{"report_id":"7e70b169-50e7-4561-9afa-f59402749cd8","version":0,"status":"done","tags":[],"date":"2026-06-17T18:00:39Z","url":{"schema":"http","addr":"trustedexchange166.com","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":0,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"title":"Trust Exchange","dom":{"size":40960,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9697)","md5":"56f3dfdf0cb5f697af11aaa752d50a01","sha1":"51fa7b9b67eb4cb4d95408e63bfb6fa36c7f7a70","sha256":"9e80c03eac59eb630af64f4bbd97c6d301e02ade1e41d484df8c12670f91cd51","sha512":"4965debd05144630f3615222c668602cbcbd307022e268dbff9d695326b3c934f479b83a5422e7c020672faf447b8c09189bfad5901d9e8106069a7ebef0fde9","ssdeep":"768:ucE+BT4aCJ3h2JJiOuCY0uhw0e/uzu4tAVFQ:G+BTVRduzvtAI","tlshash":"150386c09cfc0897106251c6b8aa7f16badbd972e31a404cb3ff0d566bcbd08592765b","dom_hash":"domhash6d2d8b169488b7d64aaef7817046db52","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trustedexchange166.com","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":0,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T18:00:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"trustedexchange166.com","ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-15T11:55:03.329515Z","last_seen":"2026-06-15T11:55:03.329515Z","alert_count":112,"request_count":56,"received_data":1234036,"sent_data":30881,"comment":"","tags":null,"fingerprints":[{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"trustedexchange188.com","ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-15T11:55:03.333626Z","last_seen":"2026-06-15T11:55:03.333626Z","alert_count":0,"request_count":1,"received_data":307,"sent_data":596,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-14T22:40:52.388947Z","alert_count":0,"request_count":1,"received_data":69681,"sent_data":504,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"customer.cmksaletservices.work","ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-05-22","domain_rank":0,"first_seen":"2026-06-15T11:55:03.332517Z","last_seen":"2026-06-15T11:55:03.332517Z","alert_count":0,"request_count":24,"received_data":530820,"sent_data":16318,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2316d5f067a1f861d2565a592376fea3","sha1":"a6560c8aed6fc7350e2ca96fcd98211bc18fc235","sha256":"6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa","sha512":"bfc9e0fee1b19207b7775209b84a3a7493fc2558b2be6b34725cbda676df4714faff7d5cddd456c488b01a73125b06631ca3ae6371159a28ecee4d63cfff5b2c","ssdeep":"1536:ronrZdZLIkYsOH+1+kN4gcUu9n+wkiKYfsD2:reVrLIk7OH+1+kN40inxA2","tlshash":"6263d8c4b6a1209543e721b1416f020b723aa82d250d81acb654d9f63cfcdde762bfbd","size":68686,"data":"","first_seen":"2023-03-07T12:12:41Z","last_seen":"2026-06-18T00:06:46.012302Z","times_seen":704,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/script.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"99b78165e73f08d1d0cfe114c0b4e7ad","sha1":"9f86c5f286135ac0bd6cf41eea0665e9846d0299","sha256":"d75bfccbf03a6192177e4fbe194370f0353b54034f1f3f92c7c77644a6988adb","sha512":"03b5565199a5e351f87092647db5f130d086635d785a4dcf6a9cb1bc79203b1c406dbde9f917515d85b37bb603e4ae83547f3574147da1dcdf7eea34143be53d","ssdeep":"96:kZFU4qA8jt8jpTbso663tYoxNkwhqGuLK9jtnnt5/Avx3CB0QPiU1QzGwfg3:kZNijujN0uYoxNkwwGuLK9jtnnt6vpCP","tlshash":"a0c19318f01c361a927931394c8f4069a03d89691b0f8495f47daea42f3473f4eafeda","size":5985,"data":"","first_seen":"2026-06-15T11:55:09.742084Z","last_seen":"2026-06-17T18:01:05.899059Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/element.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"784379625afe1516f69075a78007e7bf","sha1":"4eca1e2bd313d46ddcf113095074da797b145aa6","sha256":"763c30063a00b2698ab3aa17948b5008a33d477fd7dfd45f11f3d4a49e29b73c","sha512":"f08d8e5c3c091ca2a0f00109cc55dcf9a7ce055996f1fd2d6cc2f7b414e533c0b8356fb5bd3ec7eea1692e5aa56d2be0465465f60479f3eb2afb783cec3ca87a","ssdeep":"192:nZKp8KKtRtwFC2q6IsTPJB91RGRtX9uEUn0Gs:nZltcF+6IsTP5ONN","tlshash":"bfe19518b05236f73197b5d143bfa21da03f4636e70246ac3066d4ba09bbd891673f9b","size":7264,"data":"","first_seen":"2023-03-07T13:00:48Z","last_seen":"2026-06-17T18:01:05.927555Z","times_seen":268,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/index/index/chatBoxJs/u/5c6cbcb7d55ca","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5843b3fb273d56ea5bb61b109eaf1456","sha1":"4c0fe925719fb0f83c822ed88fff2deaf2072f55","sha256":"dfdfff4b7ce43b28838f72be1a3eefa003b0d5d0da09fe90681e5bf9a5d65bf8","sha512":"01afae0b8f3b1f50cc3b9522539ec9554e56f1d0299e1d90a949f5f3ef9320162cbc852e61930d262dcd103f9fc376bc7225e0cae32f12024251d8d7552d3a12","ssdeep":"192:nq4l+/PCFTS1JZ1ldN+NGG6IEixCrpZ0izLU5SVimGs9KhfI0aZFzHRsdryTZrAa:LXF6JZ1ldNtG6DixmRjN7tHQ0T8Vsx","tlshash":"a662b6915ab70d6d111a935d3fdf76043f21c013c60ae829bedc86d99fc58f84061bae","size":15878,"data":"","first_seen":"2026-06-17T18:00:46.620393Z","last_seen":"2026-06-17T18:00:46.620393Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/carousel.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4b94959b4b5ad34cdc1dd2c12a6bd1c","sha1":"303a72c6380c4277062e85eac689d1dc5ebc60df","sha256":"ec7b67ac49f660eae790c97c9e47fd86973a01478947c603f458667fb322351c","sha512":"b4d24dd32769ad42ed0d4e7b61b80c0ef9f41e9d001a48f5bfd3a328e58e715724a2df8bb97e8078e6b1fc44be5ede4b53233f987578eaf9f3d6e0a3ec936831","ssdeep":"","tlshash":"d7811181775f386741972453935f4c0896b719ba9b06d054f2a264fa6dfbc88223eb0f","size":3862,"data":"","first_seen":"2023-03-10T09:41:51Z","last_seen":"2026-06-17T18:01:05.946662Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jqueryWeui/jquery-weui.min.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c7bcbbeb838eabe8801befbb54f177c","sha1":"2c486e904bebe49b0bcea8e5d0b019533699a7a2","sha256":"e07b9a34158e94ba73df9e89768dce0e2846c984635a6fd4c4d7539c822b6bce","sha512":"dc5a2a219f4f7b3a29da600600c4666c18d0a9c3f77e256e3222387976b779cae0adaba0adfc72fb3991730c7a34b3f390fcbcf47977ca316fc5d94ca6de1f16","ssdeep":"1536:beyBPd2XiZAazT8DOCOB/j2kNleVRrI5CVam9P:beyBFTZZzfNleVRrI5C1","tlshash":"2d83f68e7651b63253f7217881af02052233a926644754a8b96ce8d51efcc4da3bff7c","size":84329,"data":"","first_seen":"2023-06-17T21:56:24Z","last_seen":"2026-06-17T18:01:05.958822Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/layui.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9328fba9720a5a8444146e458ec6d1a","sha1":"c70b26c4fbaaf89c8ceed3df16baa2aadc1a26e3","sha256":"a25d71fd2f5fc0c05e62dbdabd1a1fe3191ec0a90a03d546a9527355fc8e2ac6","sha512":"65271016f1a6cf6fef6d42940399aa6155d67cd4e46789f3b2e18655dbe72bad69ff41a59f8b8f2cade733e2c6f832ca5a2fa4b6a56f9ccde1174bcdf2938d31","ssdeep":"96:s3y+aD48Dsp21ORbCkShS60OGeRr7UHL+XsqUuN8x70Acgc:yytDXo6VRKKXjU+8x7SR","tlshash":"5ad1c69cfab27092477f3165766f801ea7bb40ad285c4490e1cad8e52c72cad4377f58","size":6667,"data":"","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-17T18:01:05.912448Z","times_seen":383,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/layer.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ffd5603784dbfeef189498c1a705c15","sha1":"983f2308aab1a1addad5be4f1c49099f5dd589cc","sha256":"2aa83aee413f9b91a2dcc536cfd6acd6e44b3fcdb59c26586e32d083396a8db5","sha512":"76d0b3952e17783ab3b597d0db1f734bf7b933ef8ff316c8107f5192f1ecf318c3f11c9ba10a4d15063b26cbb32133af7581070d7c782ebbbcd6580cfd21545a","ssdeep":"384:619Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:614iV3iaWtXIKiF13k8","tlshash":"b4a2b66a754034976323906ad11fba0b31f21d24d7078128f22ba4be1dbcd95a2b7f5f","size":22041,"data":"","first_seen":"2023-03-07T01:06:17Z","last_seen":"2026-06-17T18:01:05.901889Z","times_seen":434,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/slider.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c35742db2e72cd4f30cefa23690ecf5","sha1":"b50d4268f547cefd984c069d276c956feef395e8","sha256":"2fdaaa9935b2d19fb54e0798e6e42fc3528d1b2772b46b9aa8731b1ab6947609","sha512":"44d0ab3649b35cec891738e6eb4f28d1857fcb900e2369b9395ea54854717108268c8ce729591923fb094cfe1b34dc0f9b2e9bf35b17b77f34c479ef80deb391","ssdeep":"192:z8Syuw2bmz0DLKypMjYXVp5D8IlM/eq9zwtyd4UduKN:z1yuw2UOPSBMj8/","tlshash":"53e19615314ab5732172c263b59fc84eb2f20779b303c564a6a540a51ebece82b37f63","size":7091,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.918842Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/lang/en-us.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"26fd80f238136ab70ac2545308240972","sha1":"9c53209dece13d2ea508801018e17a48ab20ec52","sha256":"4bc90ecaf4541f9f71e04744f90b02ec404ddb22aab1dac753d96e171e1c1185","sha512":"efb3db97c63e2cd7d447f8337e3b29c7cf369b261eadab75aa887d196feb57c4e44d0f1f2a96fb82190673acddb1c8735221617f1d6d1e4c119dbf4b5c0cd10d","ssdeep":"","tlshash":"87115c55520c9494050694cb76a716c5df8540770981768ab7dd81dc7f8bc2be2f7189","size":970,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.911242Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/clipboard.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa7c9d74f567a8877522f816d7c387cc","sha1":"d79bfe29e732477cb27598dedff9495ddc05f390","sha256":"6717dbf025d81f537cc639903fb560e01912c0467e8da579fcdf92c6f58f7a65","sha512":"da4a20fae935b42cb957a322479c0e779835b37291c6ac8cb41f300dde796847897f788e849ff6153a32004cff087615d37f9f2cb8aa5751cdb1b8bab2534b16","ssdeep":"192:q0Z14dOk1XSHkKpI/230xlH3G4Ly9+vxo53CoD87JxKllkvc363Pw/3JyUZu5MpL:HZCQfI/wsXCz3rbllC3P83JVu5/Gz","tlshash":"6122a68cb29071b156eb50ba802f420fb271c42db06e40a8b21de8f56c7de9d4627f3d","size":10111,"data":"","first_seen":"2023-04-08T01:19:22Z","last_seen":"2026-06-17T18:01:05.90943Z","times_seen":2201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/iosapp.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c2f59781d7868eff1bed99be0478af8","sha1":"d8bd7c15428c99cdbb38795df05438471953ba6e","sha256":"b16d7795b265d380540612bfed9739a90fb46aade4228c670fc8d17abce9adaf","sha512":"2e979baf0d2f94e91eef9665df48555ab4dcf4e7b8bc149465ec25d9e09a07dd625edf0750a6f9d7e47f64162f8099663c7986c4a4840948b177237581b4ff6b","ssdeep":"","tlshash":"c94132999a9d683919d3b42d1a3fb15c72333aa5a4428110bc0fbf943b34a4a162db98","size":2054,"data":"","first_seen":"2023-09-23T10:36:02Z","last_seen":"2026-06-17T18:01:05.921689Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/jquery.cookies.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"de952eda41b0edc0b5c416ee48f7028e","sha1":"dc07de882ab68370534fbf9440ac7b8c068695a7","sha256":"631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7","sha512":"674fd3c9db480ecf8680822131fc80f904ddfb3907a1033ae9ce06019a87ac6f9eb6d6535e6aba0ee0b601d039d55da7e7cd247a67db5cf7bbcb8408116a03d1","ssdeep":"","tlshash":"1b516554b6cc375f07ab22416b6f50aca63cbf72255808dc885965f82c60c37db9bd2a","size":3139,"data":"","first_seen":"2023-03-07T12:09:28Z","last_seen":"2026-06-18T06:56:59.942573Z","times_seen":2842,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/websocket.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a89fe0ff2c76d604b4d0bd1eb1557e36","sha1":"77c1355bc7ad8dba444484d341ae32716760712c","sha256":"53a8d029476aafcb243cec953e522204b1af1231339ae75822dc63274877f8d9","sha512":"be671e254800bcdc163945abe3203d59e47637721e40b3f6d16e06223ffcd5e527ccd3de59f6283539261ca9311081a04fda89059307946cd7bf6255fc7866a0","ssdeep":"192:EHjrXg7hWXwwQbdUFdMea3JiMF0Cl3Loa5fFwy4HrwIIgUdjAN:EDrQ0XXQKMxiMF0Cl3LoaILEWNN","tlshash":"237262a0f7ac151f40f6142d849c55c46bec8572cba849e7babca6d00748f1e146bdbf","size":16053,"data":"","first_seen":"2026-06-15T11:55:09.763973Z","last_seen":"2026-06-17T18:01:05.896266Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/i5scroll.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"229ae241044a0a16861b8583b4435079","sha1":"8051376b7ff4f9eb4c40389985ceed910bd8a868","sha256":"00323fb404aa8d1151ba1d3842ace6e1b7dfd723faa7b0402c20bcbd7d93e59a","sha512":"edafd940bd292208de80d57343ef7dba5360bc21f5dd691f24b13d167b15b3f5529bae2735c1d2c67fb23de10ea4b907f7adf371db7d150724a2ee5d1ef82cc5","ssdeep":"","tlshash":"cc3167c47000b636859620b271ab56d9f3398ad7346d881174beb189bd1cdb50d2fda4","size":1779,"data":"","first_seen":"2025-02-26T18:00:22.707066Z","last_seen":"2026-06-17T18:01:05.953387Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/layui.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"055cb5361d0dadf75de67f6875def943","sha1":"97ddce827fedb8869a9d0248a16b70c14da2a8ec","sha256":"91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2","sha512":"3c074594a667484aa78b2227f834c4bebab07a6b4bd795f94570d3e3da911aa48275e13c54e1c6848cd2ec1fbb2bad5cb104e9a6bc1f71c967e93dfde62aa9b2","ssdeep":"192:TDTGeNtb7/j9Eg3JMunJYJjdlrr1+p8XqlPBOTXLLRUweK:TDTGeNtHj9Eg3JMunOJjdlP1+K6Pw7Lz","tlshash":"c7e1a898b5b27452473b306572af901ea67b44ad284c8090d1ced9e63cb6cbe4377f9c","size":7395,"data":"","first_seen":"2023-03-07T01:06:15Z","last_seen":"2026-06-17T18:01:05.895657Z","times_seen":541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/index/d3.v4.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e899651bcf1a3591032d7213daeab171","sha1":"607e02087446eb2efadcbee253db3aca3d794a7b","sha256":"8585db4092b8a9d26201e0d58e343d1b40fa034c4b9c343878923d7649bb1699","sha512":"44927534d0bcf1084deddc29098f2b9bfe8ec48f987503f8f03acb19efde48077e9feb353d7c10924a73cc082825ee1c6455b61802d0a31a31eb5812636c907e","ssdeep":"1536:wJdNAq50g6ds5VIG2pUfpgBU3gPDSb7+CmeoA08h6Vh5Lbg5ECfmDoo5rfIrTGE9:wrN3F2pHSYlyLG1sVAupFmuFyiI7R6","tlshash":"092494ccb682b096936320b0417f244bf33b2d59684f4568e029e9d97c7895e51bbfbc","size":221957,"data":"","first_seen":"2023-03-07T21:28:45Z","last_seen":"2026-06-17T18:01:05.952837Z","times_seen":431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/form.