-17T16:05:43.210582Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2e7c0cf85afd1e45ec06e981b5fa685d","sha1":"a79621c4318a8a2d2a5a99830fd76185e14eabcd","sha256":"457ffe33f4fbb0bcae6e565069719df2e24299e539a38e4faa71dde5125c8a1e","sha512":"8014ea4e58de252b3f4eefdc037d2f6ae0d04c8efddd19560467fbc7cc16cd975e0784c061543d2a35bd8aebe9da62bdd6285e19d93ddb53fffe64759a872dc7","ssdeep":"","tlshash":"14c08cc4a0c32e041607651110af34e490384026b048ab028c94d8892e230b08233ed8","size":145,"data":"","first_seen":"2023-08-02T21:25:38Z","last_seen":"2026-03-26T14:41:06.873633Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/vendor-3e2ecdcf.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"5c4d16bb0b2f685b7e621e8c7f10ed19","sha1":"6899c0457e275068fe97fb243cb9e305df0451d5","sha256":"d1a5d4966131eb3f8ee7fc1606f813978fa7d1aa8fa44ad313af00b855ce16ca","sha512":"748eec9b3b390b84271130bf691f878909b6872b197a1363bcb0ea18ad42b113495712983a5313a1270827b67950f1f937a1aeccae46234c445ab1308b1b4dc4","ssdeep":"24576:aYHry7lGnpp1Kr05XGmMhhsW/83aNmWa2B:aYHry7lGnpp1Kr05XGxhhsW/oiB","tlshash":"950539c97292f06147ab24e240bb0006f3396e59744e84a4f1ad98db7d7ad89d277f3c","size":873038,"data":"","first_seen":"2026-01-20T10:42:16.607251Z","last_seen":"2026-02-24T15:51:35.560289Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-267f0412.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"96a4a38f5e8740c6fdb13c5ebd757286","sha1":"af052f8182e8a9119235c1e75232b85d37edd422","sha256":"ece4c68878ec5a712eaf3dae347c408fcbc80ac12e13c7b3660b296d6711d78b","sha512":"76fe5c6e26c5f378608a6f04f0cb14b80b90e9a44a5c1ad27173063a07e7259c0074418c845ff8882c4019dcb42fc4675ca7962a1cc1601be5050dce63ada798","ssdeep":"","tlshash":"e5f0c93fb96a80b20bb384b8e1631820aa081f162b54c4a4d58b0e10ca748e7d56f224","size":508,"data":"","first_seen":"2026-01-20T10:42:16.626551Z","last_seen":"2026-02-24T15:51:35.564926Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b1e6506abda1ffa5b9ab2721a0fee13f","sha1":"cc64d89d747a4c6f5293b262055d3cb8e175b738","sha256":"848a05dd565ed4ad22c665530b61473e4437ca86f8bd027a8c952177f73b5269","sha512":"ac564a39d053f7c5f6e636296207458bae1d069f50356ee85ac23a8045617ebbe8cb5f26870d5a19f2d3cf834bc578918ad2b9f46bb68e3d0961c68841bb6e17","ssdeep":"","tlshash":"ecc08cc4a0c32d001643641050af34e490348026b0481b428c94d8492e230b08233e98","size":139,"data":"","first_seen":"2023-06-07T05:45:46Z","last_seen":"2026-06-14T01:03:30.79596Z","times_seen":254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-18T09:14:46.314092Z","times_seen":37805,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-18T09:14:46.31698Z","times_seen":40001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cf91b633dd7aa3a910f7203ae8fe6e17","sha1":"45d58e726a623b9e8f470e616bb21e0d79b921b9","sha256":"aa19bcc17f77cb209b91962de32d71b2d5dcb71dd7c34ce623ea6bed117e3eb1","sha512":"0fee27821ca07b1d1334a207806b1d1b49a8fdd98737f499c880ca9e835ceb36c18607e7072ee36e642bfefd2ba7186545b7fc04d2f07c9fb17dde2c806355ab","ssdeep":"","tlshash":"41c080c470e27d44165565b5207f74d45034441ff459db52dcd4ec593d225b4d337db8","size":172,"data":"","first_seen":"2024-12-08T15:39:09.836814Z","last_seen":"2026-06-01T14:38:29.858007Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f02ffcfbde7b0afe29639198c8137cac","sha1":"9daf59294380c8be478844674d1b14b2ab42c5fb","sha256":"24ce4bd7ea58074683fccedf514c4762d6158f8f5d771b13c28be886db279435","sha512":"a124ddc942e46c2aecfd7afe8749354031f513c621d746cd422197f4244a4cb12a0faca8d587600c27412f1b0affe8658fdd3d7eb8ebf642be682174919f69e9","ssdeep":"","tlshash":"aec08cc4a0c22d101a02a41410af24e49028802674482b438c98e8a82e220b08233e98","size":139,"data":"","first_seen":"2024-12-08T15:39:09.853482Z","last_seen":"2026-05-24T06:20:37.983941Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"422650c14a2d8bfda4d40720a0650016","sha1":"16c67a104fc83c2215ea940d6bd7dd150d3f6b2b","sha256":"5414194c9313f1b09e2d8f454dd35644d48a3eeea5e6191ee738a87aae1dee3f","sha512":"7d7790f826f33041e6b22fffc3f4752121da699840a760ef47f3cd2bda29082f6843d0c8c0f75e5091ab60fb7967f3675dbaef9736fef8bb3c4601885e3d81ab","ssdeep":"","tlshash":"b7c08cc8b0c22d101a02a41010bf76e4a0284036b0685b028ce4e8493e220b08233e98","size":145,"data":"","first_seen":"2026-01-20T10:42:16.6748Z","last_seen":"2026-02-24T15:51:35.610237Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e52075d73827559a486057928d75db67","sha1":"89321c045f19ef75727b18972c58736eb07a4012","sha256":"0f1effb481379b93147c58d6fc5b7a9204439bac5f157bd24bd7644ac95411a7","sha512":"8459c6df51eb54fa2d3e5049ddf8534809077df5c3fc899d16cee8c59afdff3a32fb1e6d642dffbc454a7c9a756e5d8cc2be104118558e92ffa9def5bbe55cae","ssdeep":"","tlshash":"c5c08cc9a0c27d00160a651020af24e49024442bb0485b029cd4ec8c2e620b09233e98","size":145,"data":"","first_seen":"2026-01-20T10:42:16.675991Z","last_seen":"2026-02-24T15:51:35.611078Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"65cc32c48c6ca2b8b2fd44c1670ae667","sha1":"f2a116897b02c9bf0bb31247024703d913d0cd13","sha256":"83e989e9718ddc6751b336792e962c10faa616a9f3feaffc90f9c430e4c6d221","sha512":"bd8ce0e0a56f50ef5d499026d682702cf4fc60698a0152097cad28c8b889fcd4bdad15f87af7f14437f9cba7bac5e26d80af6bbc49249f7efbdc468ef39be9f4","ssdeep":"","tlshash":"11c08cc4a0c22d001602681110bf24e890244427704c5b028c98dc583e220b49237ed8","size":139,"data":"","first_seen":"2024-12-08T15:39:09.862859Z","last_seen":"2026-06-01T14:38:29.851322Z","times_seen":146,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c8681bec0ee9c59c1e614864e91c076","sha1":"ea79a8d26858f053bb4d5801018208267786ab84","sha256":"6ea106a325435822b4faa55316a42752255b0a86f85cdb60c1e972861d0eb3d7","sha512":"f607048afe3cea1cff6c0db5b89c465e84f976f38189a72c9b1deb2892c61692b12b27b4284a5dd3d8e59b77325c84a4a760106efabcf2ba82620d9e2dfbc0cf","ssdeep":"","tlshash":"77c08cc5b0c22d001602651010af24e49024402774481b128c94d8592ea60b08233e98","size":139,"data":"","first_seen":"2026-01-20T10:42:16.670996Z","last_seen":"2026-02-24T15:51:35.612911Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"482751b200972106874f0c53704eb433","sha1":"17e01d6c197f68a93477366f9a5d738aaae5f5d4","sha256":"0dd03559e55f972e525080462f14164b12140e45c968baf3175b0fad9a160512","sha512":"16a53e853d540a2293e23ae6279187650839ec1d089a72f206d5ac1cf85990293821d1b9c6dc73679b368a3c382d0d269667d997d481317288fc3c27fdfdf62d","ssdeep":"","tlshash":"92c08cc4a0c22e101602681020af25e4a024402670485b128c94e8482f220b08237f98","size":139,"data":"","first_seen":"2023-08-02T21:25:38Z","last_seen":"2026-02-24T15:51:35.613989Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/#/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"170c5aeb0fbfa79ec106e76acce07132","sha1":"9f1adc3b20187ce77b33f5b3c827b562c51a2e3a","sha256":"72311d09d22498f16737e60fa68d33cacc3e2e71ed5fc46d7559a1808efbf6c6","sha512":"205075024aef7f373dfd51895391f57c00b4ea5ce1f7289df4691c60ea0850871539fc06351f38277a3abc389c261344444c80159cfeae6d8ed36a7ad2e594af","ssdeep":"","tlshash":"d8c08cc8a0e32d001602641010bf38e49025802670481b168ca4ec483e230f08237ea8","size":142,"data":"","first_seen":"2024-09-19T22:02:28.526617Z","last_seen":"2026-04-23T16:06:19.359701Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.066381e5575794a5d964fed475d207042.jpg","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.066381e5575794a5d964fed475d207042.jpg HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3715\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2AFAD5B34327F6574\r\nAccept-Ranges: bytes\r\nETag: \"187E71DCB76B38D8BCA0A29534712C7F\"\r\nLast-Modified: Sat, 25 Oct 2025 13:38:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 338268765923176095\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: GH5x3LdrONi8oKKVNHEsfw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 77 x 77, 8-bit/color RGBA, non-interlaced","md5":"187e71dcb76b38d8bca0a29534712c7f","sha1":"09bce1f0d8c4d1cb69fc6165ee8166581e7574f6","sha256":"9d904c69c2743429a17f2494084493003b9331f8eb41ca39e885ed664d4e57d2","sha512":"0c6e28f7f861377ceb0809d3fa6600eb2cab879e165ff03a635586d3bfe2a0331d39e3d46729cdb7cfedb4b8e2e4e6a6c0f50a656151f35e198d7778acda9aa8","ssdeep":"","tlshash":"39717c03e6d5d25f1228f52f7c329c7cbb2b49949436045017b77a2a93bce11b684ac0","first_seen":"2025-03-06T08:06:41.409789Z","last_seen":"2026-02-24T15:51:35.557743Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1471,"timings":{"blocked":1179,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0fd4aa612a9f0405f84821c186611f9e5.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0fd4aa612a9f0405f84821c186611f9e5.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 28273\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3C78BAF38346065B8\r\nAccept-Ranges: bytes\r\nETag: \"D5CA5F90C7A46CB88E5F57B2D3046BA8\"\r\nLast-Modified: Sat, 25 Oct 2025 14:20:19 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 651333452456791640\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 1cpfkMekbLiOX1ey0wRrqA==\r\nx-oss-server-time: 43\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"d5ca5f90c7a46cb88e5f57b2d3046ba8","sha1":"4a46fba9e1f7e0419539519e1936e6002f99b3a8","sha256":"a584af003890eeb5d527e91031218b66fc8d429ce7d8ddc5f5ceb9efaf627a40","sha512":"60e2cb71c7155b2f51159c37f53d85c567698b9baec7ffc34ec898df057fb64e2528909f68df9e901bf5243a4ee451f0ff432e210db1635ca0c448073e7811e2","ssdeep":"768:CXuoEFXvWj4CBn04bX73fOlLiRO2lFIVmfSD:9FXvWj4CueDGlLmOuIcqD","tlshash":"b2c2d005f8f592ca744cc6104925cd97f273a15b30a53eda3ddcca6f7f9c9e916a0282","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-17T15:51:26.201418Z","times_seen":591,"resource_available":false,"data":null}},"time_used":2493,"timings":{"blocked":2153,"dns":0,"connect":0,"send":0,"wait":330,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: tw\r\nlang: tw\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8SSQgLvDuZgHf6VYWoU6%2BDfE4z3O7SecbFnt4Ac%2FPfZ%2BKcWhKUi1BzGkyXDCi8pIcSLItbaL4wu7i97FK0P4IvAKyGXua3nzHrZWSzbfd1CHaWKV4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f832eb7d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":569,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"589f731e2746af9881e18dba186b8d4f","sha1":"b5d13a835f0fc8c8fc7056a5397b86f06d65c715","sha256":"54eb11739e686f12dabb487e596c3cf842eee9de933c46ff67cd29b826403e46","sha512":"13d85eafd800d60e8e0dbb2d113b68891a45b3b1c08dd3ade31b1e356c9bc2c6834927521531def26599f2089f969a740f5e73216e7b7bba088a4a975135e4b3","ssdeep":"","tlshash":"85f08b0f6538cda5580408cb55cdbcc986ae268bc764cc349927cf2d41f55b70a0b188","first_seen":"2026-01-20T10:42:16.64982Z","last_seen":"2026-02-24T15:51:35.559296Z","times_seen":2,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/vendor-3e2ecdcf.