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a55a0aaf3d84264e3373f58f347a18fb","sha1":"921760fdababb5639192c73866c1b3b5f2ca0644","sha256":"03315f4a8fa90d66f3115d686bcb50d9356136607f92edbc9c59d4f27090a0f3","sha512":"7295dd0874606a2605b16a49ca696bfe305e16d769a7d037cfba0e074591e4def8dea94e4157cbd7c52e85e8de4ae496155c0af6d21b00943ba04ab6164edc13","ssdeep":"192:7U7m+EjWnSTmyANS4B7R6EoHv9w5iaHe16GL:7U7msqmHBV6LP9yiaH6n","tlshash":"1312a319715135e2367b60a1405f981ba0bf4635ab09c8947093d4f92ebec9493f3faf","size":9591,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.956136Z","times_seen":112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3105d113899336fa39d8b81c3d93bd7","sha1":"7ec7bfabe3e74a9439df56c67c0dae1046d76c42","sha256":"71a47d7c530bbb1d47abe3b4f07200c94e6ac1f5106e3c241eca50ab5e2f10ca","sha512":"576debad553c6ebc2f1dde8498df8f6ef0ce792a3811f9e43144a372d4b0e0a57cc4427edba8c34de2060c7a728ed2f10878fa504a2a8a0c4d928e356df022c6","ssdeep":"","tlshash":"50f0b472ddb3a8e63d9e2005477cb9057de84c33059ecc17b944f6489fc6806b85e5c2","size":550,"data":"","first_seen":"2026-06-17T18:00:46.666421Z","last_seen":"2026-06-17T18:00:46.666421Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jquery.min.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84345,"data":"","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-18T07:50:14.590985Z","times_seen":25285,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/customer/js/whisper.cli.io.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7c4e246b0c9be4ebc6eb8bf68d95362","sha1":"585de1b523016dfa50dac830de72926b31fe4f3e","sha256":"f6caa0a9dd763cd2ebaa79f09b291c5281e0eccf998bc0c27408fd0860aac635","sha512":"7404acff6c778a376af7048b5a6dcbbd26219b6acad7b4b5803cbb105e09c1f68c89a709cabea9e2f47b7b30de3cbe05fbb2269b53e60077c65cc1e2828c3f14","ssdeep":"768:W/SI3zn26FYeDQ8iajwVy0w6VZaRhZRIpW:W/Ssn3FYeDQ8iajOt2hnqW","tlshash":"79f2530ca5f72420517330b96f9fa414ad26902b150dee14be5c9bc4afd89bca2e1fd9","size":36054,"data":"","first_seen":"2026-06-15T11:55:09.713716Z","last_seen":"2026-06-17T18:01:05.913675Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/lay/modules/upload.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b670942bffbc1a655a2f7c8756a5e07","sha1":"e7d280a54e16ef6a20e24c5b07d741990fd1fcee","sha256":"6d3798f3329ff1ed18a541200a93d70c593877b0be9c17de760078495fab9f18","sha512":"5d77c10d92421f529b460faf5ea0bec6fb3896100c4795623d285c78695bb29f2b9854414ffa1053d5b434613e028d6c5a30653227310c07dac535b2f6c77021","ssdeep":"96:yjcpeth5uITLksYbox16qpR40xBggngZXgx9ugHFS36ZuCM3ga+jhSzZ5IOg:yV51NPxs84cgRgTdkyi3gP42","tlshash":"dee1a59ab908b82361b330e5014f420d257f055f550ac6c8b193d5caaebed1a11a3ffd","size":6971,"data":"","first_seen":"2023-03-09T22:19:33Z","last_seen":"2026-06-17T18:01:05.914328Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"403cca2b2f8330bdb133e5dd3426abc9","sha1":"a525aa567e8f07235b3222e0b7d506bed6928334","sha256":"b9c3136768e11c3f9f81bfbe14c38bd67b638e9fa3182bdf454e74d10a9a28f2","sha512":"552e80dfc6ce9a5df0dbed7158dc430e46d80f1a5abdd7fbdabbf917e8fe7bf3aaf04c80376b4ab485231373fd09c2121df51820186d9a9bd4afc701f88cd1ae","ssdeep":"","tlshash":"6ee0209480474052075509154b4ff291310388770781c400b74c92f59fe1bbf9286ed9","size":355,"data":"","first_seen":"2026-06-15T11:55:05.889084Z","last_seen":"2026-06-17T18:01:05.964715Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3884b416b2f4a8e99ef30ec300dca877","sha1":"8e251cac006136afc8e6a1a0acd672bdeb22a25b","sha256":"a06e3a49dc82a7769b41dfb0f9e5825da6ddfbcfbced044b62718761db9eac77","sha512":"b8ecdbc7bc92d4e42362cf7e30444adfdf34e0900437a50abf618486fc5cc7437669408378ca77452fd6daf14d354906144ca9d4fe804d74418fcb020359b894","ssdeep":"","tlshash":"b2e0a704cad345aa7c8815c1279b212178848802e0d6d145fa5ee62baf0a04f64f97d9","size":430,"data":"","first_seen":"2026-06-15T11:55:09.779083Z","last_seen":"2026-06-17T18:01:05.965301Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"37e9cccf26de97dcf275c3708f0b5206","sha1":"bb92cd6bbdadb0c1e533f36b119925b8eba6547f","sha256":"b2bf9a5358c2f563454e42a7cbb3438b01d5e07794dce377d15b93b4eb627504","sha512":"0dcb64a23e48c21e84caa1b9c745bb6665f2318cac4a700fb82aa125eca82b6dee7513debbb581cbf0f5eb6ea1a96625d24a3a521429d1995f45b8069d0a83e1","ssdeep":"","tlshash":"8321a2da80d5530999b728969b8b2a01312394b704cc9007be2cf2691f4a31f5acbfde","size":1247,"data":"","first_seen":"2026-06-15T11:55:09.779963Z","last_seen":"2026-06-17T18:01:05.965824Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"b079015879110e8d38fbde163d145292","sha1":"c38f410062f607117a5cb1de8cbc1d6673aa9210","sha256":"acd5895bd78407e9ea93750a80a9c12ae0d5d0609809a4861dab028f128597a4","sha512":"a0006071d2bb6658c336f092a73160f967a13f74d75f07bbd0269b218e7f4fa24dc76a602377f1747cdc0908f035f99ee85a16ea7dec4e7cb63b920dd11eba64","ssdeep":"","tlshash":"a470000c8f2a8000a00a8cc0208082000ca8200222200000a80a0e0030802a0802a0a8","size":20,"data":"","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.966499Z","times_seen":110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"42cb60c6132fff48b24d4c9a3b8601a2","sha1":"7eb1227db54124d92802d8d17ee6aae7fe61535d","sha256":"4c69972c864964a0cdc6049e3042426395dbfcb359f30020041259f894ab9a5f","sha512":"c20f35c1fa07907af74e7680666891bd23573df96f05cf9007b9cbe7e56c3756b2f99f90ebe6c44dca2b9b6528547f3fa465a48e786adf51057959df0dcae258","ssdeep":"","tlshash":"c82110c8f34caa0e987216761aae10cb382c5437f958cc26fb2d78383f5b70c491996d","size":1433,"data":"","first_seen":"2026-06-15T11:55:09.781442Z","last_seen":"2026-06-17T18:01:05.967188Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"984c0912ff616360a371707be2914eeb","sha1":"9166ea5519626bada2255d890f5395b542b2b1c6","sha256":"cd0e70c97c5f036ad981e4207a702d77c756bd3f09eccffe03783632563f1e4d","sha512":"237c731c605fac9f626caeaa9bb200bd73d092bdfb715a4e4039627b5018aac57fccf1995a8121ba79a230413e1d272869685f7610a284f47df9cc00e958d955","ssdeep":"","tlshash":"05c001a551a62a3b001a21920a58a605041a09574a1abc3f3b5e13a46f5c21ef1b7959","size":137,"data":"","first_seen":"2026-06-15T11:55:09.782235Z","last_seen":"2026-06-17T18:01:05.96798Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/whisper.io.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd3f07764a4c22802d8f1239712aa0a0","sha1":"e2f406fd6868f6f63005ff001df966d61bc32d51","sha256":"f21a092cbe2a6b5a4a9a8730c810b00d5de492f1c69fa3bdd8600b65b00ffad8","sha512":"c9cf119e4a2be75201f922bb7022247965ec2cac8683e261401f009ce29c4454eeb8c043382e941022f24bf8ddcd1f1b18f5ebbd7347e8c922e99eb688508d65","ssdeep":"192:TgvI3y5lyVf1PGQ4vIcf+901E1Mc2bFIUp1jnyEhjxNpA6Q9iUQe:XCr1F+21E1r2JvvjnFNxNpA5","tlshash":"523241287de71857c21370aa9b9b70286174d147958ace007d2cd7ae2ff8730539afad","size":11464,"data":"","first_seen":"2026-06-15T11:55:09.765011Z","last_seen":"2026-06-17T18:01:05.954943Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/jquery-3.4.1/jquery-3.4.1.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-18T07:27:08.767483Z","times_seen":134092,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/index/index.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"0dcd53515a6992b2222ee4d9f4a3e682","sha1":"0aa981db906694ccb7650bd5defc855bf01a2f18","sha256":"4cf6b72d4faa38b5a6d0500c798cdabeb6a4f241d34d0612bbc6c328773cdca0","sha512":"795e3c8e0b69f8875b02c8ab820c1eadea220864ae64192e419ef354898b01684fbc71b54a49bbbd344e5bb090c96999459eb5df90e5be998791a2072b5509f9","ssdeep":"48:4NHsJYS7AEGyUjmHAuEZBnZBJOt9dxGiKsu5RtpmJpZzPDvuli+hIg:mHsJ/oQARZJZTADoPtpI3v4ikIg","tlshash":"88915606e4e314536e23909a8feb4005a1adc033d20acc4dbb9ed69e2f5c9ac5555ede","size":4625,"data":"","first_seen":"2025-02-26T18:00:22.704148Z","last_seen":"2026-06-17T18:01:05.922215Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/lay/modules/layer.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"68ff582d8490c48ccb5576ea27a35c8d","sha1":"14fd59adc3cc3708330498bba5263ea92bda9e61","sha256":"1d1f8f74389d9906bef9d17514d9a44f8c650a9ed9246df3222311770dc3976c","sha512":"a42cab904d035d75ff590778070c423ec3d5126dc41a74673a0cacf60da943a523c969f15fa4f9822b4442aa7279f60b0b1a404222d2199738d20d14438b7765","ssdeep":"384:o19Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:o14iV3iaWtXIKiF13k8","tlshash":"00a2b66a754034976323906ad11fba0b31f21d24d7078128f22ba4be1dbcd95a2b7f5f","size":22041,"data":"","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-17T18:01:05.919378Z","times_seen":259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"本系统由whisper客服提供服务，官网地址: https://whisper.baiyf.com","filename":"https://customer.cmksaletservices.work/static/common/js/whisper.io.js","line_number":0,"column_number":0},{"level":"log","text":"链接成功","filename":"https://customer.cmksaletservices.work/static/customer/js/whisper.cli.io.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/lay/modules/upload.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:19.865Z","timestamp":1781719219865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/lay/modules/upload.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-1b3b\"\r\nexpires: Thu, 18 Jun 2026 06:00:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6971,"size_decoded":3340,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6690)","md5":"8b670942bffbc1a655a2f7c8756a5e07","sha1":"e7d280a54e16ef6a20e24c5b07d741990fd1fcee","sha256":"6d3798f3329ff1ed18a541200a93d70c593877b0be9c17de760078495fab9f18","sha512":"5d77c10d92421f529b460faf5ea0bec6fb3896100c4795623d285c78695bb29f2b9854414ffa1053d5b434613e028d6c5a30653227310c07dac535b2f6c77021","ssdeep":"96:yjcpeth5uITLksYbox16qpR40xBggngZXgx9ugHFS36ZuCM3ga+jhSzZ5IOg:yV51NPxs84cgRgTdkyi3gP42","tlshash":"dee1a59ab908b82361b330e5014f420d257f055f550ac6c8b193d5caaebed1a11a3ffd","first_seen":"2023-03-09T22:19:33Z","last_seen":"2026-06-17T18:01:05.914328Z","times_seen":47,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T18:00:16.295Z","timestamp":1781719216295,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:16 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: lang=en-us; path=/\nPHPSESSID=1601f7de78d6101551dbb6fabc896cbb; path=/\nserver_name_session=9932a2e5c64bb5e01dee8449a28b8a5f; Max-Age=86400; httponly; path=/\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":28923,"size_decoded":6790,"mime_type":"text/html; charset=utf-8","magic":"HTML document text HTML document, Unicode text, UTF-8 text, with very long lines (1067)","md5":"0bcb650a37430bd954e541a4b2ebd7ab","sha1":"45c7966dcf97a0022b0f9368efcaf2c8e1656a0e","sha256":"aab71cbea4036e9722774f61bff83e3cabf004d7f5599ececaa0d098e077ee1b","sha512":"5533085babf4571bfc8feb8d6a636ddfc091a7f535965e67c7916d686ddc889db9c4190dc293113a86ecbcc94f4a3e9e39f1f64b8b4ad73ca6b980c6a5973acf","ssdeep":"384:OzcZOVTj7pj7DBDyDQIDJDODUiA2eMtMwCBJ+XsKkAe5NuzcyQ9dYF81NcHg6QJE:ScERpXBWppC3A2LMmhkAe/uz0sAO","tlshash":"e4d22f0090dd4827607250c3a5eaaf2af8dfec76e36e4444b3ff0d5a5f87e08691755a","first_seen":"2026-06-17T18:00:46.577229Z","last_seen":"2026-06-17T18:00:46.577229Z","times_seen":1,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":6,"connect":248,"send":0,"wait":296,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/layui/css/layui.css?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.013Z","timestamp":1781719217013,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/layui/css/layui.css?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1224e\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74318,"size_decoded":14275,"mime_type":"text/css","magic":"ASCII text, with very long lines (65504)","md5":"6490be49e910a3e2ccac0cd63ac5be57","sha1":"bc1b9e3070e5e051a9132a27f9a5ac494d4ded1e","sha256":"4d891687db5cd12b3f5fb777a151efcdc0a94bae9e4231d719d0b3f7716f8f2b","sha512":"09083b4fd7802d880b94aa6fe674f8c5ec5b7fb63b550251fa2ae04b622d6164e1551998e4d7c8aaa152e303da70b9dce2c94747655a32b7000fbad8c11efc9b","ssdeep":"768:4/nEWwcY/8zYbRzycl81JpZlwyQaIYKsR3zdVhlu9Tr1BpRBtfKa6G6nr4wdV7np:tWwcY/8fG68wjHmavq8","tlshash":"59739632e6012ca5762bd215b1dcbdfda0789512ea634e6df3823b1b87848471077f6b","first_seen":"2023-09-23T10:36:02Z","last_seen":"2026-06-17T18:01:05.925869Z","times_seen":43,"resource_available":false,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/css/mobile.css?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.022Z","timestamp":1781719217022,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/css/mobile.css?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 04 Nov 2024 12:22:11 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6728bc73-cde7\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52711,"size_decoded":13276,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (2654)","md5":"f7efd391d9bb6e18d1195c4966fe369a","sha1":"385a21c4f2e61c8cf2c476ab19a81afc567e6af6","sha256":"669920c71c60e895e2467212a590ae3b9b232e0b609e3c9451ec24086b2bbaf4","sha512":"8a7a0aa1a70a0e03654930cae205308a135abf6af2444ac686f7fc01126dc24ffbfa39e91daf38ad74625b7cb390ace44cb2cb09c5ff9c447edabbe9f9bb409a","ssdeep":"1536:8q81zydGtHEdq5kjFsF4S0fIQcYH+ntX/cm0FOP:u1zttHH0fZc2+ntX/IQ","tlshash":"4b33a82766631d06b01bd454af6d6ba2633c8013940fd9f9b9d1726d8fc2ae184f3b4e","first_seen":"2026-06-15T11:55:09.773388Z","last_seen":"2026-06-17T18:01:05.926569Z","times_seen":6,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":249,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/clipboard.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.045Z","timestamp":1781719217045,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/clipboard.min.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-2780\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10112,"size_decoded":3882,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10002)","md5":"aa7c9d74f567a8877522f816d7c387cc","sha1":"d79bfe29e732477cb27598dedff9495ddc05f390","sha256":"6717dbf025d81f537cc639903fb560e01912c0467e8da579fcdf92c6f58f7a65","sha512":"da4a20fae935b42cb957a322479c0e779835b37291c6ac8cb41f300dde796847897f788e849ff6153a32004cff087615d37f9f2cb8aa5751cdb1b8bab2534b16","ssdeep":"192:q0Z14dOk1XSHkKpI/230xlH3G4Ly9+vxo53CoD87JxKllkvc363Pw/3JyUZu5MpL:HZCQfI/wsXCz3rbllC3P83JVu5/Gz","tlshash":"6122a68cb29071b156eb50ba802f420fb271c42db06e40a8b21de8f56c7de9d4627f3d","first_seen":"2023-04-08T01:19:22Z","last_seen":"2026-06-17T18:01:05.90943Z","times_seen":2201,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":447,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/en.