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:09.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/vendor-3e2ecdcf.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:10 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-d524e\"\r\nexpires: Wed, 25 Feb 2026 03:51:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S8BGTkVd8Bke3Wz7LmCQVflmS0yt0GXZqSCSx43qHkN3JdJQRZMG5B%2FgAuw7Lu3bWNTJd5e%2B3R0Zdu0Z4IhhuitD11vppPylA5CRbnPriEVVBxlYLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f6deb32d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873038,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5c4d16bb0b2f685b7e621e8c7f10ed19","sha1":"6899c0457e275068fe97fb243cb9e305df0451d5","sha256":"d1a5d4966131eb3f8ee7fc1606f813978fa7d1aa8fa44ad313af00b855ce16ca","sha512":"748eec9b3b390b84271130bf691f878909b6872b197a1363bcb0ea18ad42b113495712983a5313a1270827b67950f1f937a1aeccae46234c445ab1308b1b4dc4","ssdeep":"24576:aYHry7lGnpp1Kr05XGmMhhsW/83aNmWa2B:aYHry7lGnpp1Kr05XGxhhsW/oiB","tlshash":"950539c97292f06147ab24e240bb0006f3396e59744e84a4f1ad98db7d7ad89d277f3c","first_seen":"2026-01-20T10:42:16.607251Z","last_seen":"2026-02-24T15:51:35.560289Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1490,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":835,"receive":655,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-0495305c.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-0495305c.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-2991\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ApfCgJwg9yFrGnyqCO8oAdcg3Fns4sHQjtdZkiwCMVzqOCbaZsoH3UK1XA0KuS7gy2kxRAnoNTtQvXctaN6Zr8xDrlqMHP4GbmONf6grie4UzG6%2FBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f788cfdd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10641,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (10624)","md5":"6d71ec715084ccc3fd4797782b530452","sha1":"22e0b4cd682a69f1e849d94cb651263b6615def0","sha256":"0db62e2e388bdf1618597107acf636a3447c135b317f0855cffe3b3f3d9f735d","sha512":"d3a0649334513e53e572dfe38556231a7896054ae30d74b9eb62c2e7bc5e61531f38e1ce58e79d6a54df6ed3f817039a94018dca56c0dca78456438f5c09ecc7","ssdeep":"192:g+AlxxBNTN8NbTGiFQElHMIicvFJIyIQCSjUFSET3Z3fTUQoN+NgN3NpI3Kh1IMQ:g+qxxBBOtzZjxIQXoFHT3Z3fTUrAKFF+","tlshash":"e3222a97b9458a3ee5b6e055d56e0050b2ae3fc91109c493b2fe4c213396ff8b729b0c","first_seen":"2026-01-20T10:42:16.635539Z","last_seen":"2026-02-24T15:51:35.561664Z","times_seen":2,"resource_available":true,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-00338204.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-00338204.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-1218\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hhCE47RytDWjsdZ0p%2FuRy1%2F1%2F%2BistOAG0XpBTPUwxoj%2B3mT%2Fx4h93h9Bq28v%2F2iAHf759W68MJ1nALTY9JSCymx2bccW6jFWHDUz0ykhRzCvL5R3XA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f788cfed42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4632,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4625)","md5":"cddf5c2f34721a42804f314dfaa6c56f","sha1":"4716e07a6b0fe2bdfe983e7bdb290592c03a2a06","sha256":"bf41e9032ad8af7a9fa844e4f29999a56f6ed94be9d3e774d786ec99c0c14c62","sha512":"c4278394101a6f384690dfaf4e2e1719259f9ba4e3b4367368f903645d43c7555ec2b7960de7c50bfd5ef402ded6d5f6ed9e478140289ca89d1040e8ca7643af","ssdeep":"96:2+CYlnYkqD+wHX+dI3rtb6cirmDebgP3hvO13XDNahkjA:2+CYlYkqiwHlrtbZqifhv6XxnA","tlshash":"c9a1b699f80286bff9b7144048480420219cbbffb20548f2fbfdad0a63b8979d754765","first_seen":"2026-01-20T10:42:16.627382Z","last_seen":"2026-02-24T15:51:35.56258Z","times_seen":2,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-9990013b.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-9990013b.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6974722c-304\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nAmyfhGfWbf%2BWPf8WQgqFtueg4SN8vz2ZEZwVGGvhYRYdjTeStzehDpmHZT2e9Cm%2BlVX6hWZJUsYFtVVZtrHPpLk%2FmdqBXWuJWFG%2F%2BXew0QG4akXSA%3D%3D\"}]}\r\ncf-ray: 9d301f788cffd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":772,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (771)","md5":"8f3db74c5254eda253431d9eb631bfd4","sha1":"81f52ccb1aaff57e95f49051ff1bb758611cb9c2","sha256":"813cb8c0ba5fab8819550b4987fc59fbc15169a08d30e07c2de8dd2fd9ccb5bc","sha512":"66dfe3b658fb77697d5b744eb891d65166a09db926a3b2a4945c041bfa55364f22e8c613680890abfeb49c5cb8e5b87ca27ef6d4e5a07afe90e308dcc6db6742","ssdeep":"","tlshash":"7d0120f8fc0ccebb1f62064001903500140a2fedfa1419f198877e661be0940d7ce32d","first_seen":"2026-01-20T10:42:16.612659Z","last_seen":"2026-02-24T15:51:35.56395Z","times_seen":2,"resource_available":true,"data":null}},"time_used":615,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-267f0412.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-267f0412.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6974722c-1fc\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RQF4p8TmoSaqOpNWsjquxGyZmbrOyt%2B5U%2FH03sOueuwrNohbrcFe9DJx76n61MlpYe2Y%2FQqjHc%2BvLyM9LSvQbtRqBrUkmgOyBI11Ejx7NWmdlNaKsA%3D%3D\"}]}\r\ncf-ray: 9d301f7cdda4d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":508,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (507)","md5":"96a4a38f5e8740c6fdb13c5ebd757286","sha1":"af052f8182e8a9119235c1e75232b85d37edd422","sha256":"ece4c68878ec5a712eaf3dae347c408fcbc80ac12e13c7b3660b296d6711d78b","sha512":"76fe5c6e26c5f378608a6f04f0cb14b80b90e9a44a5c1ad27173063a07e7259c0074418c845ff8882c4019dcb42fc4675ca7962a1cc1601be5050dce63ada798","ssdeep":"","tlshash":"e5f0c93fb96a80b20bb384b8e1631820aa081f162b54c4a4d58b0e10ca748e7d56f224","first_seen":"2026-01-20T10:42:16.626551Z","last_seen":"2026-02-24T15:51:35.564926Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/search-bde6c111.svg","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/search-bde6c111.svg HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"6974722c-18b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sMwyieT3pCm5MyihgVnmjdokAV%2FHU31il6zEysCX72nKZQdlrzd%2FjXCopA4x3uujeUYjctilOtwWrFEt7AcoTeRXfHHue4TPmQRlrLDAhfH7bTXNsg%3D%3D\"}]}\r\ncf-ray: 9d301f822e88d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":395,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"75fd0a8aecdbaaa755824e8e1bdb6955","sha1":"e9953daeb744f32b8da93c78d09fa4aad39918ee","sha256":"bde6c1110d488db935e323792e0d5288e0cf6446cde9a8606191595b5cba4357","sha512":"28faad026b58df1a98dc4617fae8b204bc34668b82b937b6f559ac28e903d3a62b6c2330d569b7db194dc383e27634e365f8b8791acc15c1524d6ae92cbdfcdc","ssdeep":"","tlshash":"b1e061bb754ff78d5459db1405ecaec8e5726011318500549b4216f69d04c839f708b0","first_seen":"2025-04-07T11:28:26.939708Z","last_seen":"2026-06-11T20:19:16.492077Z","times_seen":65,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.09ac5c3a496754fd1b2f5cc3f463eb10c.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.09ac5c3a496754fd1b2f5cc3f463eb10c.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17120\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F28B90443130DCE06F\r\nAccept-Ranges: bytes\r\nETag: \"2C2535777E59C74BC9F0BBA3C492CF4C\"\r\nLast-Modified: Wed, 29 Oct 2025 10:15:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6180990207094404053\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: LCU1d35Zx0vJ8LujxJLPTA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17120,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"2c2535777e59c74bc9f0bba3c492cf4c","sha1":"2a103120647dfc9efdb276ad7d298bc1fa056cb1","sha256":"ec46f5222bf6d570bcccd374c19d290d8e50a65ba979ca74211f5bcc5a0d7092","sha512":"9edacc26b1bb97e6eb860d07d650f2563972aad2eb978ed1828a168abf1e170f1ec2c5493ce99b9ad48dabb11e165de5bf188ca2abf4f8f6e6c239c0b851a605","ssdeep":"96:87SNkY9WmU7n32pGn+NX7sc5ZO0DDJcCCmL2:WSNkUanVn+e0DFG","tlshash":"f8727638fef1b6b8594962362dc628095d7307c3e5c19c88b6ce4c1e6f21b9e8c5f652","first_seen":"2026-01-20T10:42:16.625731Z","last_seen":"2026-02-25T18:35:56.282418Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1956,"timings":{"blocked":1667,"dns":0,"connect":0,"send":0,"wait":286,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-0495305c.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-0495305c.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-2991\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bCBIo2Gukmdd9b7X8V9CdU%2FK0NwWjLOwE396hnS98ptfh9I1d3Z82M0AKSkAQ3QjGfZbmrZuldu377Rsww2cEA0OU3m%2FDPE2EQ%2BcdAUM6g50hEjwBA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f7cad9cd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10641,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (10624)","md5":"6d71ec715084ccc3fd4797782b530452","sha1":"22e0b4cd682a69f1e849d94cb651263b6615def0","sha256":"0db62e2e388bdf1618597107acf636a3447c135b317f0855cffe3b3f3d9f735d","sha512":"d3a0649334513e53e572dfe38556231a7896054ae30d74b9eb62c2e7bc5e61531f38e1ce58e79d6a54df6ed3f817039a94018dca56c0dca78456438f5c09ecc7","ssdeep":"192:g+AlxxBNTN8NbTGiFQElHMIicvFJIyIQCSjUFSET3Z3fTUQoN+NgN3NpI3Kh1IMQ:g+qxxBBOtzZjxIQXoFHT3Z3fTUrAKFF+","tlshash":"e3222a97b9458a3ee5b6e055d56e0050b2ae3fc91109c493b2fe4c213396ff8b729b0c","first_seen":"2026-01-20T10:42:16.635539Z","last_seen":"2026-02-24T15:51:35.561664Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/platform/dev/logo_144.png?2.0.1769239082142","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1769239082142 HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Oct 2025 07:58:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ff2608-184a\"\r\nexpires: Mon, 23 Mar 2026 11:42:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 274142\r\npriority: u=6,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FC3LcT7vRQb3i881HJFHxA97Fz4m%2BiZW8ix55FLCBC9HOmOnxU4hZGCuWjmuOLrlzy33m8AuiOdIQRO6iMIUPrjkH6soiD35ZH5NjySa4vfuuuAk3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f7d9dbdd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6218,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit colormap, non-interlaced","md5":"b5eb377a1865743b3e8131df2a4192c6","sha1":"a0096594b44d3c1d618096f8284a22a9f5b6de47","sha256":"5b5de5ae45d01bad3dc3400d75869d65755ed5fdc28dea2fb4c7135c3aa40159","sha512":"02717627a06b03024e18e1f61a4d93f6cb952abbef565c14deee4f59fe12948594f2015e5ffc8f4eda93914ae97f619c885dd2c5bfa9e977396b77d4c863ac88","ssdeep":"96:AY2bZMhEKBDA61/eUOVoxeTCAiTM16JKipXjesdaLiGgSRrj+DU7U2dJUvLoTn/8:AQDt/jOIeF1JyqsYLiGh6DU7U2vrbkeU","tlshash":"eed1ae01da591aa8c7ef915d10cee734136d1a40eaeac0fa6c9f8a6f0719079d67318b","first_seen":"2026-01-20T10:42:16.618349Z","last_seen":"2026-02-24T15:51:35.567227Z","times_seen":2,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0fadbd9b2c2ff4e629e1cdb52abf798c5.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0fadbd9b2c2ff4e629e1cdb52abf798c5.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 28415\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F18B90443130F4DF6F\r\nAccept-Ranges: bytes\r\nETag: \"43D76AC8C328F5423862DD16AAB71232\"\r\nLast-Modified: Wed, 29 Oct 2025 08:55:27 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9329898183208382746\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Q9dqyMMo9UI4Yt0WqrcSMg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28415,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"43d76ac8c328f5423862dd16aab71232","sha1":"29530ffa604f33e539376773e141be5119b11ea6","sha256":"8f46ee392ee29377e1f83f4dc6fe4dbf9559e2a55a5904899cc2aa798bed0c33","sha512":"9e184171621fbb697626921157460e7d2493ddcb9259321e6d4eae497883e95b17056d6a698a4dd644ac9af84b9ee77d65528ac9265759e012dc2947b26589c7","ssdeep":"384:P86eI6URby/Idz4M7XOKkO/0Uov7Ls/gyXqcD5AkidXmJhOY/1:06eI6URu/IdXOf9IHv5idWJB1","tlshash":"21d2b035ada076adad51d2324cda494d5c634e4789c19e85b9cc0c7b0f11fa26e0fba2","first_seen":"2026-01-20T10:42:16.628256Z","last_seen":"2026-02-24T15:51:35.568022Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1981,"timings":{"blocked":847,"dns":19,"connect":272,"send":0,"wait":280,"receive":10,"ssl":550},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0d88264b1de544234b041af0abeaf7a09.png?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0d88264b1de544234b041af0abeaf7a09.png?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18336\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2C390C3393927829C\r\nAccept-Ranges: bytes\r\nETag: \"C338B8CCDF258619D73A7C44A7115B97\"\r\nLast-Modified: Wed, 29 Oct 2025 09:10:50 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15632959204763636503\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: wzi4zN8lhhnXOnxEpxFblw==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":18336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"c338b8ccdf258619d73a7c44a7115b97","sha1":"20c9c61885d5e9f7e714523b04bfb11235b2f997","sha256":"5654071019e7d4fe8d6b483407a56a4af784f333fcb56c09f7db4908001c2cfb","sha512":"131394bfa6be8efba29b2a36a21a9680f1c1b3ac62c676692995366bebee548719a7e3e9959fec10e04e2507c3dcac428771d4e787d725ccbc884433d379c0a4","ssdeep":"96:87SNkY9WmIJiRpq7NX7sc5ZZgV66T0u/ZdUFxqOqE:WSNkUq57yo6T3SxFd","tlshash":"1f82b724fdf176f8540aa2332dc2284a5eb307c3e6829c8576ce8c166f51bed4c5f696","first_seen":"2026-01-20T10:42:16.619988Z","last_seen":"2026-02-24T15:51:35.568777Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":1179,"dns":0,"connect":0,"send":0,"wait":301,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/close_up-6189e55a.jpg","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/close_up-6189e55a.jpg HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-d88\"\r\nexpires: Thu, 26 Mar 2026 15:51:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aj%2F7fzPxxcinuIw%2BIaLAUAuXxGhId%2F%2F%2FCnK%2F2q7pPHYcH03x1ry1VZNt%2B6SWC7Gl7d%2BDiDYIOM8lHhJ1YX7nGYi4Wmeo01MpW6J%2FpZ%2FhEE9eCRJiUQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f827e96d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3464,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"549563c1c9bcc1563e3e5b7833eb300c","sha1":"dadea9f019016da47d446282e160c25b29049c66","sha256":"6189e55a572ec69463782526884d703c36554cef37d8c5a43bf8748e8cd5ca26","sha512":"7f52b074ceac6bfc64205cba0dfbefdba7bffee3988566829275bd89a4a3da3f2042c8c7fbb58609376640fda9fed92397479986409aeb01f1517347c64b3a16","ssdeep":"","tlshash":"75616dc06be91984db5de57c5a0b1ce46f28635a64f1feb0005ae46e0d86ebeec18760","first_seen":"2026-01-20T10:42:16.657356Z","last_seen":"2026-03-16T14:26:38.510465Z","times_seen":6,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.09305e016eaf548dd82128fe509e24386.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.09305e016eaf548dd82128fe509e24386.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3C78BAF38342565B8\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Sat, 25 Oct 2025 14:19:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-17T15:51:26.203489Z","times_seen":646,"resource_available":false,"data":null}},"time_used":2159,"timings":{"blocked":1853,"dns":0,"connect":0,"send":0,"wait":290,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.03724d46290c1405fb00e5f86745d5e63.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.03724d46290c1405fb00e5f86745d5e63.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F38B904431301EE16F\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Sat, 25 Oct 2025 14:20:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-17T15:51:26.241446Z","times_seen":689,"resource_available":false,"data":null}},"time_used":2259,"timings":{"blocked":1975,"dns":0,"connect":0,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/common/getAllSetting","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/common/getAllSetting HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: tw\r\nlang: tw\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8YKZeko%2BP4HWI7kR0tG1e%2B5zfLZJcmvyprTYp8mZxsXKU2CERWE9GDo7FUaDnRJrwqdEcMtSAklnji0aAMygBG5a5fDDhifWCbElspbzQ3BxxYxhRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f833ebad42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12651,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (12307), with no line terminators","md5":"a8f66d6419cbb0b768166ed53f37f105","sha1":"caadac80e7f3ac891d48fa69a272639f6d760fe7","sha256":"bde819cd915e444be4fbfc73be53c5b31e94e863143f7f3b4ef340bdf20b10f0","sha512":"bc64624bf5bc94559d1cba6ca0b7268d570f236c91253a6170f3dd96bcb5331819dda725307aff76bed852684cfafb6738a8799d03cd89846460c25a74b10406","ssdeep":"192:kMjLTqOSpQ+oQD+RbAuc2A+/yhZLSABK159u+m2sIzMWiG2GiCvUEdkGnK7gluFu:yu3Q2PMS9Lax0YgJ","tlshash":"cf42435a37d4ccbd92d61dcdc0b73e4a789c38afd6409c15a4a7af5c94d9c72080b18e","first_seen":"2026-01-20T10:42:16.610482Z","last_seen":"2026-02-24T15:51:35.571528Z","times_seen":2,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-267f0412.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-267f0412.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6974722c-1fc\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hg5f6HsyhwueCAbGFbh8bVY2yp2O1vPk5MF%2BsOMwcRq10a%2FvvOSmroqANRvkrMjDVAMkeQNq7zo77f9Mbk2MaK%2FHjvJfwAEBjAMrLwxdfiqH%2FniVjg%3D%3D\"}]}\r\ncf-ray: 9d301f788d00d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":508,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (507)","md5":"96a4a38f5e8740c6fdb13c5ebd757286","sha1":"af052f8182e8a9119235c1e75232b85d37edd422","sha256":"ece4c68878ec5a712eaf3dae347c408fcbc80ac12e13c7b3660b296d6711d78b","sha512":"76fe5c6e26c5f378608a6f04f0cb14b80b90e9a44a5c1ad27173063a07e7259c0074418c845ff8882c4019dcb42fc4675ca7962a1cc1601be5050dce63ada798","ssdeep":"","tlshash":"e5f0c93fb96a80b20bb384b8e1631820aa081f162b54c4a4d58b0e10ca748e7d56f224","first_seen":"2026-01-20T10:42:16.626551Z","last_seen":"2026-02-24T15:51:35.564926Z","times_seen":2,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-9990013b.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-9990013b.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"6974722c-304\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EzzIvTTDKfG6S6%2BxmI83SpAxo%2Bo8WrhEIYl6u9p6iVBJbUKAisrlfKFI3PDKsd4aE73faoLZnUwdFDH1f%2BltH7iYDw2QJTQBT9MPIWuHOBtWjdiKmw%3D%3D\"}]}\r\ncf-ray: 9d301f7cdda5d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":772,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (771)","md5":"8f3db74c5254eda253431d9eb631bfd4","sha1":"81f52ccb1aaff57e95f49051ff1bb758611cb9c2","sha256":"813cb8c0ba5fab8819550b4987fc59fbc15169a08d30e07c2de8dd2fd9ccb5bc","sha512":"66dfe3b658fb77697d5b744eb891d65166a09db926a3b2a4945c041bfa55364f22e8c613680890abfeb49c5cb8e5b87ca27ef6d4e5a07afe90e308dcc6db6742","ssdeep":"","tlshash":"7d0120f8fc0ccebb1f62064001903500140a2fedfa1419f198877e661be0940d7ce32d","first_seen":"2026-01-20T10:42:16.612659Z","last_seen":"2026-02-24T15:51:35.56395Z","times_seen":2,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0452b7750afea4b0bbfefe4a355168694.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0452b7750afea4b0bbfefe4a355168694.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 27732\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F28B9044313055E06F\r\nAccept-Ranges: bytes\r\nETag: \"7234819AAE7BEB8C09ED6959CE8FA7C1\"\r\nLast-Modified: Wed, 29 Oct 2025 09:08:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5222394423279626339\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: cjSBmq5764wJ7WlZzo+nwQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":27732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"7234819aae7beb8c09ed6959ce8fa7c1","sha1":"9869d1fc559ebbf31ed5dc3090503aaa245b6a8f","sha256":"4d38149c2e23c3e76660cd75a1e1a2b06ff11f3d79419ebc95d0764ab4ff99e3","sha512":"c27351e492350bd18510928a97503111dcb4752875ee6f49434a2c986625e0118df3dd0d327042bc0507df4e2c4cb86c9448776bd1efca575f802d0080084e61","ssdeep":"384:P86EEmlupkHBGrVncWfER01iW2ydg2cMcNyF:06RmlumsZaRq9nb44F","tlshash":"1ac2af6d2cf834640899cd7218943389ac659307b9d4fe42b2de9c164f01b929deff94","first_seen":"2026-01-20T10:42:16.630772Z","last_seen":"2026-02-24T15:51:35.572364Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1442,"timings":{"blocked":1139,"dns":0,"connect":0,"send":0,"wait":292,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0428fb0d5d43b4b509f62b97defa3d34d.jfif?