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.071Z","timestamp":1781719217071,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/en.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-740\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1856,"size_decoded":2429,"mime_type":"image/png","magic":"PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced","md5":"19e8aa640b1d129c94e299dfd580f210","sha1":"ccfa030c16120a11d224fa1ba72afd55f0776523","sha256":"7385aee2de7d89a525b33e6ff1e8c1246de9234fcc7346f5877ee7d3301f8ca1","sha512":"6ca9e3f44d4ce8a0f7734c8f814138fe54c3224f08905a6e0634f36f1c4de6ecef43281df8a7b29f473300a1096565b148ced5e51fb23b050457c63714af11c3","ssdeep":"","tlshash":"e4311bb469a26052fa5e2ad4be1045df4ef89c0605d89251e60645e13c9eef19f0c437","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T18:16:19.270206Z","times_seen":428,"resource_available":false,"data":null}},"time_used":2489,"timings":{"blocked":2242,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/chat_ico.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.093Z","timestamp":1781719217093,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/chat_ico.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1036\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4150,"size_decoded":4673,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a8ea109381330ccb1f4f8a8523ae467c","sha1":"f13408978f8eff0ddc707147045778b86dff752f","sha256":"b4dc705e78ffabf730b518ad6e19932896cf5cdf2d4bf12d5a3f7b0a7a5ab9d1","sha512":"17c366ee4ba98ad4bc806d3a6e9990fbe41beb2ae7934bc765f1b2e4206e5178d13be3d07eaa376b8f1ba17c5217f7ff275e736876b5a8b8d8a6f44c1ff99677","ssdeep":"48:9aTW3MhYj0tqW0qnCdR5OJIgRDRZkCh+BwRjrip7Cg2vxjwBGTBz3BEWMufcnNKq:IT3h60PCP5Ov3Zvn6qpjwBiR1Mp+C","tlshash":"a5816cd6f302d0bbc5ac8477a5bf77525460ff58cbac814cde8852b7683c182328028b","first_seen":"2026-06-15T11:55:09.731975Z","last_seen":"2026-06-17T18:01:05.949488Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1428,"timings":{"blocked":1161,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/lay/modules/layer.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:20.126Z","timestamp":1781719220126,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/lay/modules/layer.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:20 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-5619\"\r\nexpires: Thu, 18 Jun 2026 06:00:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22041,"size_decoded":8098,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21984)","md5":"68ff582d8490c48ccb5576ea27a35c8d","sha1":"14fd59adc3cc3708330498bba5263ea92bda9e61","sha256":"1d1f8f74389d9906bef9d17514d9a44f8c650a9ed9246df3222311770dc3976c","sha512":"a42cab904d035d75ff590778070c423ec3d5126dc41a74673a0cacf60da943a523c969f15fa4f9822b4442aa7279f60b0b1a404222d2199738d20d14438b7765","ssdeep":"384:o19Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:o14iV3iaWtXIKiF13k8","tlshash":"00a2b66a754034976323906ad11fba0b31f21d24d7078128f22ba4be1dbcd95a2b7f5f","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-17T18:01:05.919378Z","times_seen":259,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/earth.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.069Z","timestamp":1781719217069,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/earth.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 735\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-2df\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":735,"size_decoded":1251,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"aa1aef2953ab1800a76e6012324a7b16","sha1":"c460fe1de8753b12a1838ab1157b652301857e95","sha256":"fb7e47693fedf3662f433240cb4e93005e6c5c70d06e56919efbcfc1916f9f38","sha512":"045a48f686308b7f63ee418da2c733d8c7e2f775855a568169ba0bfa47809960589d2af64b357e94d6060d85718aed4e1f80fde5d919732b025bf7949fe80711","ssdeep":"","tlshash":"c9016580fe302b159c9e11fb230c6e80d852355e25c1b94d7951c136106a2860cd4723","first_seen":"2026-06-15T11:55:09.719095Z","last_seen":"2026-06-17T18:01:05.919938Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2455,"timings":{"blocked":2196,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/upload/20241104/99b9ea73d723473535101ef7a7d3caf8.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.086Z","timestamp":1781719217086,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/20241104/99b9ea73d723473535101ef7a7d3caf8.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 04 Nov 2024 11:24:31 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6728aeef-16205\"\r\nExpires: Fri, 17 Jul 2026 18:00:20 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":90629,"size_decoded":81815,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=355, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1053], progressive, precision 8, 618x287, components 3","md5":"6d745c1f42e2f547802d05a5f993f8ca","sha1":"093c1adbee444dfe12a0a7716c93eba31ef57114","sha256":"4819234101db485b24fd3de8416cb28bd301e561a09a1450cc0f8acf9bd1cf65","sha512":"fea46991f6869251fe0103de2843becac092865d96558ad13bf7d36dbae93672d4bd4f409f4b7107b31ef2601d2a10faa6aabacb6a5722431262bda8970cecff","ssdeep":"1536:371B1alO7+cbZ4hHknF+SwdfBzRN95Sv+5TOmni51hWpSzNcfA:pL3Z+hiF+SwpNuQK55fpf","tlshash":"0193f17c9e836f02fdc655389666d2096f105f0461eba653b8ce3171f3263e28e4c66b","first_seen":"2026-06-15T11:55:09.72465Z","last_seen":"2026-06-17T18:01:05.91797Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3350,"timings":{"blocked":2476,"dns":0,"connect":0,"send":0,"wait":865,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/user_withdraw.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.098Z","timestamp":1781719217098,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/user_withdraw.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Tue, 23 Dec 2025 07:44:45 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"694a486d-3f2b\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16171,"size_decoded":11223,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1024, components 3","md5":"1ae7331e43c6f31ec650877d8ba9be63","sha1":"e334e581ffdaa6eaf1010f76ea860391c8ac690f","sha256":"94ca1fbf83d467f65ae6a9f7e2cdb851ef7302c0527f03b692246c42e86ff784","sha512":"f7110c3c19f050fdca83ef4d7676018e2b005be1c44858e7f08ff4581470268d20c7713f330f4bc89ec029f680d2d8325382aeb354da2044fcceb8873841ded2","ssdeep":"192:4EAFwkrJQnnwvCDg4QD2Dq/cab1aakmtbDlGTkZPPUgLUN3Es3V/8:4FH4Q6DqLS4b8TkZi3Es3V/8","tlshash":"98728ecd331df106eda5073484e3c723edabbc81d84d0a62e083665888537f47e1aad6","first_seen":"2026-06-15T11:55:09.733011Z","last_seen":"2026-06-17T18:01:05.963372Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2190,"timings":{"blocked":1927,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/layer.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.309Z","timestamp":1781719218309,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/lay/modules/layer.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-5619\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22041,"size_decoded":8134,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21984)","md5":"3ffd5603784dbfeef189498c1a705c15","sha1":"983f2308aab1a1addad5be4f1c49099f5dd589cc","sha256":"2aa83aee413f9b91a2dcc536cfd6acd6e44b3fcdb59c26586e32d083396a8db5","sha512":"76d0b3952e17783ab3b597d0db1f734bf7b933ef8ff316c8107f5192f1ecf318c3f11c9ba10a4d15063b26cbb32133af7581070d7c782ebbbcd6580cfd21545a","ssdeep":"384:619Cih92A3igTLXSt/SdMrXqE6K+LxzAOTElH0jjhtjfs8:614iV3iaWtXIKiF13k8","tlshash":"b4a2b66a754034976323906ad11fba0b31f21d24d7078128f22ba4be1dbcd95a2b7f5f","first_seen":"2023-03-07T01:06:17Z","last_seen":"2026-06-17T18:01:05.901889Z","times_seen":434,"resource_available":true,"data":null}},"time_used":461,"timings":{"blocked":211,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/slider.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:19.083Z","timestamp":1781719219083,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/lay/modules/slider.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1bb3\"\r\nExpires: Thu, 18 Jun 2026 06:00:19 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7091,"size_decoded":3069,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6929)","md5":"6c35742db2e72cd4f30cefa23690ecf5","sha1":"b50d4268f547cefd984c069d276c956feef395e8","sha256":"2fdaaa9935b2d19fb54e0798e6e42fc3528d1b2772b46b9aa8731b1ab6947609","sha512":"44d0ab3649b35cec891738e6eb4f28d1857fcb900e2369b9395ea54854717108268c8ce729591923fb094cfe1b34dc0f9b2e9bf35b17b77f34c479ef80deb391","ssdeep":"192:z8Syuw2bmz0DLKypMjYXVp5D8IlM/eq9zwtyd4UduKN:z1yuw2UOPSBMj8/","tlshash":"53e19615314ab5732172c263b59fc84eb2f20779b303c564a6a540a51ebece82b37f63","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.918842Z","times_seen":116,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=websocket\u0026sid=bc932e2db88cda410417891a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:20.967Z","timestamp":1781719220967,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket\u0026sid=bc932e2db88cda410417891a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://customer.cmksaletservices.work\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: pdUfVyYJikHc/Xr1UXVhyg==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:21 GMT\r\nContent-Length: 0\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: 7xIgzhgbCD0X5I74e/VpywRfxt4=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":227,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":809,"timings":{"blocked":-1,"dns":0,"connect":265,"send":0,"wait":267,"receive":0,"ssl":276},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSJH\u0026sid=bc932e2db88cda410417891a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:21.460Z","timestamp":1781719221460,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSJH\u0026sid=bc932e2db88cda410417891a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:22 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 4\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4,"size_decoded":416,"mime_type":"application/octet-stream","magic":"data","md5":"441a4d8bf810d1ff36b95fdcafeeee55","sha1":"2ecef35d13f170e4bdc9956e39460add73be4029","sha256":"a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474","sha512":"835d4fc74db215487aa23ec965d75374d3a7efb0561af331bd75c5921511b2022f2038cb18f4927c451b37a63a740baad35e16cbecb0750622d0779f25eab411","ssdeep":"","tlshash":"84300000000000c00000000000000300000000003000000000000000000c0000000000","first_seen":"2023-04-08T03:02:23Z","last_seen":"2026-06-17T18:34:50.442398Z","times_seen":930,"resource_available":false,"data":null}},"time_used":1081,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1081,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/css/style.css?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.015Z","timestamp":1781719217015,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/css/style.css?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 04 Nov 2024 12:21:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6728bc38-58a6\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22694,"size_decoded":5682,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text","md5":"7accb4cab9dc466e93fdc227629d44da","sha1":"8a259b90815877a701d0a58d5dee50ead13fcfaf","sha256":"2fd466c71b96726adf59dad3032676aa6114ab8f6f33e8e89d80968b92f72cf0","sha512":"07536dc3ea3fa26478cfd2e06b52e8f9c1b6550b4b91d848c4b3c8a11b3e00bf6ac1ad20f3ac7cf5a848a2d52fde386d2b465ea4cf0e870de91bc35a335ac4ca","ssdeep":"192:MI8pwCzLGbV81/uGzsYyh4OKImsk9Lz7Po7fKaucG5oojo4CUY4o+hnMD6rFd1VK:MYC681/bzsVKFHo7IcGDDfF+ax/FIz","tlshash":"efa2842b77021c46b116d0b6ee6da7b1b33d5413a94f9eb4f588312dcbc089590b7b8b","first_seen":"2026-06-15T11:55:09.75485Z","last_seen":"2026-06-17T18:01:05.961532Z","times_seen":6,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":274,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/user_recharge.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.081Z","timestamp":1781719217081,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/user_recharge.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-120e\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4622,"size_decoded":5201,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"c1645e63417642ae734dfd79ed70834d","sha1":"f58a0bc66a71aaf8ea10a03a6811b6cad0a008c7","sha256":"78584b8c03bf2cce0622fabe8c8aff60c87aa5dd945e6805ebf8b1abddd8382a","sha512":"3d46abd7e24f5e804d8a3cc18456639d5e1ffbd58b3c32fa60e7dd4de3316cd9fe837b720e8d61bd9a4270e816fe6bec166f03361358be52c86b8fa562b68710","ssdeep":"96:AHIoRhyCC/4/mrlHG5kEmZqMLWa1hLn2nDVB80beJV5CrMZ6GasUM8nz:S7RhKAyZqMTFwVVbeJPCcUjz","tlshash":"cf918e85f2e7f85117788fdaafc59db35970467b82b1ced3808010b5a68c54ed81fa93","first_seen":"2026-06-15T11:55:09.767508Z","last_seen":"2026-06-17T18:01:05.89709Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2955,"timings":{"blocked":2703,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jqueryWeui/weui.min.css","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.828Z","timestamp":1781719218828,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/js/jqueryWeui/weui.min.css HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-c759\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51033,"size_decoded":11892,"mime_type":"text/css","magic":"ASCII text, with very long lines (50917)","md5":"0583e2c0d972f0dc8da2044894a703cf","sha1":"c734da7862c4c3ea4b7a634aebf30b962aa78193","sha256":"dd0e864bd7605658db1930286ef3ade510f8e61bacf8300b2e55ebd652cf6015","sha512":"3e7169109bca105ed7bd342aab99c05b2af696c00e06a418181bdc071059eac4a1158640a168ae80ccdff8431bae5e10d4c0197cc8581b872453148622ceb789","ssdeep":"1536:Ap6Kyu+1bZLhxtqPqjsKOamrfNy6rLQ+0b0hCeODOHMOH8wxAp2pY1zZI5pELD:Ap6KwXD","tlshash":"f533a53757493208b22fdb0ee7c66e296f28f11384630beef6053519cb8659a65d730b","first_seen":"2023-05-25T08:01:00Z","last_seen":"2026-06-17T18:01:05.897857Z","times_seen":81,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/favicon.ico","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:20.561Z","timestamp":1781719220561,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 16958\r\nLast-Modified: Sun, 21 Apr 2024 03:31:10 GMT\r\nConnection: keep-alive\r\nETag: \"6624887e-423e\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16958,"size_decoded":17408,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"dd2d033863c3040abc022e3f5cc7e3a7","sha1":"b675776969dfbab997cc8acfc605f979362f5e03","sha256":"63631330f623f45e85e623fb9e25c1cb97a6091ec0e3ed417afd7e71927c38b7","sha512":"cad12cb29c98304b9bc4050faac9176e1969161b417f1b41f36a7a3bd5355e6702e3a1911e8aaeb54260f2b4dcf1bf2e4daf08adffcc1f37c7d36a5cd3fa5870","ssdeep":"48:3bOYOYOYOYOYOYO0O8rpTTTTTTTTTTTTTTTT1K5hZWDE:3bOYOYOYOYOYOYO0OIjQWDE","tlshash":"6a721f13a8d6900bf69fad32eb118248e0d027cfe5b15f0b23859e8547ee4e95b6ce45","first_seen":"2025-02-26T18:00:22.745743Z","last_seen":"2026-06-17T18:01:05.928369Z","times_seen":20,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/jquery-3.4.1/jquery-3.4.1.