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0428fb0d5d43b4b509f62b97defa3d34d.jfif?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 28699\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2C390C33939E0819C\r\nAccept-Ranges: bytes\r\nETag: \"C0DFAB9372EE35106B6248E66E753FEF\"\r\nLast-Modified: Wed, 29 Oct 2025 09:04:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11575042889135793241\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: wN+rk3LuNRBrYkjmbnU/7w==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28699,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"c0dfab9372ee35106b6248e66e753fef","sha1":"d268087bd03491dc5101e3f08288424159bd8103","sha256":"6dcd61beae6cc1ae3ff6bdbb5e4339d37d12ef00be739ffb15c8ad1925c711bc","sha512":"60c388f6f34dd79e93179a625fa4f6e722353e83d0c74b45af57ff16f94d60283a84b9e3fec02d8fdf07cffe3597403d5c6f750a982cfcb10589ac6eee21bc53","ssdeep":"384:P868jdiWzWJAffpYf08LqRukQsm4J7yPGZ7JfkEv/ZZ:06WTWOfSf0xHJ0GhJ8Sf","tlshash":"10d2be092df93165e499b5336ac1391c6db30a8b66426ccbff8dc8259f1035fccaa1c5","first_seen":"2026-01-20T10:42:16.609453Z","last_seen":"2026-02-24T15:51:35.573634Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2046,"timings":{"blocked":875,"dns":0,"connect":285,"send":0,"wait":292,"receive":18,"ssl":572},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.02725d4d60aa2433dba1766ecbb5f83f4.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.02725d4d60aa2433dba1766ecbb5f83f4.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17205\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3C390C3393936839C\r\nAccept-Ranges: bytes\r\nETag: \"9D772ADE3BC2B9287C5D763D0DC39203\"\r\nLast-Modified: Wed, 29 Oct 2025 10:16:23 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14248787782445785380\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nXcq3jvCuSh8XXY9DcOSAw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17205,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"9d772ade3bc2b9287c5d763d0dc39203","sha1":"1a3aaf08db74b76ddd093d9a6b504dbe53f8c3af","sha256":"91f92352178ea0f9280ce196bcbfb57427e44781d5edd1e554ef82995b44de32","sha512":"abecc403c5cbce3fb7cb27a55e4ebc20a4b6342b932abf96ddfcd1370d3d595122fc88aa60d41cfd997f90b5b2eaef40ba0d136b68dd5232ce17a16f8d65d3f8","ssdeep":"48:87/6bM+kYn9WJsEvJ72/caBC/aaLkJXzLZU9+H6+L06hlp6RX+N+Y97sc5oI7SSg:87SNkY9WmIi0pyNX7sc5ZSSD1fM1","tlshash":"05727424fdf172b85909a2323dc628055c7307c3ea81ac88b6ce4c1a6f5179ecc5f666","first_seen":"2026-01-20T10:42:16.642857Z","last_seen":"2026-02-25T18:35:56.335299Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2673,"timings":{"blocked":1733,"dns":0,"connect":0,"send":0,"wait":937,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-d2b93fe7.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:08.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-d2b93fe7.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-181dd\"\r\nexpires: Wed, 25 Feb 2026 03:51:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CtJIrj9WSn%2BZQm6w3XPn1tajJQkCz%2BYO77CtQd32KmrS1h%2FIaX%2F9TlW6t28LNDRfHiXKWgD7cgcC7gPj8Nj0f1YQ1Ak8A3%2BWgDnDXvYx9SgKcUJm0Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f687a5ed42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98781,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"2477f9e10439b7d01db3ebbd91a9089c","sha1":"1005eca18f8c75469674018add141688132b22c1","sha256":"671b3a0ab6da8cd2c82688bc92874edd133c0f244d6a155250b59c91bed03826","sha512":"1c06d77c511eda67ddfd8257cb854e8ce5dbb021f2c0c12acdd8c23c038eaf2e103e21da4f5721995159425c4b908997676d2d497eeb0ad754cf5041e5d302d3","ssdeep":"768:F96LmtgtNXeowpRXMcKDjDnDsDmDxJiNzPEk0wPtsw022BPPl4J7KsdvZzFehsXp:T0hUpOPDgivilNtril49KCN+o26DKJpQ","tlshash":"36a32a8d940b1fff6cbd0844b94f591020691fd36d89cc93b3ae6e552bf9cd8628a718","first_seen":"2026-01-20T10:42:16.629106Z","last_seen":"2026-02-24T15:51:35.575382Z","times_seen":2,"resource_available":true,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":843,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-d88a3419.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:08.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-d88a3419.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-4aac9\"\r\nexpires: Wed, 25 Feb 2026 03:51:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nFKC1GNZNd2IGggJ%2BL4da3A6mB0%2FQrfYrntMsnYzYZu3nvsc9JO6B%2B8o5jH21Ce%2B%2BLAmYOROqhd9iRSW6zp6MDGqHid%2BRvJ3RN3QZMq3MvZ91nNXxQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f687a60d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":305865,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"3b8ca4c92c7313ff03282d300e149d04","sha1":"257036a738d3db65dac134910b103797cb82a66f","sha256":"d88a341946843c7ef8db85c323a10d279e2e4f1e32e7ce73c59a4046f1b121c0","sha512":"bde9a1bcc47607728136e6fbdf4bef4f457fae486a093dcbf277b72827cca1f087c874d47aa64170000dc3c1078557927ebfba7e3d2f7cb93bc4e609973f29c2","ssdeep":"6144:nTN/9SpddBmkZ8w71ZACkFDS3vyf58rBeV05TO:TN/YBTZ8w71ZACkFDS3vyf58rBeV05TO","tlshash":"ce54d7a9a59011bc6f27aa7597ce5ad8f23ce6719c118de8f201600a4fc3ff91363617","first_seen":"2026-01-20T10:42:16.630042Z","last_seen":"2026-02-24T15:51:35.576222Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1026,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":814,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.05e07fd22ce7b4b0aa938166487abdf73.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.05e07fd22ce7b4b0aa938166487abdf73.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17148\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F38B90443130A3E16F\r\nAccept-Ranges: bytes\r\nETag: \"0F646713B045A36E7A26F474071D4613\"\r\nLast-Modified: Wed, 29 Oct 2025 10:15:59 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17363365459159739154\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: D2RnE7BFo256JvR0Bx1GEw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"0f646713b045a36e7a26f474071d4613","sha1":"1419f6c2f48bf5e39a1809b32994ab878b092af5","sha256":"38efad6dfa2ba774b3e3068f460eba9f0fa6183412847c2cd608e3417279b480","sha512":"32c80d76805fe25d18086b16cf01697cf0aba1064da435cf447495b3cf8cc03a11e938b312a7aa0db847a559d1a016775d0e78b0190e871728c54bd7fa880d1e","ssdeep":"48:87/6bM+kYn9WJsEvJ8laZ/6aBC/aaLkJXzL3Gb19+H6+LMbgl3y6RX+N+Y97sc5C:87SNkY9Wm/ladKXpl1NX7sc5Z4SEhCDu","tlshash":"6e726434fef1b2a8994d623639c334055d730bc3e5819c8476ce8d296f51bae8c9f662","first_seen":"2026-02-24T15:51:35.577375Z","last_seen":"2026-02-24T15:51:35.577375Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2808,"timings":{"blocked":2519,"dns":0,"connect":0,"send":0,"wait":286,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"exsme.geminis-pro.com/webapi/ws/97aff088-59d1-49ed-8e4a-6ad7d15ef82d","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /webapi/ws/97aff088-59d1-49ed-8e4a-6ad7d15ef82d HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://exsme.geminis-pro.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: q6qoLgzjyfcGSP5LE6urdA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Tue, 24 Feb 2026 15:51:12 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://exsme.geminis-pro.com\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: uPFCcoVKIL71m+oOi5rqzryKK7w=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NvNx%2FyfZoiRtAps75KDFhHQAccTNNcQRJ%2BElcwNCqH%2BQPZaNMiUVkd3j%2F%2FyxUJJ87EC59rUUTzH1F2oS2Aa%2BP2AlVvVCrp%2B8Bgn50aRYpMiksHhx6zAHy7YPFw63LJPZFuFy9zQ34AU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9d301f78cf7e1f50-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=8049\u0026min_rtt=7954\u0026rtt_var=1768\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3123\u0026recv_bytes=1216\u0026delivery_rate=544565\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=2fd383086452277c\u0026ts=667\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T09:31:22.032774Z","times_seen":16508240,"resource_available":true,"data":null}},"time_used":770,"timings":{"blocked":0,"dns":43,"connect":50,"send":0,"wait":645,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0bd384d2d6bc94f5ba4ff65d402f0388c.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0bd384d2d6bc94f5ba4ff65d402f0388c.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 1720\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F393A7E9363689282F\r\nAccept-Ranges: bytes\r\nETag: \"97AB55F852A20856474C6DF8C57DFAB6\"\r\nLast-Modified: Sun, 26 Oct 2025 09:33:36 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14435076695440657006\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: l6tV+FKiCFZHTG34xX36tg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1720,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 73 x 72, 8-bit/color RGBA, non-interlaced","md5":"97ab55f852a20856474c6df8c57dfab6","sha1":"d404eddf19309eca01a25991e0cddfebe7e7afd6","sha256":"3ac2e00734fc82597412f7ef41beed1306c8edc9b7b6170e6c092af9c127f598","sha512":"72351c00d5f715a3aab77061dbf1a1f7d48b266bb69ff1a123c3ef9d2f134a756e5a0a474c18fd4a29256955d55159dfa93b37665b71b08a3f84df0d6313f475","ssdeep":"","tlshash":"dc31e6925a87ee80d0c7993259fb3864862796b5db8c30fa14e044fb98d43b89b4528a","first_seen":"2026-01-20T10:42:16.624937Z","last_seen":"2026-02-24T15:51:35.578786Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2695,"timings":{"blocked":2417,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/vendor-3e2ecdcf.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/vendor-3e2ecdcf.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-d524e\"\r\nexpires: Wed, 25 Feb 2026 03:51:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2BN4qlupLcsyKlbcexqpCIUTKZ%2BD5qHZc8HA%2BaNwDzUudieOZPb1%2Fr707DSwqgo%2BHaLTmkeui0%2F4mq32FGdljM1KJMAWlzrMAOdf2Uc8j%2BTkdQ6GjQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f782ce9d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873038,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"5c4d16bb0b2f685b7e621e8c7f10ed19","sha1":"6899c0457e275068fe97fb243cb9e305df0451d5","sha256":"d1a5d4966131eb3f8ee7fc1606f813978fa7d1aa8fa44ad313af00b855ce16ca","sha512":"748eec9b3b390b84271130bf691f878909b6872b197a1363bcb0ea18ad42b113495712983a5313a1270827b67950f1f937a1aeccae46234c445ab1308b1b4dc4","ssdeep":"24576:aYHry7lGnpp1Kr05XGmMhhsW/83aNmWa2B:aYHry7lGnpp1Kr05XGxhhsW/oiB","tlshash":"950539c97292f06147ab24e240bb0006f3396e59744e84a4f1ad98db7d7ad89d277f3c","first_seen":"2026-01-20T10:42:16.607251Z","last_seen":"2026-02-24T15:51:35.560289Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/platform/dev/config.js?1771948271396","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /platform/dev/config.js?1771948271396 HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"65424d1a-18a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L0k9E1O73qOGKZ35iJZ%2BoEysi4kgYDdbsYpFdIIypNyQPewElr%2B2Fqgjpy4uulmrSoyKa%2FozaPlabJbRurfsdbTkL4OlfjoA48HCO73PGG59yUa9ow%3D%3D\"}]}\r\ncf-ray: 9d301f785ceed42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"4bc52b1aa6813b98e0af16a138354c00","sha1":"91ee6accefe6f24544627bdd1ae2aba499d5016c","sha256":"bf904efa24cb62a824547b6df3a7bbade81bfa77cc27124d7766ae502e5d6231","sha512":"22c852a633d0c36ccf7d549fd1c6a800698e42994d993a47f534b92c8ff8430c14d668c72d2bf8eb79e8b4459f83116bc75ff5f5269f36bc3b8cf2cb9ae886ae","ssdeep":"","tlshash":"f5e0abab3138c16451b08f2b6cec4817f68b2733494c010bf8b469041e79d542178890","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-06-17T16:05:43.125934Z","times_seen":383,"resource_available":false,"data":null}},"time_used":639,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-d253bac1.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-d253bac1.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6974722c-3d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ddd5Ou35T0js52OGWLEN5zXRVyzqY008MIJryvPMeaW6JQV95Cwj7Js9VDSBRdqhtKiJR4fyU6vDKjpKcQqOdL0UQ5xXE8jZwCRuqITq3Yq4Ntezdw%3D%3D\"}]}\r\ncf-ray: 9d301f787cfad42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c88360cef8df86c995e562333879873a","sha1":"8674b487cf92f20149c0ef681b42a599469813bf","sha256":"d253bac175b5b52734c192e96d18c8b26b0c92b881584f63b7de91bff96c6149","sha512":"eeeb5ec01fe8c7d483182fc60a2b54ee1d02994718fd9b23a6182f49ead49d889889f21592b2955bcac8cc859023204782db3210d3a0c706a3e4677564db3636","ssdeep":"","tlshash":"f6a0026d11156404b2225341ff5ff95dce686917da91820453421c9135cbe8f25d821b","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-06-17T15:51:26.211431Z","times_seen":322,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/slider-icon-121ed293.png","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/slider-icon-121ed293.png HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-419e\"\r\nexpires: Thu, 26 Mar 2026 15:51:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xSxJBiDVXmcH3rAYt5GuHGSsUN6vAcslO3fg5fLfiqdnIHeXw%2FDx7hxKj5G753bdtjDWHFZyPQHEXw%2FyMGsjzMfTWFI9uV%2Fpdeii9UWiTyoNILVISA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f822e85d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16798,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"462be76dc84bd2d6ef90d222dc159185","sha1":"29ffc7f5f841ff040f68e382b112816a35fa68e3","sha256":"121ed2931583b1deb47118bdf7d1492c9ffc4b222e5af769aa6674e082cebe00","sha512":"e3f9d1a341ef240ddc53f63777ebc0168c480893e79139db95f4015b6af9c2d0b963290664b535b682d37b8ec3743deb01f7c8f9fea470f7dc762393f62ca15e","ssdeep":"48:87/6DM+kYn9WJsEvJPj/VJaBC/aaLOT9+H6+LOil66RX+N+Y97sc5oI7xHVF7NVt:87S1kY9Wmk7GpLNX7sc5ZVeKym","tlshash":"3f725334fdf172b49959b6332dc624095d730383ea829c88b6ce8c196f11bde4c5f662","first_seen":"2026-02-24T15:51:35.580763Z","last_seen":"2026-02-24T15:51:35.580763Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0c95e28f1233043bcb2e55b22bd13eff5.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0c95e28f1233043bcb2e55b22bd13eff5.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17675\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2C390C339395B829C\r\nAccept-Ranges: bytes\r\nETag: \"2548E25D4F4FEF47E29A5A49C1644D90\"\r\nLast-Modified: Wed, 29 Oct 2025 10:15:43 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10665380921239879580\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: JUjiXU9P70fimlpJwWRNkA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17675,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"2548e25d4f4fef47e29a5a49c1644d90","sha1":"ab9f70665bb9222976a25f5f5588018bd9d0c9c0","sha256":"b907bda3ad94bd2675cd552aafdd16a248e803e7166d12ebfae3f0a679718344","sha512":"25d3f5a27096c9b367553000c3c16693762460e59f5c9b61200ca3d836a9fa6f9d7cdd74c920e9a23c24c47ce8fb509a9750143000fcf10e688c52c6f2c76b97","ssdeep":"96:87SNkY9WmsTRyp8FNX7sc5ZI2kOrSayXy:WSNkUeY2kRaQy","tlshash":"91824138fdf1b6b85949a2323dd224095d7307c3d681ac84b5ce4c1d6f21bae8c9fa56","first_seen":"2026-01-20T10:42:16.631699Z","last_seen":"2026-02-25T18:35:56.33099Z","times_seen":12,"resource_available":false,"data":null}},"time_used":1740,"timings":{"blocked":1436,"dns":0,"connect":0,"send":0,"wait":301,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.02bec22a56eb8416c888317162d6e09ad.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.02bec22a56eb8416c888317162d6e09ad.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 27347\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3BC6A5B3134C59B47\r\nAccept-Ranges: bytes\r\nETag: \"935BB52185D64DFAD0D8216AE36B5DB8\"\r\nLast-Modified: Wed, 29 Oct 2025 10:16:15 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8684607523608828293\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: k1u1IYXWTfrQ2CFq42tduA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":27347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"935bb52185d64dfad0d8216ae36b5db8","sha1":"1c40d241bfb202c516f1c986dcf21c07616ff5ed","sha256":"5bde65e77acd59d72adfee4888177196eb05adeeb7fe7a2e38bf85f658350c15","sha512":"8278837b6c9bbb74ac90e2f8973201c62487b953cbc4dd6fedefa4949d72d006be80cd481169dd60aee1553d6cb1409102ec5514e00a05eadadda61f4bc1a79a","ssdeep":"384:P86ekOacf39BKDE2KKFU0h0xz9Nf14WFpACI9dRuV8CgvNwyv5D:06ekOacVAoHKFXOj14WkCI0V8CGwKD","tlshash":"afc29e10b8b1b5959c2d3e3168d13c8d4e621303e9535d867f6d4c177f40badde9ba42","first_seen":"2026-01-20T10:42:16.656458Z","last_seen":"2026-02-24T15:51:35.583191Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2865,"timings":{"blocked":2575,"dns":0,"connect":0,"send":0,"wait":280,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/notice/list?key=ROLL_NOTICE","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: tw\r\nlang: tw\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oMcgkEkk1Q%2B1qDChsopUOfGlOQbS%2FrEuaFA2o6Qgd2pvpDuLSC3VMzsCOJINXjcjJ5PwOt72%2Fawf9cATtq8Ngp2rNfpAti9kT6eqOxDd0dw5qzy81g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f832eb8d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":523,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b8c5e2286721f58f9d9f752d5b8c2b4e","sha1":"5664a339c3c61b04ba473c06ed58851736d68509","sha256":"e268d3f15442e5a10f690d6989a2a7475ce2e37b6f33d2c0977d03721cedf9b1","sha512":"a18f67a8345f9ce457018a6f788bdc670116cdcea3d81fbfbb980d316831c7c9ba2f512a2bfad71a9ffde57e897a4748b96548a5622d2019ef79446f7f4ceebe","ssdeep":"","tlshash":"bcf0524e153c9e2e080a88c355ccbdc8a23e0b47ca20cd308a4adf2c42f26b91b1aa00","first_seen":"2026-01-20T10:42:16.613551Z","last_seen":"2026-02-24T15:51:35.583956Z","times_seen":2,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":658,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0da62e2b21e7042989fd5a069e1ae1cb2.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0da62e2b21e7042989fd5a069e1ae1cb2.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 21894\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F293A7E93636EC272F\r\nAccept-Ranges: bytes\r\nETag: \"66AED1E269A3C36688ACFAC6226BE724\"\r\nLast-Modified: Wed, 29 Oct 2025 10:20:40 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12178143940207400854\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Zq7R4mmjw2aIrPrGImvnJA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":21894,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x264, components 3","md5":"66aed1e269a3c36688acfac6226be724","sha1":"3261f92f60e3ccd0d1f72e02e17aa9319f308ed6","sha256":"adcb683702fbf5cdd7af137135973e5eb412f8fced510c00880abeb443d183da","sha512":"ca391044d5e11092b791a2fd2c5355578a47153c59ac5977eb7f9facde7303d86d6165ef2e46f08cb9c253d816e7d229bad04588ad41cfaea9b0495c671c30ae","ssdeep":"384:C8F8elPVnWipmIHAR9eYRs+8ALB4kvoNyJuJxgpprP1tTJdpm4c5W2H:C8F8e7LEIHASKs+8I4x4uJiD19Jd44cb","tlshash":"50a2d09e36e9c541b52879df6d05ce872382f54323b0c6573ed8a0a64678334b649f8d","first_seen":"2026-01-20T10:42:16.658982Z","last_seen":"2026-03-29T04:39:26.607888Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1329,"timings":{"blocked":1035,"dns":0,"connect":0,"send":0,"wait":289,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-bc011be9.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6974722c-18d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MINeKcDGw1mJKtiZRPs5Ud5dE5Q3bd7knQQDKJtsj9OVUtp4Uafi08um2tWqUVazcbDgInIsQOYBLDygtvD1g2FqJgnSbhYc69wocR8mXvlFbM8yNg%3D%3D\"}]}\r\ncf-ray: 9d301f787cf8d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-17T15:51:26.191331Z","times_seen":1272,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0c7e4776ff17c4b1a92caab16b390b174.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0c7e4776ff17c4b1a92caab16b390b174.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3769\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F28B904431308EE06F\r\nAccept-Ranges: bytes\r\nETag: \"3211D07D5E7FF660AC463CCC42B2AA37\"\r\nLast-Modified: Sat, 25 Oct 2025 14:15:03 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6526493649666908842\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: MhHQfV5/9mCsRjzMQrKqNw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3769,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced","md5":"3211d07d5e7ff660ac463ccc42b2aa37","sha1":"f132e7ae1973e400c83836c49413d7822478dc02","sha256":"886797bc0fcc7b1114761744f70f91f2c8aa8bc2e63c89e861e838e8a024fd4d","sha512":"188e5c5ae40e7d609dadc0048386b4a650c62aaf2e0550e0b14d22aa7aba6c10e7e71d271e71852f7654808105a1d701304340c79e4829bb431a66ee3cc289a5","ssdeep":"","tlshash":"dd717e42dcac8a15f66e023005e3c7a561e89c8e48459e6fdf2a41c3b4779077ad253d","first_seen":"2025-03-06T08:06:41.441426Z","last_seen":"2026-02-24T15:51:35.585728Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1697,"timings":{"blocked":1420,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.07720977b89f048659b96eb59adda8c5a.