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.029Z","timestamp":1781719217029,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/jquery-3.4.1/jquery-3.4.1.min.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 30 Dec 2025 02:16:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"695335e1-15851\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88145,"size_decoded":31471,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-18T07:27:08.767483Z","times_seen":134092,"resource_available":true,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":261,"send":0,"wait":269,"receive":262,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/iosapp.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.047Z","timestamp":1781719217047,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/iosapp.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-806\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2054,"size_decoded":1421,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CR line terminators","md5":"7c2f59781d7868eff1bed99be0478af8","sha1":"d8bd7c15428c99cdbb38795df05438471953ba6e","sha256":"b16d7795b265d380540612bfed9739a90fb46aade4228c670fc8d17abce9adaf","sha512":"2e979baf0d2f94e91eef9665df48555ab4dcf4e7b8bc149465ec25d9e09a07dd625edf0750a6f9d7e47f64162f8099663c7986c4a4840948b177237581b4ff6b","ssdeep":"","tlshash":"c94132999a9d683919d3b42d1a3fb15c72333aa5a4428110bc0fbf943b34a4a162db98","first_seen":"2023-09-23T10:36:02Z","last_seen":"2026-06-17T18:01:05.921689Z","times_seen":43,"resource_available":true,"data":null}},"time_used":912,"timings":{"blocked":664,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/index/d3.v4.min.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.049Z","timestamp":1781719217049,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/index/d3.v4.min.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-36305\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":221957,"size_decoded":75289,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65471)","md5":"e899651bcf1a3591032d7213daeab171","sha1":"607e02087446eb2efadcbee253db3aca3d794a7b","sha256":"8585db4092b8a9d26201e0d58e343d1b40fa034c4b9c343878923d7649bb1699","sha512":"44927534d0bcf1084deddc29098f2b9bfe8ec48f987503f8f03acb19efde48077e9feb353d7c10924a73cc082825ee1c6455b61802d0a31a31eb5812636c907e","ssdeep":"1536:wJdNAq50g6ds5VIG2pUfpgBU3gPDSb7+CmeoA08h6Vh5Lbg5ECfmDoo5rfIrTGE9:wrN3F2pHSYlyLG1sVAupFmuFyiI7R6","tlshash":"092494ccb682b096936320b0417f244bf33b2d59684f4568e029e9d97c7895e51bbfbc","first_seen":"2023-03-07T21:28:45Z","last_seen":"2026-06-17T18:01:05.952837Z","times_seen":431,"resource_available":true,"data":null}},"time_used":1186,"timings":{"blocked":674,"dns":0,"connect":0,"send":0,"wait":255,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/ar.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.078Z","timestamp":1781719217078,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/ar.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-aa1\"\r\nExpires: Fri, 17 Jul 2026 18:00:20 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2721,"size_decoded":2178,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 268x134, components 3","md5":"e0205f30c0fe26018d0370dc1933582c","sha1":"485c71cb9e473e70f69b98a1aa754ab80974665d","sha256":"70ac6f473e35e7785fba3ba68c15fe9c723a4b4e68fd3d770df4d49ba9800a27","sha512":"d48a8c1f01521c7a543c9cdbe0a118f4c5a8a2b923048f5a167d407d3f29be2f29fe48b16db2f4f71d2cc08fc0100b1cc40c90b7e7311e900e1e47246cb17a5f","ssdeep":"","tlshash":"cd51d7242f96a229d295b37f85870b04c2bb1fbe472022070dd7a154e937460dc6f364","first_seen":"2023-12-07T04:32:25Z","last_seen":"2026-06-17T18:01:05.91702Z","times_seen":45,"resource_available":false,"data":null}},"time_used":3203,"timings":{"blocked":2954,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/customer/css/whisper.cli.v2.css","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.824Z","timestamp":1781719218824,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/customer/css/whisper.cli.v2.css HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 13 Nov 2022 16:02:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"637114f8-2bf4\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11252,"size_decoded":3543,"mime_type":"text/css","magic":"ASCII text, with very long lines (597)","md5":"29946a925c1d877408bbd61d4f6b5e52","sha1":"cc43a29b0b7701d4e708a01bc2ae9b68705745eb","sha256":"0acdd30b79e35a36396de82b45ed573f73ed587a4193f00c3224bec8fcb3e429","sha512":"bfb556c0b93976a611c57ba171e7c0ec936b1e9f427dad0eab47dac15dc33ee310cf984c9205dc14ebbdc2001d9834d30684771b89f59c326288d9c3ab334c21","ssdeep":"192:TRtsNPYarS0rDDEP0dArs7PTvY9n/V+IxISXvXpI5M:MNPYO7umO","tlshash":"613262b79b630a52b41b995c2faa934a237490638109c47c3fc6b71c8f864dd95f3f98","first_seen":"2026-06-15T11:55:09.757973Z","last_seen":"2026-06-17T18:01:05.944006Z","times_seen":6,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/carousel.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:19.093Z","timestamp":1781719219093,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/lay/modules/carousel.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-f16\"\r\nExpires: Thu, 18 Jun 2026 06:00:19 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3862,"size_decoded":1956,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3805)","md5":"f4b94959b4b5ad34cdc1dd2c12a6bd1c","sha1":"303a72c6380c4277062e85eac689d1dc5ebc60df","sha256":"ec7b67ac49f660eae790c97c9e47fd86973a01478947c603f458667fb322351c","sha512":"b4d24dd32769ad42ed0d4e7b61b80c0ef9f41e9d001a48f5bfd3a328e58e715724a2df8bb97e8078e6b1fc44be5ede4b53233f987578eaf9f3d6e0a3ec936831","ssdeep":"","tlshash":"d7811181775f386741972453935f4c0896b719ba9b06d054f2a264fa6dfbc88223eb0f","first_seen":"2023-03-10T09:41:51Z","last_seen":"2026-06-17T18:01:05.946662Z","times_seen":77,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":209,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/jp.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.072Z","timestamp":1781719217072,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/jp.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-1dc7\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7623,"size_decoded":7444,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPCM), density 47x47, segment length 16, baseline, precision 8, 268x179, components 3","md5":"2c1af6592dad54dc0ca627bfa876b424","sha1":"b6d122cfae18620c59dc31c52df8fa79ac2973e3","sha256":"3fc7b561aa8629c9e0a7d904a0f75e80bcb47268a549e1bd44705bb6518aea22","sha512":"bbd01ad1bbd449cb41a45ab4e20747562bcfe75c3505a93f01a9d20d6cf01d73970c4bd8cea9518351a716af6165280335bf7b1119630bdad0cc0e0e4635e399","ssdeep":"192:BoVwrqC8KG3v7HbONd7sqi2KiD28OCha5aq:BZlwj7G/KctOF","tlshash":"6bf19e7799370b91ccafe335242e939ccf44f00217499f24c588adc2d8b2ae9db75808","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.931661Z","times_seen":50,"resource_available":false,"data":null}},"time_used":2704,"timings":{"blocked":2454,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/lib/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.357Z","timestamp":1781719218357,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/lib/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/static/mobile/lib/font-awesome-4.7.0/css/font-awesome.min.css?v=1.1.1.6\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 77160\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-12d68\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77160,"size_decoded":77609,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-06-18T08:32:14.176049Z","times_seen":497834,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":183,"dns":0,"connect":0,"send":0,"wait":247,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/voice/tururu.mp3","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.869Z","timestamp":1781719218869,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/voice/tururu.mp3 HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:19 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 7224\r\nlast-modified: Tue, 20 Sep 2022 04:44:23 GMT\r\netag: \"63294527-1c38\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-7223/7224\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7224,"size_decoded":7675,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural","md5":"5061b4d134a7b4d5d744f9a127b757a8","sha1":"c5e240ac60d3914cb3836ba6652105c67720b845","sha256":"12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f","sha512":"bbd050943fd3129822d687f7733034989faa672e543d5fcc0f1bfc69f5af9c7ff3a4c6e1cd55011383760cef14351527f6de22cfb91b25e8d2ac201fc9b9c7c0","ssdeep":"192:2DjGr+6EnIPwZeM/BCepDxN8XcqOBO+JlRh:CjfxnIPkjpDP8Xcg+JlL","tlshash":"11e18c1937f3e09ed620177642d43664fcd01d8017e2945b25a8baebf13e3cbc26a961","first_seen":"2023-04-05T10:44:18Z","last_seen":"2026-06-18T05:58:01.786202Z","times_seen":8630,"resource_available":false,"data":null}},"time_used":963,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":963,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/ko.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.073Z","timestamp":1781719217073,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/ko.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-fc3\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4035,"size_decoded":4480,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x133, components 3","md5":"08db97ed0363573d61eaa015088a2559","sha1":"ef309a9c508819cad0ff80619210513f9671c441","sha256":"386bb37ce7c7097716e95618a789d011a08ff3dbc519d34a5642c5dd0c398eca","sha512":"8ac9d23f79a5c7aaa8e52a84c68f63857fb4bd93860c42d0b12364f19f169e83292bb765f22af092242b29ec61901f56e01daba863acc433998d58e9b3798685","ssdeep":"","tlshash":"f9815d937a97ce83ff28da7540a3106027da405262d787755aaeb47fb1acfb59812420","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.911847Z","times_seen":213,"resource_available":false,"data":null}},"time_used":2736,"timings":{"blocked":2489,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/es.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.080Z","timestamp":1781719217080,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/es.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-3c67\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15463,"size_decoded":13374,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 268x179, components 3","md5":"35de101110393991d1486fb365dca772","sha1":"e0036c50986cbe02fb5ae8bd22c0ea07ec07f239","sha256":"4f334804d147596fff52198529e6c088a691ed2c1b9eb38fef5d04df7d26f888","sha512":"d5a2f8587acc18d8e046abae2afdb2013f969917bbe04e6b2c6c561fb0c4c6afd13e181e292ea2e22710a673bff6863f5564ab982595ae8f047a4541e869bc70","ssdeep":"384:n7777/9iiHCAVqqiY1+BW59m2lqhZluhJNycIxCKk1T:n7777/9lIe1kublelu/Icl1x","tlshash":"ed62ae658f7e093afb012b7897fb681d8c46adde4d0ad84c246704fdcc25941e8d6bb2","first_seen":"2023-12-07T04:32:25Z","last_seen":"2026-06-17T18:01:05.923935Z","times_seen":15,"resource_available":false,"data":null}},"time_used":2985,"timings":{"blocked":2736,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/home_ico_HL.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.100Z","timestamp":1781719217100,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/home_ico_HL.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 842\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-34a\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":842,"size_decoded":1358,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"59288ebf5b1824f2c55da80cdcf6484b","sha1":"a1eb7616cdba90ce1e7b1c96367eedf8c0b63f25","sha256":"10967137c2aa860e517c12d3ee52b10e0c11d005fa728b0693d9a1c74c07f96b","sha512":"692753b33c0056f3f5acc7f7e6496f4ae0d2f2c5642bbe4f1af8c8caa3cdde0cf68ff4470aef5ce270ad7b07ae4ddc6cbe86a00f70545e84ba47c0f760b8e89f","ssdeep":"","tlshash":"440152b775149233ee66d5238979112063a131091a47f79b9e016d028810ba2a1fe58b","first_seen":"2025-02-26T18:00:22.734909Z","last_seen":"2026-06-17T18:01:05.927031Z","times_seen":51,"resource_available":false,"data":null}},"time_used":2473,"timings":{"blocked":2215,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/trade_ico.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.103Z","timestamp":1781719217103,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/trade_ico.