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.07720977b89f048659b96eb59adda8c5a.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3AFAD5B3432366874\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Sat, 25 Oct 2025 14:20:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-17T15:51:26.200256Z","times_seen":690,"resource_available":false,"data":null}},"time_used":2965,"timings":{"blocked":2045,"dns":0,"connect":0,"send":0,"wait":909,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/platform/dev/favicon.ico?2.0.1769239082142","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1769239082142 HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Mon, 27 Oct 2025 00:02:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68feb69e-3c2e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qgw%2BUNYR72RAdsZd8TVyrs1cyeZFnCm5h%2BUkMe2fncLOlffR8%2BuNqQnwrwRIrawzvkOVmgQFxhoPLf%2B0b81sQq%2FTs0nY62%2Ft8Mqq4kdDXM%2BLeH9ihw%3D%3D\"}]}\r\ncf-ray: 9d301f7d9dbed42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"a1391cc9bb83f784e0296b9ed29478f8","sha1":"3761583c125d41cef4b37e2b879b078e6837c5b7","sha256":"a7036ae588d8451bbc0a528ae98dba657bf2b5f1bb80ac2bbe7aacc60baf599a","sha512":"36f61e90ddee01de953dd9db94fab16a81674cb4a8b13130b69af161983213269221a6c36c207e8285273db4388b0bb37cd1358449d4b45dbc2a458537e8b34d","ssdeep":"96:NKcYx5O/yTeq7swb/rssCH1yCwllvygAH43gkBh3PReohwKu7b+vUGaGZ:IrPSqXbDsvVyhbB3h3ZXu3","tlshash":"9e628891d4e68931f2ea4a7404602f78c5e39eced9d8b46fa006f453bbb57c23027627","first_seen":"2026-01-20T10:42:16.623114Z","last_seen":"2026-02-24T15:51:35.587157Z","times_seen":2,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/currencyItem-15550dda.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/currencyItem-15550dda.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-6d6\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZPnMU2ufmW1abxo4JUgOlYpFNeG1lSbGcVU%2FLcCnrQhUpqUH0kmlU7v93%2Fk7KqPKN%2Fm5B0e4u0IofVSUQCrLOT3oensJKDtjEGJhKivRFVHCuhMEoA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f788cfcd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"0a88af6b4dca3c130c74addeb274fb10","sha1":"fb0c4b8a0f7b7c4bac8e193999f99b4070ffcfad","sha256":"15550dda13edd7fe55a2d29edacb7ba57f23f39ef10d087669c0f75facae0763","sha512":"5d046b442f0f471b2063fcd34fb68b1d95b79647ec7e50cf5290ebd866febcd12e9b890a1784512959c4f4a433d3f31d57540254b4e0abbb6f55dc7773677619","ssdeep":"","tlshash":"ed31c05457110375da3bc8866ea8010dc0d47fd1901765cae8afaa2b2ccfa931b7096b","first_seen":"2024-08-19T15:53:11.157884Z","last_seen":"2026-06-17T15:51:26.21257Z","times_seen":350,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0f2c15ebbb4da42dc9cd49c8853124095.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0f2c15ebbb4da42dc9cd49c8853124095.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 29104\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2AFAD5B3432146574\r\nAccept-Ranges: bytes\r\nETag: \"241307C7239BA9371F4F06022063D3E5\"\r\nLast-Modified: Wed, 29 Oct 2025 09:05:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 625871799404163614\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: JBMHxyObqTcfTwYCIGPT5Q==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":29104,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"241307c7239ba9371f4f06022063d3e5","sha1":"ac32124642122f47cb0eb3f36b438da2296a4908","sha256":"59f4998557519abd3affbd614aa284aab266bf0a77035332d329f1301d3ed761","sha512":"c4ebe19e7c5376fbe40e3fc2d95f22a47af7b425b8bbb948104c9ac8829459a21cdedb988b11e4fd07b1e7b5ea9833b15bdf78e15bc76a6a901d7a8a477536e5","ssdeep":"384:P86gsPy82HiRJFeMOqUSIz9j7jF33E1ciEeeUmAr:06wCbFGJ5E1cbUjr","tlshash":"fbd2bf11fdf0b66070bd1a722dd9270d58e72993d5a28c107ecc64a78f52bdc5ceb21a","first_seen":"2026-01-20T10:42:16.615609Z","last_seen":"2026-02-24T15:51:35.588507Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2065,"timings":{"blocked":883,"dns":0,"connect":289,"send":0,"wait":300,"receive":10,"ssl":580},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/line-up-8bfc4715.jpg","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/line-up-8bfc4715.jpg HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-14c6\"\r\nexpires: Thu, 26 Mar 2026 15:51:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qcP6e9Z7b9bONO3Zk1meJl%2FBgBVqQX3ZbfNPqBen7%2F5jrB2TEVyZzsYXGqEUqcF1x2TOsyDFjbhK6ko2cXUk%2BilnI4T%2BH3FZQ8RYP1FgkZ9%2FFBYjwQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f827e95d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5318,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"23806617c29e3e4b9b8fc9578fd5ca68","sha1":"ee0ced7611623300f5e60edf1cb78496ed2fcb79","sha256":"8bfc4715cd317dcf37a9c15de143b5480d305b86e19d21644f35731dcf206144","sha512":"c009cd32f3d3cde8d98c4ac1ea264d518b1bb39ac9296f3dda95b6633d87dc4dae3c277eb3b8bfaf8066e4b71a512ee9760d3f4d5ae3646f735f562fb883dcc4","ssdeep":"96:iXsm8TJCqhX/+5oYTIRtKZjY/ppxtO1IciGalkRtIcT7HpVCgGVqmU0kX4gFrKD:OwnhX/SLkoZUxJNcjaenIcT7HpVvGwzY","tlshash":"5eb18e3a63b6e04ad4b44ffc92f8e71a8b5608a66c5c8d2a45369c0a07f161cd9223e0","first_seen":"2026-02-24T15:51:35.589207Z","last_seen":"2026-02-24T15:51:35.589207Z","times_seen":1,"resource_available":false,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0403facbee7484f5895d72b4dd9adb3b9.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0403facbee7484f5895d72b4dd9adb3b9.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18016\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F4C78BAF38343766B8\r\nAccept-Ranges: bytes\r\nETag: \"E471EFDBD0D13D1A10A7678727C2EDCE\"\r\nLast-Modified: Wed, 29 Oct 2025 10:15:37 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10295670558011492243\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 5HHv29DRPRoQp2eHJ8Ltzg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":18016,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"e471efdbd0d13d1a10a7678727c2edce","sha1":"45dd7f6ef3e78b55fb334a419307fa56eb6925a7","sha256":"5bf0f63762f8dc602ec583656c31f5c9cbc29169bb42d77dba6dcfd3d894d37a","sha512":"77da780f80f3ac7fb48ac855877e7bb29357ebb8aea7dc883670fd4716cdda703d25df86213398b51722b1a44f020e0f108613a3a0cbe345c8559affa3adbd6c","ssdeep":"96:87SNkY9WmsDUHpklNX7sc5ZCeLMllE6FCKG6BnbHtF7:WSNkUtulSeLMzNGwnhF7","tlshash":"3b82b528fdf036a89949a2362d8624054d7307c3d5c29cc476ce4c2e7f21bae8c5f697","first_seen":"2026-01-20T10:42:16.617521Z","last_seen":"2026-02-24T15:51:35.59007Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3441,"timings":{"blocked":2480,"dns":0,"connect":0,"send":0,"wait":958,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/charting_library/charting_library.min.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:08.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65424d1a-2a6b\"\r\nexpires: Wed, 25 Feb 2026 03:51:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=18iqkNzzTCuFB9lUgUrRIDGlh0RRTc2gzx27223m2gB727WaI4fFtrMlZzS%2BK7IWX6nrXqxtbZzFgsWuCHrfbbB6duA9kAVR3H6fHNOAspk1GAG1wg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f686a5dd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-17T16:05:43.135431Z","times_seen":1024,"resource_available":true,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-2f4644ae.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-2f4644ae.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-a01\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BuYE4qodcj8fo7Iti6Hetb%2FVSGjliTcqWkSOt%2B%2B2V0KAqpvnvyK9z7e%2Fab4LOJkYXiPybtO3k33u7VXYhnC3vHmHAYZPsWmX%2BnD7UfhlroLJPsMevg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f787cf9d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2561,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2560)","md5":"45baacfdd2499066688f7ffc7225c372","sha1":"46551e76bfa93f50857a6b0f53d1f117d2adf0fe","sha256":"2f4644ae09e7b5a53ec8996547eb607ac21976285369b68da4ccc2c49fba346c","sha512":"edb7742f23bacfab32449c041654cb2e47b50fb18da2e9a33a7e736fbc02745db06ecb8b913c3c5b0f3defa871da7bc5e89bf3c9d7457be31f4595c0be470eda","ssdeep":"","tlshash":"c4511e4cfe9915345c7be98fbe5c6e488000be93e54aed85f007d70649cfae3276065a","first_seen":"2024-08-19T15:53:11.157245Z","last_seen":"2026-06-17T15:51:26.197087Z","times_seen":57,"resource_available":false,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.03cb8e37687894eeca870ab1da6807379.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.03cb8e37687894eeca870ab1da6807379.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 28911\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2C78BAF3834DB64B8\r\nAccept-Ranges: bytes\r\nETag: \"5920414A3FAB88101401F4E7D6348F6D\"\r\nLast-Modified: Wed, 29 Oct 2025 09:03:51 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10900845713107100401\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: WSBBSj+riBAUAfTn1jSPbQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":28911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"5920414a3fab88101401f4e7d6348f6d","sha1":"20494f9f42143c155f58e5f113b8f8513b86b929","sha256":"e8681fcadba93cbfe0353327d1ee3797f761cf047bc08cb055a2ba7dcf21c047","sha512":"d91e8e880b1572f78240f2025704d651ac28300c9a985c9a455f7744b76ca7ca7d8c5e73dd8012a1dc3f33bf0c68fe69a1de34ca65c5afc7bf6341e49dc76b69","ssdeep":"384:P8ULcN6r7Rt72GhlrQc2oGYWuWhGtw7LRUml2Ipkowo7q:0UnR921omGu7FUq2hyq","tlshash":"fdd2a038bdf475c45555a4362e8235cacc6b0683daa0cd4979cd8c786f427ea5c4f494","first_seen":"2026-01-20T10:42:16.622353Z","last_seen":"2026-02-24T15:51:35.591897Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3507,"timings":{"blocked":1612,"dns":21,"connect":277,"send":0,"wait":279,"receive":1,"ssl":1315},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0485473cdb22d4dd9a127c657f7b60d9b.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0485473cdb22d4dd9a127c657f7b60d9b.