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:21 GMT\r\nContent-Type: image/png\r\nContent-Length: 853\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-355\"\r\nExpires: Fri, 17 Jul 2026 18:00:21 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":853,"size_decoded":1369,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"db0fd4d3f05b27df83fb5759838dc95a","sha1":"97c948cad478f1302485d2719f6911f08d535111","sha256":"8fd0e26f6585963dbd461f5a4eb79f4c58c5ea68fab30b00e2259998f32d4120","sha512":"a9fb85505e168b98dadfe7653243066566ee3432af631f1342d600682beb6018c0c0727e55fea0717376e0f226df45caca3d32c6418e14afea3428f304131aba","ssdeep":"","tlshash":"a70192eb0d62fc1fd886913bf22a220bd2800d45a0bb3003f0a3523220278a722087a2","first_seen":"2026-06-15T11:55:09.739648Z","last_seen":"2026-06-17T18:01:05.957744Z","times_seen":6,"resource_available":false,"data":null}},"time_used":5001,"timings":{"blocked":2229,"dns":0,"connect":0,"send":0,"wait":2772,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/font/iconfont.woff?v=240","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:19.749Z","timestamp":1781719219749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/font/iconfont.woff?v=240 HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/static/layui/css/layui.css\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:19 GMT\r\ncontent-type: font/woff\r\ncontent-length: 26744\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\netag: \"5ed215fc-6878\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26744,"size_decoded":27183,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26744, version 1.0","md5":"e9caaa0617fa61c01f765960d10da0ef","sha1":"f116555d117ded6e97229847ba3c8e8ca12e2f2b","sha256":"6e9dac35a993a17830b37c400415142906634d2b0a7af0b2418a92ed959ae201","sha512":"ce8e8f966da41ca268c9ebb33c6f48d94dd571f28861c32693bcd9ec14e436ac74e5ae63fc870412c73c918904af116449d6fa087cdc070d765d98262c57426c","ssdeep":"384:lT+K7sT/S/j7Bp+6dtR28R40byHpBo9q+rXMRvhBBTa0UdmDBG7Yphfee+JxD:lT1kKPBoqtR5q0byJmIw8t7emDnKHD","tlshash":"6dc2e17898ef2facde9141f0995de3903f578d8d26a7633a94909c3f32d08f27599085","first_seen":"2023-04-07T16:38:45Z","last_seen":"2026-06-18T06:56:00.663959Z","times_seen":817,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":251,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlS6b","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:20.647Z","timestamp":1781719220647,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlS6b HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:20 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 106\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106,"size_decoded":520,"mime_type":"application/octet-stream","magic":"data","md5":"72d78ff8f51dee6f0ec766788c03766e","sha1":"9d1e5fa092dac5c7cf0d648c63ada39f576bcd4c","sha256":"c9cde6667c4a720616b83a8be0d3030118ac224a76a1c13c9a271c47b6da7e3c","sha512":"6e169c94242fef220628df543a72ec5bd35ae5dd10d720547bd4868cfb272be49e103e4d12f5b3f5c75c831740f3743b0a0a32517629257698ac92c852042d0c","ssdeep":"","tlshash":"1cb09245d19eb2c5ba307b82a4f76b050d48b88e8a8919583268048c068ba01a21222b","first_seen":"2026-06-17T18:00:46.613043Z","last_seen":"2026-06-17T18:00:46.613043Z","times_seen":1,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSF5\u0026sid=bc932e2db88cda410417891a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:21.193Z","timestamp":1781719221193,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSF5\u0026sid=bc932e2db88cda410417891a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:21 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 63\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":63,"size_decoded":476,"mime_type":"application/octet-stream","magic":"TTComp archive data, binary, 2K dictionary","md5":"5fec536a4b0ed183b6410b04c094153f","sha1":"126ae210ee664c358c5fbeeec1612a318a95690c","sha256":"1b35183900c6e7d2eb3076f3133b3297555589f99245d2ee0d9137097c0663f5","sha512":"51fedfae41a32eeac3bc4b881a8f7646f8d420f2fdedbff0c6b49cb613678787c9530b40b79c9562e218724178ea68f83da8a50c5e2c2bb90c98c6dd367170e2","ssdeep":"","tlshash":"eba002669405c0d48a84a74840f8dc8a764e94607973dba4dd20a675cd585343783420","first_seen":"2026-06-15T11:55:09.707341Z","last_seen":"2026-06-17T18:01:05.959544Z","times_seen":6,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/lang/en-us.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.031Z","timestamp":1781719217031,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/lang/en-us.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 970\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-3ca\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":970,"size_decoded":1497,"mime_type":"application/javascript","magic":"ASCII text","md5":"26fd80f238136ab70ac2545308240972","sha1":"9c53209dece13d2ea508801018e17a48ab20ec52","sha256":"4bc90ecaf4541f9f71e04744f90b02ec404ddb22aab1dac753d96e171e1c1185","sha512":"efb3db97c63e2cd7d447f8337e3b29c7cf369b261eadab75aa887d196feb57c4e44d0f1f2a96fb82190673acddb1c8735221617f1d6d1e4c119dbf4b5c0cd10d","ssdeep":"","tlshash":"87115c55520c9494050694cb76a716c5df8540770981768ab7dd81dc7f8bc2be2f7189","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.911242Z","times_seen":115,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":449,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/i5scroll.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.061Z","timestamp":1781719217061,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/i5scroll.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-6f3\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1779,"size_decoded":1495,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (762)","md5":"229ae241044a0a16861b8583b4435079","sha1":"8051376b7ff4f9eb4c40389985ceed910bd8a868","sha256":"00323fb404aa8d1151ba1d3842ace6e1b7dfd723faa7b0402c20bcbd7d93e59a","sha512":"edafd940bd292208de80d57343ef7dba5360bc21f5dd691f24b13d167b15b3f5529bae2735c1d2c67fb23de10ea4b907f7adf371db7d150724a2ee5d1ef82cc5","ssdeep":"","tlshash":"cc3167c47000b636859620b271ab56d9f3398ad7346d881174beb189bd1cdb50d2fda4","first_seen":"2025-02-26T18:00:22.707066Z","last_seen":"2026-06-17T18:01:05.953387Z","times_seen":37,"resource_available":true,"data":null}},"time_used":1160,"timings":{"blocked":912,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/notice_1.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.089Z","timestamp":1781719217089,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/notice_1.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-84b\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2123,"size_decoded":1966,"mime_type":"image/png","magic":"PNG image data, 29 x 26, 8-bit/color RGBA, non-interlaced","md5":"3d33a2acc4a695c388156dfb3b17a2bf","sha1":"17a540d26242e1fef6f9f5bd868d83f219009341","sha256":"9425f5977651d844092cb3dea8a101a38430bc8230e2dda6395bb653b75e2741","sha512":"a1c0d67fcf5f1474de1b3c331e13d3a078047b25240ef484242cf964a359ead14610967576ca8c7ed109b196447def6bf58d5139627e1916e0bb63266f254a2e","ssdeep":"","tlshash":"0a41e949fa90bc415848f686fde1b1a716178ac4de92d880aceb881b68711f9cd0d8db","first_seen":"2025-02-26T18:00:22.732052Z","last_seen":"2026-06-17T18:01:05.920652Z","times_seen":37,"resource_available":false,"data":null}},"time_used":1409,"timings":{"blocked":1161,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jquery.min.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.838Z","timestamp":1781719218838,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/js/jquery.min.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-14979\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84345,"size_decoded":30310,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"f9c7afd05729f10f55b689f36bb20172","sha1":"43dc554608df885a59ddeece1598c6ace434d747","sha256":"f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c","sha512":"3dcae1ff6e98c64e3586be3eb14dd486c51f7d4e9fa1b8f9a628be4fbb6a9ab562f31f9b50e16d2e0c72b942bdbe84eee8e0ef87fa730db1428b199a59d88232","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrJ:++414Jiz6fh6lTqya98HrJ","tlshash":"ca83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:06:48Z","last_seen":"2026-06-18T07:50:14.590985Z","times_seen":25285,"resource_available":true,"data":null}},"time_used":746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jqueryWeui/jquery-weui.min.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.839Z","timestamp":1781719218839,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/js/jqueryWeui/jquery-weui.min.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-1496d\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84333,"size_decoded":24931,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32007)","md5":"9c7bcbbeb838eabe8801befbb54f177c","sha1":"2c486e904bebe49b0bcea8e5d0b019533699a7a2","sha256":"e07b9a34158e94ba73df9e89768dce0e2846c984635a6fd4c4d7539c822b6bce","sha512":"dc5a2a219f4f7b3a29da600600c4666c18d0a9c3f77e256e3222387976b779cae0adaba0adfc72fb3991730c7a34b3f390fcbcf47977ca316fc5d94ca6de1f16","ssdeep":"1536:beyBPd2XiZAazT8DOCOB/j2kNleVRrI5CVam9P:beyBFTZZzfNleVRrI5C1","tlshash":"2d83f68e7651b63253f7217881af02052233a926644754a8b96ce8d51efcc4da3bff7c","first_seen":"2023-06-17T21:56:24Z","last_seen":"2026-06-17T18:01:05.958822Z","times_seen":36,"resource_available":true,"data":null}},"time_used":746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":746,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/css/modules/layer/default/layer.css?v=3.1.1","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:20.386Z","timestamp":1781719220386,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-3859\"\r\nexpires: Thu, 18 Jun 2026 06:00:20 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14425,"size_decoded":3394,"mime_type":"text/css","magic":"ASCII text, with very long lines (14368)","md5":"ba3e7d46e810d43d2501753275fa3d19","sha1":"009c50a10c3048409c9f12b0b9e8a48d9023e82c","sha256":"1f01a58452e90d8141dccdbc5be2fabc6afb6751c36330f2c1a6f032937c9580","sha512":"b4e4d01ded4b3188406d784e583b8713e04e25f9cb8fc142b1086018f13d56a7965196f2dfdf559f3264e6da268b3d2e9bd9683e655eb0a63c56e1f1c052b670","ssdeep":"96:7p+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:wWmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"d75231e144811299b0278721d6dc7eba32f88d43e5630daef2573c1f874c6dba2b6247","first_seen":"2023-04-07T11:34:38Z","last_seen":"2026-06-17T18:01:05.94718Z","times_seen":890,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/index/index/chatBoxJs/u/5c6cbcb7d55ca","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.057Z","timestamp":1781719217057,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /index/index/chatBoxJs/u/5c6cbcb7d55ca HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15878,"size_decoded":4712,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5843b3fb273d56ea5bb61b109eaf1456","sha1":"4c0fe925719fb0f83c822ed88fff2deaf2072f55","sha256":"dfdfff4b7ce43b28838f72be1a3eefa003b0d5d0da09fe90681e5bf9a5d65bf8","sha512":"01afae0b8f3b1f50cc3b9522539ec9554e56f1d0299e1d90a949f5f3ef9320162cbc852e61930d262dcd103f9fc376bc7225e0cae32f12024251d8d7552d3a12","ssdeep":"192:nq4l+/PCFTS1JZ1ldN+NGG6IEixCrpZ0izLU5SVimGs9KhfI0aZFzHRsdryTZrAa:LXF6JZ1ldNtG6DixmRjN7tHQ0T8Vsx","tlshash":"a662b6915ab70d6d111a935d3fdf76043f21c013c60ae829bedc86d99fc58f84061bae","first_seen":"2026-06-17T18:00:46.620393Z","last_seen":"2026-06-17T18:00:46.620393Z","times_seen":1,"resource_available":true,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":54,"connect":246,"send":0,"wait":303,"receive":0,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/websocket.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.059Z","timestamp":1781719217059,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/websocket.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Mon, 27 May 2024 14:19:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6654967b-3fdd\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16349,"size_decoded":4689,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a89fe0ff2c76d604b4d0bd1eb1557e36","sha1":"77c1355bc7ad8dba444484d341ae32716760712c","sha256":"53a8d029476aafcb243cec953e522204b1af1231339ae75822dc63274877f8d9","sha512":"be671e254800bcdc163945abe3203d59e47637721e40b3f6d16e06223ffcd5e527ccd3de59f6283539261ca9311081a04fda89059307946cd7bf6255fc7866a0","ssdeep":"192:EHjrXg7hWXwwQbdUFdMea3JiMF0Cl3Loa5fFwy4HrwIIgUdjAN:EDrQ0XXQKMxiMF0Cl3LoaILEWNN","tlshash":"237262a0f7ac151f40f6142d849c55c46bec8572cba849e7babca6d00748f1e146bdbf","first_seen":"2026-06-15T11:55:09.763973Z","last_seen":"2026-06-17T18:01:05.896266Z","times_seen":6,"resource_available":true,"data":null}},"time_used":976,"timings":{"blocked":716,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://trustedexchange188.com/wss","fqdn":"trustedexchange188.com","domain":"trustedexchange188.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.500Z","timestamp":1781719218500,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trustedexchange166.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:29:51 GMT","end":"Thu, 20 Aug 2026 03:29:50 GMT"},"fingerprint":{"sha1":"7E:E5:40:01:F3:87:90:1E:7F:32:8C:79:79:D2:66:26:AE:0C:7B:5A","sha256":"15:5B:C5:75:72:05:52:ED:87:DE:18:AA:1D:52:4F:C9:1B:4F:1C:A8:DD:BF:B0:75:55:31:C5:41:A9:A6:83:18"}}},"request":{"raw":"GET /wss HTTP/1.1\r\nHost: trustedexchange188.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: http://trustedexchange166.