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2122\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F38B904431305BE16F\r\nAccept-Ranges: bytes\r\nETag: \"3F1084E8DB367BB4FCA29D014E2853C3\"\r\nLast-Modified: Sun, 26 Oct 2025 09:28:32 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8174426117179782744\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: PxCE6Ns2e7T8op0BTihTww==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2122,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"3f1084e8db367bb4fca29d014e2853c3","sha1":"e997bd53333b47aaca1e184cc018c9e0cbaadaa3","sha256":"000bc2d99ddd07b4b3fb6ff39c9e973e4b7ac419d13ef7bde2cc5582a30ae79d","sha512":"3df73452bf765a2e49479804a57c20b671228e8940235f117f1d8974a525e6b6b9471dbd2217da13840ee3c3e4f9ae13c45d4cecb15fd30a3a2dd0c822db0450","ssdeep":"","tlshash":"85411ab6548488d8c653c43d8b8f6201aa3250ba845f6b0e4a31e9811e21f9c91f6907","first_seen":"2023-05-07T19:16:41Z","last_seen":"2026-03-06T11:22:32.388811Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2531,"timings":{"blocked":2253,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T15:51:07.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 15:51:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cey7RgtXa1vpFIMa%2FUnI4BwtLir%2BfZI5IZFnFLhcS%2FtwSYaDHqrzgLa01Y4zZNeRkYCEJEZg3BbVVTdJZsTMX0ZTAon6kkrY92sXWGoxNh5kGBuYJA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9d301f627a671ecb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5283,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094), with CRLF, LF line terminators","md5":"9d1025c47688271d6ada67aea82d9ce6","sha1":"c8fe58ed74af2a6c3848b6f546f0615c64fca7e4","sha256":"9dec41e8467635a36a9794a96d1e6a2b15047603e813957059b0558cb198815e","sha512":"e3c3f6a865ce0fd07590d582543278750fc246df0ecb231a216aead189b55ad05c42e2e3692f46780efd2bdb431d20cdefc72bee51341bd7583abd17d6412847","ssdeep":"96:+r82Iotf53uSPEZshVt/pqr6TCZydHRH/gO2mUsGKAiowGwuB1niHNiHgH/2:+FIA9PE8SZCxf32nfD3bwuB1nitiAf2","tlshash":"b1b142b76ce5882e23b1162adee7f018df611193851a485071cc80ee4fe6fd588dbb39","first_seen":"2026-02-24T15:51:35.593204Z","last_seen":"2026-02-24T15:51:35.593204Z","times_seen":1,"resource_available":false,"data":null}},"time_used":707,"timings":{"blocked":35,"dns":0,"connect":8,"send":0,"wait":638,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-00338204.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-00338204.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-1218\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nCJPNvsG7RWWGxdCpzBQs6nqiniXnxay1wOy5sUzdBpeIBXom2%2Frg%2BMBancFaC3yv4Sgw9BPs6Z8L6vy8ivZ3bHINeQ7HMO%2BnBGt%2Fd6YEED3x7t2PQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f7cdda3d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4632,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4625)","md5":"cddf5c2f34721a42804f314dfaa6c56f","sha1":"4716e07a6b0fe2bdfe983e7bdb290592c03a2a06","sha256":"bf41e9032ad8af7a9fa844e4f29999a56f6ed94be9d3e774d786ec99c0c14c62","sha512":"c4278394101a6f384690dfaf4e2e1719259f9ba4e3b4367368f903645d43c7555ec2b7960de7c50bfd5ef402ded6d5f6ed9e478140289ca89d1040e8ca7643af","ssdeep":"96:2+CYlnYkqD+wHX+dI3rtb6cirmDebgP3hvO13XDNahkjA:2+CYlYkqiwHlrtbZqifhv6XxnA","tlshash":"c9a1b699f80286bff9b7144048480420219cbbffb20548f2fbfdad0a63b8979d754765","first_seen":"2026-01-20T10:42:16.627382Z","last_seen":"2026-02-24T15:51:35.56258Z","times_seen":2,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/service-icon-56540710.png","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/service-icon-56540710.png HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-47a0\"\r\nexpires: Thu, 26 Mar 2026 15:51:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F2%2Bs9AFyKiAn3KnHZBFnYJtmJmwF7Fcio0cC2mi6gf1%2BBI5ZjYeePnurmqAs4nAuPEl%2F8uyodjaEYc3b%2BYcvngv8Vp7dufKlGjaPcBqjdTPErJSANQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f822e89d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"c338b8ccdf258619d73a7c44a7115b97","sha1":"20c9c61885d5e9f7e714523b04bfb11235b2f997","sha256":"5654071019e7d4fe8d6b483407a56a4af784f333fcb56c09f7db4908001c2cfb","sha512":"131394bfa6be8efba29b2a36a21a9680f1c1b3ac62c676692995366bebee548719a7e3e9959fec10e04e2507c3dcac428771d4e787d725ccbc884433d379c0a4","ssdeep":"96:87SNkY9WmIJiRpq7NX7sc5ZZgV66T0u/ZdUFxqOqE:WSNkUq57yo6T3SxFd","tlshash":"1f82b724fdf176f8540aa2332dc2284a5eb307c3e6829c8576ce8c166f51bed4c5f696","first_seen":"2026-01-20T10:42:16.619988Z","last_seen":"2026-02-24T15:51:35.568777Z","times_seen":2,"resource_available":false,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0861b2ef7ff804c2d8c90a44ed002c721.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0861b2ef7ff804c2d8c90a44ed002c721.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2AFAD5B3432C26574\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Sat, 25 Oct 2025 14:19:44 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-17T15:51:26.229163Z","times_seen":653,"resource_available":false,"data":null}},"time_used":1752,"timings":{"blocked":1460,"dns":0,"connect":0,"send":0,"wait":291,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/common/getCoinList","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/common/getCoinList HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:11 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W4IRbpphzKvrbOfHazyVU5oJHT95BEyWvIwVdHH%2FW5A3%2FsBWfyZc6RYoisvrPbnnBc%2FQ%2FyPQVF2W80xKsDHElq6f2RwO0ICwGJbkLe5Av9YGEphOGg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f785cf1d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16638,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (16622), with no line terminators","md5":"0ac0d70e01d950df9fc71eaedb807340","sha1":"f7f31f1262f85b0e536c0a2bd193ba6b869bd638","sha256":"dcda7b71aa0579d531ec6b15b13e7e60ea3aaccd0bbc236e2262273f7b0792d0","sha512":"60b7073a3434c26cc1fd594878d802cf69b0e706ae9f678322fa3056a59f8c4e8c1de626ced0a6983e31569e1c6e9d6bf895b6c591836af49f4edb7d18fab658","ssdeep":"192:VXQVJXdxbX5bXR0WXZsQeXYH0XDyX+H5X1iSugupwX+wYQK7rYfaCK4bnjOljmP6:wHCl9PjeFn","tlshash":"97725451622894bdc579c0d42ebf7d07509c32bfedc68d2a92ca4d9c8ed8eb1160af07","first_seen":"2026-02-24T15:51:35.594401Z","last_seen":"2026-02-24T15:51:35.594401Z","times_seen":1,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.020c0a06172fe4e3e90459843c414fca9.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.020c0a06172fe4e3e90459843c414fca9.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 26571\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2BC6A5B3134959A47\r\nAccept-Ranges: bytes\r\nETag: \"E1A4A4917A4D6055E2372F8C428FB032\"\r\nLast-Modified: Wed, 29 Oct 2025 07:49:14 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14330660658290703713\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4aSkkXpNYFXiNy+MQo+wMg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":26571,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"e1a4a4917a4d6055e2372f8c428fb032","sha1":"37933bb10fad3dbecc410a070cbfe87583afc3f2","sha256":"f7985851708b127574b2b26fe2503ea510d1866ad1d481cdea6c882fd6e18715","sha512":"f512f17d15a4ca2e2f703394592ab082acf2361e1490a032c36e155848214b8af0e4a7d5eb0b56f9bc3e75b4b77f8e7fd962e91601778e5d9e336c3005830572","ssdeep":"384:P8UUci6rTkpX7F053iWwd96NWrZarwY0n6R:0UIX7Owd96x+6R","tlshash":"84c2ad4dbcf076e1d44922336d96294accbb5793c881ed857dcdcc14af017ea9d1b0a6","first_seen":"2026-01-20T10:42:16.654977Z","last_seen":"2026-02-24T15:51:35.59504Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2685,"timings":{"blocked":835,"dns":24,"connect":266,"send":0,"wait":1018,"receive":1,"ssl":538},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/resource/fonts/DINOT-Medium.otf","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exsme.geminis-pro.com/assets/index-d88a3419.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\netag: \"65424d1a-11d88\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gI%2BhBMvWvDMSCWrxsOpYWlqpEWSy5BlU8F3Hk8VMz5hwaX%2Fhi2mxR2YGamEyDbTIsfpTIB%2FYVzwwr0PhbaCQ3e8vwQ7GYoLprRBe9nErq7eCigIQYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d301f82eeb0d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-17T15:51:26.193498Z","times_seen":1504,"resource_available":false,"data":null}},"time_used":1060,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":639,"receive":421,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/common/type/defi_activity_type","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/common/type/defi_activity_type HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: tw\r\nlang: tw\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:13 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q%2FMmj2oLmlOMvJATTu35K%2B9mIEXvgQGfDn4AUH6MSB1Drpu4zjU0D7GydRFkAqkzvU84hRm0Xd0lHLBGv6Awmq2y3hjdNiG4Djr2RKv12SPoO5VzPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f833ebcd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-06-12T12:16:48.401727Z","times_seen":701,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":654,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/vendor-72ef657d.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:08.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/vendor-72ef657d.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-16997\"\r\nexpires: Wed, 25 Feb 2026 03:51:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UCC2MLfafyieqSA9Cn%2F9ZCM5NeJbF30WmkMm58KFvwhy%2FlP2hD4JMGuMsSJ7TQXuUtVubpjQZueDPdDvH54AzZ3WGtlrhzUdVR8tgvDbUpMVUaxT2Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f687a5fd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92567,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (48893), with NEL line terminators","md5":"a6961e7ef7303f1fef917075ccc2f806","sha1":"68d012cb0a228b47a86f916fd8eb1c712afa6d1a","sha256":"29230021d4a36204a38eacdff2bf9e9f56e157f8fa33783bb2ef239eb882a6fa","sha512":"c0b1a05e7dc391184d3a53e9dab8494d3222070997aa7b5a62b47e14a3a25f8aab0554493fc9c2c6bfbf374ccdcf8d31e4a89bc9f797a2d18405132c2fd84db4","ssdeep":"1536:ZTIIUuZM3ir/j3Ykrx3WqyrtpqoSWEDZEnX73:ZBrxmNH9yDWr3","tlshash":"0793c5a5e58492fc7f1afa75ab4765e8f13cf660cc009aa4f105512d0fd7bf50223a2a","first_seen":"2026-02-24T15:51:35.597056Z","last_seen":"2026-02-24T15:51:35.597056Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":823,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/resource/fonts/Arial.ttf","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:09.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exsme.geminis-pro.com/assets/index-d88a3419.