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: XoCF9WhZZhEiTEXiCEviDQ==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: jJWNDEdQpFlfCohqY/r2v9rmk7Y=\r\nSet-Cookie: server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f; Max-Age=86400; httponly; path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":307,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":2405,"timings":{"blocked":0,"dns":851,"connect":1053,"send":0,"wait":250,"receive":0,"ssl":251},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/css/iconfont.css","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.834Z","timestamp":1781719218834,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/css/iconfont.css HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-794\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1940,"size_decoded":1830,"mime_type":"text/css","magic":"ASCII text, with very long lines (1245)","md5":"cfd403fe22d90d4858fd76c352bc3894","sha1":"93ba9c459bb2529d258556e38c37ec1984bf99fa","sha256":"89621b7f8a3e4d3d36780420b18e7a94e17afdd35b8a8faa0701f24d1bc47b53","sha512":"0476226979cf90c8774f4c3a13d07090b97f483918ff2b1d6fd533bb51640db589c85d30ad34f701c36963eec214d600924828479de11b840f18e83e66ee1f8e","ssdeep":"","tlshash":"e841c87249dd7cb217c03c66b18b7d524e44318f4a0a889fe2781a395cf7fa0d20974c","first_seen":"2023-06-17T21:56:25Z","last_seen":"2026-06-17T18:01:05.903315Z","times_seen":30,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":504,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.846Z","timestamp":1781719218846,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/socket.io/2.3.0/socket.io.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1037095\r\nexpires: Mon, 07 Jun 2027 18:00:18 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xc47mt5%2B0kDoJnFolarXQhAoBvtU5ShBaJ%2BvWHvkUwVNjgZ6MepUHSMHIREPGXL7odAu2Ywc5wnSrG4IhX%2Bg2lw3ch%2BO6%2BjaGyUKzYgToaJjA87HCqSmEvMGV0I%2BA5n6fcgiZhej\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0d3f3fde89e120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":68686,"size_decoded":18527,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32094)","md5":"2316d5f067a1f861d2565a592376fea3","sha1":"a6560c8aed6fc7350e2ca96fcd98211bc18fc235","sha256":"6d09ab65ee323e742b2d363ed6063295f34c06e19f9d3fc72ac0865fef57baaa","sha512":"bfc9e0fee1b19207b7775209b84a3a7493fc2558b2be6b34725cbda676df4714faff7d5cddd456c488b01a73125b06631ca3ae6371159a28ecee4d63cfff5b2c","ssdeep":"1536:ronrZdZLIkYsOH+1+kN4gcUu9n+wkiKYfsD2:reVrLIk7OH+1+kN40inxA2","tlshash":"6263d8c4b6a1209543e721b1416f020b723aa82d250d81acb654d9f63cfcdde762bfbd","first_seen":"2023-03-07T12:12:41Z","last_seen":"2026-06-18T00:06:46.012302Z","times_seen":704,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":3,"connect":17,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/css/white.css?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.027Z","timestamp":1781719217027,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/css/white.css?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 04 Nov 2024 11:38:38 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6728b23e-2c8e\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11406,"size_decoded":3551,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (304)","md5":"cab8a20a4b84b3bd4b66de4186395482","sha1":"e8552b8dc46693201e01a9e63732111cab07083e","sha256":"3cca5df2a34261e65d0f0179f0690008e8e0e141c6c852c66b4311f8d470f4e1","sha512":"270b70824b7b632b91c5be8abd8bb4eb3c6c7140d83e80eff7b1e3c8eb9ab704be6e7a7b59633551414c1084c60bbf9efb05d0f9e601b00eb1e278a837e6ec75","ssdeep":"192:An7gNuIDsvm2crXHtuGhBy9tKSULXHW+Qy94zVz0zoOqMg6i3M9EiI5L/R+c:c7gN1LzhuGhByTzB+uzVzPpMti3uyL5j","tlshash":"2b321e12e3e71c87302bc4a42a2ea770773ce193840e5b7d3b95f2799fc45d498b2956","first_seen":"2026-06-15T11:55:09.718111Z","last_seen":"2026-06-17T18:01:05.952221Z","times_seen":6,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":263,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/de.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.075Z","timestamp":1781719217075,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/de.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 154\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nConnection: keep-alive\r\nETag: \"66248880-9a\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":669,"mime_type":"image/png","magic":"PNG image data, 92 x 92, 8-bit colormap, non-interlaced","md5":"72a365a37b672f5a20da4f8f0880e857","sha1":"1d395668bd5404aa8b26e4d9586d1129798e5f21","sha256":"3da97ff56eb98940e046126ce7c727856df8722c833128141d15c640013675e6","sha512":"7b828444c21dcb95b151bca6b8d30a8466dee73019ec8096d04f85ebcacd6131480c2cf83885559d251be96da019f74a84260109760d3dc57643624281eea934","ssdeep":"","tlshash":"f1c08caeea8928a4c34aa1b21b781c349907a17ac1a49222a085981c1d1a1281486aa3","first_seen":"2024-08-20T10:15:14.338399Z","last_seen":"2026-06-17T18:01:05.91647Z","times_seen":55,"resource_available":false,"data":null}},"time_used":2954,"timings":{"blocked":2702,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/seconds_ico.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.091Z","timestamp":1781719217091,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/seconds_ico.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-4a9\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1193,"size_decoded":1771,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"4978d26df496f44cb95c8da6632fef0a","sha1":"fa633216e827c1f101161cf9e59c94545ca893f5","sha256":"f1ee9fe0da5fbd944e3f32441cbad4313ac01bedb4dad064e90287347156ea3c","sha512":"a7f0880e13b05e096d5e105c8da38dcd5c004837ad1a7ab2a0cf69971490fe75954ef8fd7d7e469e7b603d30f8d3263f85ba55ea94f78437690631a7100b92c4","ssdeep":"","tlshash":"ce210ab7da9a6b8ffa8812f7feb77741e1e6ee825116814c184d75204fd2130cdd2048","first_seen":"2026-06-15T11:55:09.76843Z","last_seen":"2026-06-17T18:01:05.930262Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1410,"timings":{"blocked":1161,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/layui/font/iconfont.woff2?v=256","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.352Z","timestamp":1781719218352,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/layui/font/iconfont.woff2?v=256 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/static/mobile/layui/css/layui.css?v=1.1.1.6\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 25964\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-656c\"\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25964,"size_decoded":26412,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25964, version 1.0","md5":"d8c214c89e33a7bea93d656bd865e869","sha1":"c188dbfc6951b7c305940ac3a279227aeb5617f4","sha256":"bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09","sha512":"0e5897c1b874a714fbab221e97717c5bd8b6c525b539a24eca76391206f931abf5cad2441743c441239ca2830f3fb33c34d207e13ee4d1eb3eeba806763f8405","ssdeep":"768:4kZIXl8feK5HavVh7VQB+l9yDbzKu1eNxECo:4kZIV8fqxQB+l03zdeNq3","tlshash":"fbc2e1c340bb8ab8b077783c6a9e96b9d51134261dde919427cc096043feb49eace701","first_seen":"2023-04-14T13:17:16Z","last_seen":"2026-06-17T18:01:05.950714Z","times_seen":1006,"resource_available":false,"data":null}},"time_used":706,"timings":{"blocked":181,"dns":0,"connect":0,"send":0,"wait":267,"receive":258,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSAr\u0026sid=bc932e2db88cda410417891a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:20.922Z","timestamp":1781719220922,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSAr\u0026sid=bc932e2db88cda410417891a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:21 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 5\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":417,"mime_type":"application/octet-stream","magic":"data","md5":"7af80a3ef50f8ab70677275473b1b1b8","sha1":"bbddc27df3428bce641ace40dbd9afc0cd9ad583","sha256":"25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a","sha512":"f896406b2895b54afa3e80f8b96bb127a6de4a460609d95ec2c1c9da61d138140d156d417380cdf12b3e33a6f2ba13b7c5d0816a06da57dade847932e76681ca","ssdeep":"","tlshash":"093000000000000300000000000000000000000000000030000000c000000000000000","first_seen":"2023-04-08T03:02:23Z","last_seen":"2026-06-18T00:10:58.137097Z","times_seen":750,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/common/images/icon-download-green.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.085Z","timestamp":1781719217085,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/common/images/icon-download-green.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-58f\"\r\nExpires: Fri, 17 Jul 2026 18:00:20 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1423,"size_decoded":1695,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"c73e4d7655f7710b260ba5a08c292232","sha1":"9e031307ce5015b7ee0ff964dff1f1e06efb0bc4","sha256":"949055b3715f77431067bbb0f156f84eb9efb09341335613562b1c03f93ac5dc","sha512":"32de3af5ce9453e34d68d6287e78cd9daca4f8da7118fae9a5a929285d40b0dd2af2d62c92fa1708f9083f0e6b638c7494e4ef11f770b3be63b8803725ecefb1","ssdeep":"","tlshash":"5821b94fed51345166daf58738f6147799220450aac0e14dacdfc0072bec1b4a82d4df","first_seen":"2026-06-15T11:55:09.748726Z","last_seen":"2026-06-17T18:01:05.93271Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3203,"timings":{"blocked":2955,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/user_recharge.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.097Z","timestamp":1781719217097,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/user_recharge.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 22 Dec 2025 09:00:29 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"694908ad-2aad\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10925,"size_decoded":3196,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1024, components 3","md5":"4c201c39f894bdf4b073fae99e235d76","sha1":"794f67ab9a459ebea3f6d8858876abb6bcf0f1b1","sha256":"05b7395737617abeaf01f5f8f74f709735e9b760f17868c960b8b4705e01e63b","sha512":"3b478594e330c281bfb94588bf8ccbec0b12a9c3e2d9f9103ef68c5983309bf66fe367d2240c875f65881d99b651cd18082d2423f5c86ecd4908062b989aadee","ssdeep":"192:4Tll0llmv8gsVRWRWCWRWRYIlIm11111bF+uQK3:4Xv8gsu11111bx3","tlshash":"6c32c8cab741142ef693c73d99fdc27ee771d3b62ac746712117ab394c603a24d64281","first_seen":"2026-06-15T11:55:09.710897Z","last_seen":"2026-06-17T18:01:05.925361Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2231,"timings":{"blocked":1954,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/assets_ico.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.105Z","timestamp":1781719217105,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/assets_ico.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 944\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-3b0\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":944,"size_decoded":1460,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"8fdf9783a64546d6d6c08baa86dbb8d7","sha1":"6834b2399b8102028bcb7b1a620037ed4a2d72c4","sha256":"8878fd022a56a6a2bbc55d0bef56fd9df9c91c1f2124b65bc10164e3d7c1a7da","sha512":"601572a73fc0417306a0c65e80585e7b36cd0c05cddea90f612745d818295941f75c67473591061e06f459244dffcc2db7631262efe7ef3d4e49151ba9746186","ssdeep":"","tlshash":"6111c8802a10114cbe2cd11fc209f80f811a05968e76c204292e79b32634a7cf8e05ff","first_seen":"2026-06-15T11:55:09.746359Z","last_seen":"2026-06-17T18:01:05.90089Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2488,"timings":{"blocked":2230,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/bar-left.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.316Z","timestamp":1781719218316,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/bar-left.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/static/mobile/css/mobile.css?v=1.1.1.6\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-7f9\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2041,"size_decoded":1858,"mime_type":"image/png","magic":"PNG image data, 210 x 16, 8-bit/color RGBA, non-interlaced","md5":"3534398517d4c701b134c0b54373012b","sha1":"8059eee19b3eef33d698f232c7986943835978ce","sha256":"2792e2bc2f685e496ea34677dfb172585e80f7c346994836e8a82caefa6638ca","sha512":"39b6e50b92170da611ac8bf6475a996f20b56f964fd9b6dc03ab8d445d5869d9f5c45a8b3c13cff5f3d9e7227cb70a9abc55257b08a4a4dda5d2e6af10632da1","ssdeep":"","tlshash":"2641b389f9519a02350df746b9faa0ab663743c4cac08591bce24b63a0711fccd1c1e7","first_seen":"2025-02-26T18:00:22.72948Z","last_seen":"2026-06-17T18:01:05.953835Z","times_seen":36,"resource_available":false,"data":null}},"time_used":984,"timings":{"blocked":720,"dns":0,"connect":0,"send":0,"wait":264,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/css/modules/layer/default/layer.css?v=3.1.1","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.780Z","timestamp":1781719218780,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-3859\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14425,"size_decoded":3430,"mime_type":"text/css","magic":"ASCII text, with very long lines (14368)","md5":"cdf467c11d77287b09cec22297aa06b2","sha1":"57e147ee3cf8a1ea2194bdfbad5e69083fa578bd","sha256":"ba2baf1bb08b0bff57cce75934bab7768c52567bf389479bed787004ae6e653b","sha512":"9c24a7c4d5d151652e246375c42f4ef2eb29a33dd9b4bad8c19ac2dd52086db91988d0f87c5d547f377499649f02e6ac4dbe4ee7a06d8a65cb2b445482104ab5","ssdeep":"96:Jp+Ntha8qNEp+wRY1vUPXiK6nMLPD2OtLzXyPHL/LztJDzyv2OQ7KGx1jyd2/SWz:KWmLr2OtSrzzt42OQ7KGx1jCWR2b+RcU","tlshash":"f55231e144811299b0278721d6dc7eba32f88d43e5630daef2573c1f874c6dba2b6647","first_seen":"2023-04-16T09:58:27Z","last_seen":"2026-06-17T18:01:05.898546Z","times_seen":591,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/form.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.786Z","timestamp":1781719218786,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/lay/modules/form.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-2577\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9591,"size_decoded":4470,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9284)","md5":"a55a0aaf3d84264e3373f58f347a18fb","sha1":"921760fdababb5639192c73866c1b3b5f2ca0644","sha256":"03315f4a8fa90d66f3115d686bcb50d9356136607f92edbc9c59d4f27090a0f3","sha512":"7295dd0874606a2605b16a49ca696bfe305e16d769a7d037cfba0e074591e4def8dea94e4157cbd7c52e85e8de4ae496155c0af6d21b00943ba04ab6164edc13","ssdeep":"192:7U7m+EjWnSTmyANS4B7R6EoHv9w5iaHe16GL:7U7msqmHBV6LP9yiaH6n","tlshash":"1312a319715135e2367b60a1405f981ba0bf4635ab09c8947093d4f92ebec9493f3faf","first_seen":"2023-05-07T20:12:38Z","last_seen":"2026-06-17T18:01:05.956136Z","times_seen":112,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/css/layui.css","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.822Z","timestamp":1781719218822,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/css/layui.css HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-10f94\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69524,"size_decoded":13372,"mime_type":"text/css","magic":"ASCII text, with very long lines (65479)","md5":"fc1db8eb1b3ddf7858e9fffc6618c54d","sha1":"8ea56b2f234df8feb4b5ad78b3bd0941da7e259e","sha256":"96e29e036eb99f9b9f27b08329d988b6cdf52d0c709713e3f49f5b7ae8f3596a","sha512":"2baa2f43956f3d00aad243fd73a1670d1d30c8bac5b90345a7614f001c5e44ca0134909e05a976abdb11bb5fdb6e0b87c6e17150fffe5755f1a1e7a5d77f473c","ssdeep":"768:znnWYcf/AskRzyclDj1JpZlwyQaIYKsR3zdVhlu9Tr1BpRDfKl6G6nI4wdg7n7qv:zWYcf/AUG6dwCKnaXqr","tlshash":"a1639532e6112c957a2bd215b1ccbdbda0745512ea634e6df3823b2bc7848971073f6b","first_seen":"2023-05-17T17:59:34Z","last_seen":"2026-06-17T18:01:05.954332Z","times_seen":354,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/customer/js/whisper.cli.io.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.850Z","timestamp":1781719218850,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/customer/js/whisper.cli.io.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 01 May 2024 17:55:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66328214-8dbe\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36286,"size_decoded":9116,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"d7c4e246b0c9be4ebc6eb8bf68d95362","sha1":"585de1b523016dfa50dac830de72926b31fe4f3e","sha256":"f6caa0a9dd763cd2ebaa79f09b291c5281e0eccf998bc0c27408fd0860aac635","sha512":"7404acff6c778a376af7048b5a6dcbbd26219b6acad7b4b5803cbb105e09c1f68c89a709cabea9e2f47b7b30de3cbe05fbb2269b53e60077c65cc1e2828c3f14","ssdeep":"768:W/SI3zn26FYeDQ8iajwVy0w6VZaRhZRIpW:W/Ssn3FYeDQ8iajOt2hnqW","tlshash":"79f2530ca5f72420517330b96f9fa414ad26902b150dee14be5c9bc4afd89bca2e1fd9","first_seen":"2026-06-15T11:55:09.713716Z","last_seen":"2026-06-17T18:01:05.913675Z","times_seen":6,"resource_available":true,"data":null}},"time_used":979,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":979,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.442Z","timestamp":1781719218442,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":5269,"size_decoded":2319,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (601)","md5":"cf897b48923e0b7fc33eb3df2e3ee6be","sha1":"d5ea8168c44139ba38b9bae539d86f3e320f8d4c","sha256":"76583e33a7a1a4998d26452e203179d6b922e03b1e9a984e365cefd37c1c12dc","sha512":"6e8639cf1fd2bed96bb61e308ac14af05a2aea987fa888a9c8b699e15f2b97558751e49e1f1645291210789cf3b503dc322b754b88eb3702c1ae828b23d4c9d9","ssdeep":"96:fOWWeEafajfoa8RPjOV0gaHhIENgiRjiwWDC8Bs5mmB2Qp2K:Uafa87Y0h+iRhICgwmmgQp2K","tlshash":"f2b174218cf0895634558144bebdfb2299e9e643d75ec048b2ad5bd09fd3dc9dc0b988","first_seen":"2026-06-17T18:00:46.638185Z","last_seen":"2026-06-17T18:00:46.638185Z","times_seen":1,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/it.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.076Z","timestamp":1781719217076,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/it.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-9e9\"\r\nExpires: Fri, 17 Jul 2026 18:00:20 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2537,"size_decoded":1435,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 268x179, components 3","md5":"6233ec64f3a49d3180070f68bae78502","sha1":"bd768fc4fa4a8a1ba5e02d990bcdce07ca5995c5","sha256":"e936376a5de002470fbfbe87523c7f5127397191ff9e46cf5704c2b85439db32","sha512":"cac5783e474d9eba995d61ce8b7ec13011ba284257db071414ef91cf7e46c577d92349f86a9aca48150dcc2bcac1c02f2df3436a1c780f77c37cb5cbf92a4a5f","ssdeep":"","tlshash":"0a517147efaa47afce938d38012cc41edaee0d225613cb118a4d28f1e31da55bc921e5","first_seen":"2023-12-07T04:32:25Z","last_seen":"2026-06-17T18:01:05.962231Z","times_seen":43,"resource_available":false,"data":null}},"time_used":3308,"timings":{"blocked":2491,"dns":0,"connect":0,"send":0,"wait":817,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/transfer_icon.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.096Z","timestamp":1781719217096,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/transfer_icon.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-13d1\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5073,"size_decoded":5652,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"d63ce6c64c0fafbc3a10db1fb891fece","sha1":"9cf687ce227ec54e679009894fcb79ca659dc467","sha256":"61951c5a1b7bf2f87b32d1459d4b8548890170588439333c0760a7a24ac1f9db","sha512":"92d3ec007508e7a944e50b2830d6df33fc24c04fc6b978ca638a118a6dafe299550411d5f67d4426a841ac06a9879c92edda3c6d9ac64c303098549d10c6f6e1","ssdeep":"96:WJL2OWeH75h6r7MO6SYsfccehbgXzn9Y0xDxIPiR:CLpWkh63NzYsXnj32I","tlshash":"64a18f336a6008a99878759533681a39ffa373383a1e9a91fc02c226551f4d51ed3f9c","first_seen":"2026-06-15T11:55:09.745392Z","last_seen":"2026-06-17T18:01:05.950109Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2230,"timings":{"blocked":1953,"dns":0,"connect":0,"send":0,"wait":276,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/lay/modules/element.js","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.783Z","timestamp":1781719218783,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/lay/modules/element.js HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1c60\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7264,"size_decoded":3117,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7203)","md5":"784379625afe1516f69075a78007e7bf","sha1":"4eca1e2bd313d46ddcf113095074da797b145aa6","sha256":"763c30063a00b2698ab3aa17948b5008a33d477fd7dfd45f11f3d4a49e29b73c","sha512":"f08d8e5c3c091ca2a0f00109cc55dcf9a7ce055996f1fd2d6cc2f7b414e533c0b8356fb5bd3ec7eea1692e5aa56d2be0465465f60479f3eb2afb783cec3ca87a","ssdeep":"192:nZKp8KKtRtwFC2q6IsTPJB91RGRtX9uEUn0Gs:nZltcF+6IsTP5ONN","tlshash":"bfe19518b05236f73197b5d143bfa21da03f4636e70246ac3066d4ba09bbd891673f9b","first_seen":"2023-03-07T13:00:48Z","last_seen":"2026-06-17T18:01:05.927555Z","times_seen":268,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/layui/layui.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.842Z","timestamp":1781719218842,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/layui/layui.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-1a0b\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6667,"size_decoded":3432,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6596)","md5":"d9328fba9720a5a8444146e458ec6d1a","sha1":"c70b26c4fbaaf89c8ceed3df16baa2aadc1a26e3","sha256":"a25d71fd2f5fc0c05e62dbdabd1a1fe3191ec0a90a03d546a9527355fc8e2ac6","sha512":"65271016f1a6cf6fef6d42940399aa6155d67cd4e46789f3b2e18655dbe72bad69ff41a59f8b8f2cade733e2c6f832ca5a2fa4b6a56f9ccde1174bcdf2938d31","ssdeep":"96:s3y+aD48Dsp21ORbCkShS60OGeRr7UHL+XsqUuN8x70Acgc:yytDXo6VRKKXjU+8x7SR","tlshash":"5ad1c69cfab27092477f3165766f801ea7bb40ad285c4490e1cad8e52c72cad4377f58","first_seen":"2023-03-07T12:58:51Z","last_seen":"2026-06-17T18:01:05.912448Z","times_seen":383,"resource_available":true,"data":null}},"time_used":989,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/whisper.io.js","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.848Z","timestamp":1781719218848,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/js/whisper.io.js HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Nov 2022 02:14:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6371a479-2cf6\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11510,"size_decoded":3971,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cd3f07764a4c22802d8f1239712aa0a0","sha1":"e2f406fd6868f6f63005ff001df966d61bc32d51","sha256":"f21a092cbe2a6b5a4a9a8730c810b00d5de492f1c69fa3bdd8600b65b00ffad8","sha512":"c9cf119e4a2be75201f922bb7022247965ec2cac8683e261401f009ce29c4454eeb8c043382e941022f24bf8ddcd1f1b18f5ebbd7347e8c922e99eb688508d65","ssdeep":"192:TgvI3y5lyVf1PGQ4vIcf+901E1Mc2bFIUp1jnyEhjxNpA6Q9iUQe:XCr1F+21E1r2JvvjnFNxNpA5","tlshash":"523241287de71857c21370aa9b9b70286174d147958ace007d2cd7ae2ff8730539afad","first_seen":"2026-06-15T11:55:09.765011Z","last_seen":"2026-06-17T18:01:05.954943Z","times_seen":6,"resource_available":true,"data":null}},"time_used":983,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":983,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/jquery.cookies.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.055Z","timestamp":1781719217055,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/jquery.cookies.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-c43\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3139,"size_decoded":1956,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"de952eda41b0edc0b5c416ee48f7028e","sha1":"dc07de882ab68370534fbf9440ac7b8c068695a7","sha256":"631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7","sha512":"674fd3c9db480ecf8680822131fc80f904ddfb3907a1033ae9ce06019a87ac6f9eb6d6535e6aba0ee0b601d039d55da7e7cd247a67db5cf7bbcb8408116a03d1","ssdeep":"","tlshash":"1b516554b6cc375f07ab22416b6f50aca63cbf72255808dc885965f82c60c37db9bd2a","first_seen":"2023-03-07T12:09:28Z","last_seen":"2026-06-18T06:56:59.942573Z","times_seen":2842,"resource_available":true,"data":null}},"time_used":969,"timings":{"blocked":708,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/images/kefu.png","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.853Z","timestamp":1781719218853,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/images/kefu.png HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Sep 2022 20:19:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"632b71e6-1e37\"\r\nexpires: Fri, 17 Jul 2026 18:00:19 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7735,"size_decoded":8278,"mime_type":"image/png","magic":"PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced","md5":"834733bb444370a44f87c4f27979db58","sha1":"e3aeeeab78d6002af544d0a156b02ebf7c60fee9","sha256":"c276773a06ffd97cb34485ab8e74a425297b7babb47eb5fbbb2dc7de7416123f","sha512":"18ae9edfb365e4ee9a35933850c8d7b362b15c24c1d4ca6bc603907a81164af994c7c35d2e8f89c3e5e2ad0be499607531b2481ffd6bcb19f8882c0742274618","ssdeep":"192:wTRoGshFmBuN8j/jib8G+O+uQq+A14KnGdVkDlp:wTiGgoLiwTUqatDL","tlshash":"24f1cf2cef4dba69a7c3382a620aa4c19640238917b87b253fa39157675c4e7e2c050f","first_seen":"2025-04-25T10:40:53.221764Z","last_seen":"2026-06-17T18:01:05.955601Z","times_seen":9,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":978,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSF4\u0026sid=bc932e2db88cda410417891a","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:21.191Z","timestamp":1781719221191,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"POST /socket.io/?EIO=3\u0026transport=polling\u0026t=PxMlSF4\u0026sid=bc932e2db88cda410417891a HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-type: text/plain;charset=UTF-8\r\nContent-Length: 329\r\nSec-Fetch-Storage-Access: none\r\nOrigin: https://customer.cmksaletservices.work\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:21 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nx-xss-protection: 0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://customer.cmksaletservices.work\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":524,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-18T08:31:03.313676Z","times_seen":426824,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trustedexchange166.com/","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T18:00:12.994Z","timestamp":1781719212994,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T08:31:19.966388Z","times_seen":16506876,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/plugs/layui-v2.5.6/layui.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.033Z","timestamp":1781719217033,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/plugs/layui-v2.5.6/layui.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1ce3\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7395,"size_decoded":3689,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7324)","md5":"055cb5361d0dadf75de67f6875def943","sha1":"97ddce827fedb8869a9d0248a16b70c14da2a8ec","sha256":"91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2","sha512":"3c074594a667484aa78b2227f834c4bebab07a6b4bd795f94570d3e3da911aa48275e13c54e1c6848cd2ec1fbb2bad5cb104e9a6bc1f71c967e93dfde62aa9b2","ssdeep":"192:TDTGeNtb7/j9Eg3JMunJYJjdlrr1+p8XqlPBOTXLLRUweK:TDTGeNtHj9Eg3JMunOJjdlP1+K6Pw7Lz","tlshash":"c7e1a898b5b27452473b306572af901ea67b44ad284c8090d1ced9e63cb6cbe4377f9c","first_seen":"2023-03-07T01:06:15Z","last_seen":"2026-06-17T18:01:05.895657Z","times_seen":541,"resource_available":true,"data":null}},"time_used":713,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/index/index.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.051Z","timestamp":1781719217051,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/index/index.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-1211\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4625,"size_decoded":2176,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"0dcd53515a6992b2222ee4d9f4a3e682","sha1":"0aa981db906694ccb7650bd5defc855bf01a2f18","sha256":"4cf6b72d4faa38b5a6d0500c798cdabeb6a4f241d34d0612bbc6c328773cdca0","sha512":"795e3c8e0b69f8875b02c8ab820c1eadea220864ae64192e419ef354898b01684fbc71b54a49bbbd344e5bb090c96999459eb5df90e5be998791a2072b5509f9","ssdeep":"48:4NHsJYS7AEGyUjmHAuEZBnZBJOt9dxGiKsu5RtpmJpZzPDvuli+hIg:mHsJ/oQARZJZTADoPtpI3v4ikIg","tlshash":"88915606e4e314536e23909a8feb4005a1adc033d20acc4dbb9ed69e2f5c9ac5555ede","first_seen":"2025-02-26T18:00:22.704148Z","last_seen":"2026-06-17T18:01:05.922215Z","times_seen":37,"resource_available":true,"data":null}},"time_used":944,"timings":{"blocked":682,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/topuser.