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:10 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nlast-modified: Wed, 01 Nov 2023 13:05:30 GMT\r\netag: \"65424d1a-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DZRw6CnngYSRHegsdNaQ8UWXgHzyKYnoykMHjM4itvYm1NIJfNrH0jvdDlBFbFgjBbZwMESRZJN0rfcEtBZfvKnta07NFZQipkCIDSbL1gYOnKV6AQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d301f6f3b65d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-17T16:05:43.138447Z","times_seen":1895,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":658,"receive":1357,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/tw-c6d8fa3a.js","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:12.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/tw-c6d8fa3a.js HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-9287\"\r\nexpires: Wed, 25 Feb 2026 03:51:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dkTmwYn%2FBLJFSOM8ZnY3yG2kbN62fdh1lLLMZtqW49Ehq0uvv1SJFQsA6MPiFjSN0EntF%2BkhRYKynrpNP7QTesZupBi0EQ7Dw8ko4QkZ2STQi9eb9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f7c7d81d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37511,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27714)","md5":"4cb22c083ee9f6c7da894efa40094132","sha1":"a1f28aae4069e3b4e9c6a83efb28f0639dd9e9b1","sha256":"de7e524bdada513a01757ebafb7d1482204d7e08247e51daef2c4acff28ad396","sha512":"3cec4b41e395e1012030c80de6f10b5d5aa0f2ed04037077d01b9936e57aa27474d2b887237dac7aff4a876d846d38e3e4b5f9d81b25bdccc8350491f5083fb8","ssdeep":"768:1Bhu4hgcnMH1x55Oy9Wwj/P89Nn82vaFRt5xO4XtS:1LGcMLzO+j/DHXtS","tlshash":"71f2f6c46ceedead44e3a53bb04e694260f75e89c721c0295fec59f9a2c4b139793720","first_seen":"2026-01-20T10:42:16.623936Z","last_seen":"2026-02-24T15:51:35.598304Z","times_seen":2,"resource_available":true,"data":null}},"time_used":838,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":838,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/webapi/api/common/getAllSetting","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"POST /webapi/api/common/getAllSetting HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://exsme.geminis-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:11 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://exsme.geminis-pro.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SGrSpv5Q3nsfp8jTTcbIeZKDjfpbRc4rXhpk09BSN8zdHt2z5I0CnAflptTa7IZ41svaXOAm1z8zm6uZSIQAAnTXd9HJ3FNL%2F%2FO8TTUn1ZdzXrYJpA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f785cf0d42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12651,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (12307), with no line terminators","md5":"a8f66d6419cbb0b768166ed53f37f105","sha1":"caadac80e7f3ac891d48fa69a272639f6d760fe7","sha256":"bde819cd915e444be4fbfc73be53c5b31e94e863143f7f3b4ef340bdf20b10f0","sha512":"bc64624bf5bc94559d1cba6ca0b7268d570f236c91253a6170f3dd96bcb5331819dda725307aff76bed852684cfafb6738a8799d03cd89846460c25a74b10406","ssdeep":"192:kMjLTqOSpQ+oQD+RbAuc2A+/yhZLSABK159u+m2sIzMWiG2GiCvUEdkGnK7gluFu:yu3Q2PMS9Lax0YgJ","tlshash":"cf42435a37d4ccbd92d61dcdc0b73e4a789c38afd6409c15a4a7af5c94d9c72080b18e","first_seen":"2026-01-20T10:42:16.610482Z","last_seen":"2026-02-24T15:51:35.571528Z","times_seen":2,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0e3a890926d544e7ab5bf27df27b280ea.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0e3a890926d544e7ab5bf27df27b280ea.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:13 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 27347\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F193A7E93636A9252F\r\nAccept-Ranges: bytes\r\nETag: \"935BB52185D64DFAD0D8216AE36B5DB8\"\r\nLast-Modified: Wed, 29 Oct 2025 08:54:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8684607523608828293\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: k1u1IYXWTfrQ2CFq42tduA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":27347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 130 x 130, 8-bit/color RGB, non-interlaced","md5":"935bb52185d64dfad0d8216ae36b5db8","sha1":"1c40d241bfb202c516f1c986dcf21c07616ff5ed","sha256":"5bde65e77acd59d72adfee4888177196eb05adeeb7fe7a2e38bf85f658350c15","sha512":"8278837b6c9bbb74ac90e2f8973201c62487b953cbc4dd6fedefa4949d72d006be80cd481169dd60aee1553d6cb1409102ec5514e00a05eadadda61f4bc1a79a","ssdeep":"384:P86ekOacf39BKDE2KKFU0h0xz9Nf14WFpACI9dRuV8CgvNwyv5D:06ekOacVAoHKFXOj14WkCI0V8CGwKD","tlshash":"afc29e10b8b1b5959c2d3e3168d13c8d4e621303e9535d867f6d4c177f40badde9ba42","first_seen":"2026-01-20T10:42:16.656458Z","last_seen":"2026-02-24T15:51:35.583191Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2005,"timings":{"blocked":854,"dns":23,"connect":275,"send":0,"wait":284,"receive":10,"ssl":557},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0ce8af696f7534f2fb1fd9f1e84b8d509.png","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ce8af696f7534f2fb1fd9f1e84b8d509.png HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F393A7E9363644282F\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Sat, 25 Oct 2025 14:20:28 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-17T16:39:53.805226Z","times_seen":669,"resource_available":false,"data":null}},"time_used":2422,"timings":{"blocked":2095,"dns":0,"connect":0,"send":0,"wait":292,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.05ff79535cf484126bbf4bd1e37539df8.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.05ff79535cf484126bbf4bd1e37539df8.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18506\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F2AFAD5B3432616674\r\nAccept-Ranges: bytes\r\nETag: \"E1053A6EE51F2F01AE88306CA133AD35\"\r\nLast-Modified: Wed, 29 Oct 2025 10:16:10 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7675376803137166977\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4QU6buUfLwGuiDBsoTOtNQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":18506,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"e1053a6ee51f2f01ae88306ca133ad35","sha1":"0dfac94969c5daa0d6c64c4be3f10cf530471871","sha256":"bf0381609467fa88d195a0cf3cf3472351ecd1e79a39a2538926ac1cbc9b7865","sha512":"b99f7a27128c16c447a13e8fd6462912303ca3c5cd35ad52b8e9b826739fc688943a4d0390eae26f726160b8b61258d48f3fc0a1d15b7904efabe04bca2df8a5","ssdeep":"96:87SNkY9WmQMEqpTtNX7sc5Z5+dBVLDhoaacGrZ4jeYwzMx0:WSNkUJpUVDKaRGrZuebze0","tlshash":"b982e938fdf1b3a8595962363dd728085d770783e6c19c847ace8c1a1f11bae8c5f562","first_seen":"2026-01-20T10:42:16.634383Z","last_seen":"2026-02-25T18:35:56.366106Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2025,"timings":{"blocked":1721,"dns":0,"connect":0,"send":0,"wait":301,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com/echo2.0de53f1ceeb61447daef1d29ed5b46901.jpg?2.0.1769239082142","fqdn":"tmgo-echo-res.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.246","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:13.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0de53f1ceeb61447daef1d29ed5b46901.jpg?2.0.1769239082142 HTTP/1.1\r\nHost: tmgo-echo-res.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 15:51:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17252\r\nConnection: keep-alive\r\nx-oss-request-id: 699DC8F3C390C3393976839C\r\nAccept-Ranges: bytes\r\nETag: \"8C720544A27F8F63518F16365DBC927D\"\r\nLast-Modified: Wed, 29 Oct 2025 10:16:50 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7510605967221617788\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: jHIFRKJ/j2NRjxY2XbySfQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":17252,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced","md5":"8c720544a27f8f63518f16365dbc927d","sha1":"e69ab3669d36633bd9292334d64680737d4383fd","sha256":"14f0cd681e8a0c44e4117ec19e76434608cfb3185dfbb9619a05bf8ed32e56f1","sha512":"a8736fcc24c8485688079787df1c443b4ab82e4f9f25bf15894f41e0a9e663392fa7a374280f28c0584fdab6e2b258683646c9f784ee6ffdf17a88e5e3a142d0","ssdeep":"48:87/6bM+kYn9WJsEvJPC/maBC/aaLkJXzLfjs9+H6+LpJlfn6RX+N+Y97sc5oI7L5:87SNkY9Wm0uUpoNX7sc5ZLlJMqNdiK","tlshash":"18727424fdf276b85945a63239c228085db303c7d982ac8876ce4d1a6f1179e8c5f663","first_seen":"2026-02-24T15:51:35.600258Z","last_seen":"2026-02-24T15:51:35.600258Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2976,"timings":{"blocked":2674,"dns":0,"connect":0,"send":0,"wait":298,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exsme.geminis-pro.com/assets/index-97891ab0.css","fqdn":"exsme.geminis-pro.com","domain":"geminis-pro.com","tld":"com"},"ip":{"addr":"104.21.11.209","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://exsme.geminis-pro.com/","date":"2026-02-24T15:51:11.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geminis-pro.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 18 Jan 2026 07:11:07 GMT","end":"Sat, 18 Apr 2026 08:09:50 GMT"},"fingerprint":{"sha1":"75:55:FD:D1:DC:88:7A:09:9B:A6:9C:CF:1B:C6:5B:A5:62:88:C7:FA","sha256":"53:97:33:C2:FA:DE:2C:88:AE:3F:B0:91:03:2F:B7:69:22:FA:E4:71:D4:47:40:7E:3B:B8:52:B0:05:B7:1D:18"}}},"request":{"raw":"GET /assets/index-97891ab0.css HTTP/1.1\r\nHost: exsme.geminis-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 15:51:12 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 24 Jan 2026 07:18:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6974722c-2b06\"\r\nexpires: Wed, 25 Feb 2026 03:51:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sNfJBE8iAwTzTOdDFG3pRXpRLYTgLE3qRIYO9nnG0kz6UfnmQCrqXVKaDP2uOYRv%2FWjfcZHa17%2FAwBzFAZZm2VJE6S31RvNlwztmNputOq%2BBqUdzPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d301f787cfbd42a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11014,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11013)","md5":"573dbbcde6d382576284debf7f0c29fd","sha1":"f030b395d74e684bb9175f381c34dc3d480e6d98","sha256":"97891ab09d6be4f3696f92256ac33472d8b683e071d676de38970fcd56d572d3","sha512":"dd04aa18fbcb2ff275562b3b4154da59f7caf82b59d7d09f9426b57db12c40e27f9c40fecad3fd805b0f0f79e1a6093e690816c9c0bc1364f6c2c94ff2b669d3","ssdeep":"96:v4mElpyGZezOETjHa5OF80+62r3J/bQ4gMJaSyLzArdzSU74IIE5LFsSSE2:vOXZePfHb2NQIsMrAqvIE5LFsSu","tlshash":"1c3298a8f29835389e33d1c6af989eccf014bf11d7439da4e15756228ddbad30a2099c","first_seen":"2026-01-20T10:42:16.653667Z","last_seen":"2026-02-24T15:51:35.601061Z","times_seen":2,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"exsme.geminis-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}