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.067Z","timestamp":1781719217067,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/topuser.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/png\r\nContent-Length: 803\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nConnection: keep-alive\r\nETag: \"66248882-323\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":803,"size_decoded":1319,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"3f3c75169b2cd716de8cfbbdf9f2e877","sha1":"4f3c5478a519927e20de1931ee025cac82d3698e","sha256":"4dd39847a6e213677115d15afd1a0a419970f762ffbb1c61fc5d48dbfd3fa637","sha512":"ca9fffa6ea8fe1734c998b907519431ca73571959a2d5bcda6715cc9cdbd40cafb98d60a1cc1ad6c9e45839ac152284c91d9483f9f03282d89058fab3988520f","ssdeep":"","tlshash":"ff01ca4a0f297475b9384a79d2c7467bd40370be9bbc44050e98ac3c17acb2a4247b7e","first_seen":"2026-06-15T11:55:09.744399Z","last_seen":"2026-06-17T18:01:05.915928Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1911,"timings":{"blocked":1663,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/index/images/ru.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.074Z","timestamp":1781719217074,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/index/images/ru.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:12 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248880-b07\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2823,"size_decoded":1095,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPCM), density 47x47, segment length 16, baseline, precision 8, 268x179, components 3","md5":"bf6ba80ad73b1536ca1eaadcf1e6d7ee","sha1":"3655aa6557d155cb171cf75181ff885d7024561e","sha256":"1ba143597a6f749bd4bd2234bf37a6290df1adff1efe8cee9907b7233c6a8b26","sha512":"fb74f5dc8d38d00af7e869a264279a5137b482a65b011f9cdd9d3d3a59acd46fc9913cb9194feff203b147e6ff536af8eab15a16c88c78809df5bf123ef7f1d9","ssdeep":"","tlshash":"be51256eddc17f89db60ae382079a402b2c745ef8d53679c70466e04ee17ab7140ef82","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-17T18:01:05.929759Z","times_seen":58,"resource_available":false,"data":null}},"time_used":2702,"timings":{"blocked":2453,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/user_withdraw.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.083Z","timestamp":1781719217083,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/user_withdraw.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:20 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-1237\"\r\nExpires: Fri, 17 Jul 2026 18:00:20 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4663,"size_decoded":5242,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f6b2ef0aaa6efdc613d6e52e1805974c","sha1":"9ca0e06135ebb883b965af818f8dddb88868c216","sha256":"c58164e286162f059cf7483812fcc9740da5c42e5c6e8ef97a187d507d64933b","sha512":"30266da89291276b9dbec070480c73e90351b8949939644275dacb95936697106ef11a3812061aa011e7279b10b9713c7b2642d8ae298d8a06a25ab5382bf6bf","ssdeep":"96:stsvMSK+aBToco8T3R+DuJ0A2oexmuHtgc3IT7ibHvo:sOvMN+aZo8TB6uJITHtgc3tHvo","tlshash":"04a18e0f62e221175ad1685f35d5ba221cfcb17970759d38fb118e8faf1ae49c206363","first_seen":"2026-06-15T11:55:09.709853Z","last_seen":"2026-06-17T18:01:05.956694Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3233,"timings":{"blocked":2985,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/winer_ico.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.094Z","timestamp":1781719217094,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/winer_ico.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 22 Dec 2025 09:01:41 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"694908f5-7b0f\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31503,"size_decoded":27910,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1024, components 3","md5":"93459f40eeaf1a4900b41bef67b76e9e","sha1":"18215cadc34dbb1747e7e810fabbbceb39e4af53","sha256":"4796f1393f66594673008ea409470572a5021d3994c869ae6a4b374e4648b666","sha512":"4051b7990a1313c1f1536a1e7aa8f96038ea4ce8d8bcd2e35fcfcebb34cbd8a11138b3bdc44b34d239d9d51a28c304d0816809c527caa806ace6f3f56aced38b","ssdeep":"768:kPMQhU6lqynCDJSpe/Xds0jfSJUuRl5VTgngrjU:kQ7yCDJSpqTjfSJUuRlD8n5","tlshash":"61e2be0772854203da79677a95ef8330ff482c6a1d6a714a67a7610b0c7e3acfc4e9c4","first_seen":"2026-06-15T11:55:09.769359Z","last_seen":"2026-06-17T18:01:05.924447Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1429,"timings":{"blocked":1180,"dns":0,"connect":0,"send":0,"wait":248,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/mobile/ajax/findcpm.html","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.461Z","timestamp":1781719218461,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"POST /mobile/ajax/findcpm.html HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 16\r\nOrigin: http://trustedexchange166.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: lang=en-us; path=/\nPHPSESSID=1601f7de78d6101551dbb6fabc896cbb; path=/\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10,"size_decoded":543,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-17T18:01:05.958302Z","times_seen":5320,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/lib/font-awesome-4.7.0/css/font-awesome.min.css?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.024Z","timestamp":1781719217024,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/lib/font-awesome-4.7.0/css/font-awesome.min.css?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-7918\"\r\nExpires: Thu, 18 Jun 2026 06:00:18 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31000,"size_decoded":7650,"mime_type":"text/css","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-06-18T08:27:29.386352Z","times_seen":287320,"resource_available":false,"data":null}},"time_used":1246,"timings":{"blocked":-1,"dns":0,"connect":265,"send":0,"wait":980,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/js/script.js?v=1.1.1.6","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.043Z","timestamp":1781719217043,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/js/script.js?v=1.1.1.6 HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:17 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 20 Jul 2024 06:23:08 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"669b57cc-1761\"\r\nExpires: Thu, 18 Jun 2026 06:00:17 GMT\r\nCache-Control: max-age=43200\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5985,"size_decoded":2791,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"99b78165e73f08d1d0cfe114c0b4e7ad","sha1":"9f86c5f286135ac0bd6cf41eea0665e9846d0299","sha256":"d75bfccbf03a6192177e4fbe194370f0353b54034f1f3f92c7c77644a6988adb","sha512":"03b5565199a5e351f87092647db5f130d086635d785a4dcf6a9cb1bc79203b1c406dbde9f917515d85b37bb603e4ae83547f3574147da1dcdf7eea34143be53d","ssdeep":"96:kZFU4qA8jt8jpTbso663tYoxNkwhqGuLK9jtnnt5/Avx3CB0QPiU1QzGwfg3:kZNijujN0uYoxNkwwGuLK9jtnnt6vpCP","tlshash":"a0c19318f01c361a927931394c8f4069a03d89691b0f8495f47daea42f3473f4eafeda","first_seen":"2026-06-15T11:55:09.742084Z","last_seen":"2026-06-17T18:01:05.899059Z","times_seen":6,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":434,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/upload/20241104/dfe3947f252c3b098cd971a5081a8ac9.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.088Z","timestamp":1781719217088,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/20241104/dfe3947f252c3b098cd971a5081a8ac9.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 04 Nov 2024 11:27:17 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"6728af95-2f460\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":193632,"size_decoded":179348,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=525, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1133x525, components 3","md5":"c9c94443c0fc9679f0c8f9408a7cf6a5","sha1":"205bdc9e255173ba6a78c0b08025aa35103a4b3c","sha256":"cd1fb886ef6c5228e29ba4fbcc802f5be923cbeb9f6142c0a201c2a05c23b2d7","sha512":"d87791afa7cc9d6f99bdab5ef696b7f6def9fc94dd2157b9c6b60a6245a70d85a0a5b7063ca7cca796c2cdc9f6d9cab0f758a59c43dd62704094c06579c7c589","ssdeep":"3072:gM5Me5aO5MYTVDO2T51g121Svo6fh0PmUl/MeIPLaZJBB7SnLA0Rofv1KsuLjMd:gM7hOYl9516vdfh0+UlEeuIZELgsnU","tlshash":"2e1412667a988dd3d747193c16c4d790e1e16b3537633680ba1cb2b8bfa37611a2c392","first_seen":"2026-06-15T11:55:09.756526Z","last_seen":"2026-06-17T18:01:05.948773Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1941,"timings":{"blocked":1161,"dns":0,"connect":0,"send":0,"wait":260,"receive":520,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/White/market_icoc.jpg","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:17.090Z","timestamp":1781719217090,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/White/market_icoc.jpg HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:18 GMT\r\nContent-Type: image/jpeg\r\nLast-Modified: Mon, 22 Dec 2025 08:55:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69490765-6014\"\r\nExpires: Fri, 17 Jul 2026 18:00:18 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24596,"size_decoded":18935,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x1024, components 3","md5":"15667b5b6fdb942ddd11cc5a95db0c99","sha1":"0783321031131bc8b1c03ef4143605a766504fe9","sha256":"43fc0b727a695e776c1edc8feb4e56cda9d14759ae3f4d1d2b9b3ddd2d0f8ac9","sha512":"af1320d61bb0766085cc852ba818c084ed92fc0519a34f540197558cad8184557fc45c374c70e59516a391a5c7c8f45f1f5c7ffb11b30d45a7a7d3349326fa14","ssdeep":"768:9Xr5VuLcKCccccccNNNoCbuvPHUJCL/sEfjaoZK:Z5ocKCccccccNNNoCAP0AwEeoZK","tlshash":"cfb29e5273862442c86922b082c74716feb12d07ab1d959f6f6152170dbe3aefe7c6c2","first_seen":"2026-06-15T11:55:09.738489Z","last_seen":"2026-06-17T18:01:05.957211Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1695,"timings":{"blocked":1161,"dns":0,"connect":0,"send":0,"wait":267,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"trustedexchange166.com/static/mobile/imgn/bar-right.png","fqdn":"trustedexchange166.com","domain":"trustedexchange166.com","tld":"com"},"ip":{"addr":"162.245.220.33","port":80,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://trustedexchange166.com/","date":"2026-06-17T18:00:18.318Z","timestamp":1781719218318,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /static/mobile/imgn/bar-right.png HTTP/1.1\r\nHost: trustedexchange166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://trustedexchange166.com/static/mobile/css/mobile.css?v=1.1.1.6\r\nCookie: lang=en-us; PHPSESSID=1601f7de78d6101551dbb6fabc896cbb; server_name_session=9932a2e5c64bb5e01dee8449a28b8a5f\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 17 Jun 2026 18:00:19 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 21 Apr 2024 03:31:14 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"66248882-810\"\r\nExpires: Fri, 17 Jul 2026 18:00:19 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\nAlt-Svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2064,"size_decoded":1873,"mime_type":"image/png","magic":"PNG image data, 210 x 16, 8-bit/color RGBA, non-interlaced","md5":"6d506e21ad1a31db63ac286259d8f5bc","sha1":"6ddca17c5680b11eb52c2c21fdbead826b5112e5","sha256":"da85579c28fbeb70f1bf970210cfb2f8026574f3530ff6e452921b1df0e9f2b3","sha512":"d7cf62f82c6dfa2ddab288e85dc1858336ff238b6860434c9660ec7dbe6372eaf6db94187abc36d66806bd0aff77e3ad4b8d501e72825a1326e4d7d99a6bba0c","ssdeep":"","tlshash":"0441810bf9457d112a4dfb066af790676b2387d09a81a5c6bcd95d07acb20fccc0c2ca","first_seen":"2025-02-26T18:00:22.731167Z","last_seen":"2026-06-17T18:01:05.902435Z","times_seen":35,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":734,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"trustedexchange166.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customer.cmksaletservices.work/static/common/js/jqueryWeui/jquery-weui.min.css","fqdn":"customer.cmksaletservices.work","domain":"cmksaletservices.work","tld":"work"},"ip":{"addr":"162.245.220.33","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a","date":"2026-06-17T18:00:18.830Z","timestamp":1781719218830,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customer.cmksaletservices.work","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 May 2026 03:30:06 GMT","end":"Thu, 20 Aug 2026 03:30:05 GMT"},"fingerprint":{"sha1":"7C:75:54:56:B6:C3:89:29:BE:76:D8:EB:6B:CF:FA:FF:49:82:66:79","sha256":"FE:4E:49:F3:82:06:E7:D9:66:58:1F:0F:BE:23:F4:85:32:F0:C9:09:32:7E:D8:21:83:03:41:FB:9C:37:34:EC"}}},"request":{"raw":"GET /static/common/js/jqueryWeui/jquery-weui.min.css HTTP/1.1\r\nHost: customer.cmksaletservices.work\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://customer.cmksaletservices.work/index/index/clibox/u/5c6cbcb7d55ca/t/1781719217/tk/10a85125584bf710faef4d821f5c021a\r\nCookie: server_name_session=3c647ba2430e42c61aacf9d76ae2051a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 18:00:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 30 May 2020 08:14:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ed215fc-dae4\"\r\nexpires: Thu, 18 Jun 2026 06:00:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56036,"size_decoded":8550,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (55936)","md5":"f1b1208d27520d1e416d2cc8afacf82c","sha1":"d24e4dc7f758795359fe1b490bcb528e5543bc58","sha256":"64bdd05bb3b85a2252a1e599d0f58b216d1cf611797bdca88809c46aaa1abac0","sha512":"a71d863b0dba6bda62474a7945352415872db9f36efd7f47192e0e4d5ef20aff35623365c0af7542a922e369160e9bceffb73187b30ea63010fffbe792e150e3","ssdeep":"768:ZFraDz6UL96OpVHfiMHtI7RzLI7pMDpLpeZ:ZFr6632HfiEt67pLpC","tlshash":"7d43991f4701326a7622471ee3d69f6c871ac5435f632ced22127d1acbcb64522eb98b","first_seen":"2025-04-14T15:50:03.341554Z","last_seen":"2026-06-17T18:01:05.962819Z","times_seen":29,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}