{"report_id":"4611c7cb-cdaf-4df2-a43c-72af171c49c4","version":6,"status":"done","tags":[],"date":"2026-02-03T22:00:15Z","url":{"schema":"https","addr":"imtokenpay.top/","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.165","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"imtokenpay.top/","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"title":"imtokenpay.top/","dom":{"size":18286,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1298)","md5":"689f5e59338142f8a3b497ce11e082e9","sha1":"da839df580993b496de1d1749287fc7b747fb787","sha256":"c4de323f420904da350c4e4b4ddbec1b6d48a1aece69d89d8a67ea345acc2cd1","sha512":"fffb68a2cda326f266dbcce02a22c8c3d3f5004d4fcb7cd8e1ec7b56bd44cb7ab7dfd215541937c95cc6d5a3f8ef58d99350cbcdead50a1d1865b9c5589da97a","ssdeep":"384:yLeC2Ul0GWhwAAeZyG98OHrXQ/tO6DB6eVR0iW3xZMko/:8bReEG98QrXcO6TRpWnMk2","tlshash":"90821a75f0fa20260267e0d976ab4b4f79b0c507992fc801f96c87d09fc2d4559a3a9f","dom_hash":"domhashc9aa5efc6c1e3dbdc78fcf74cdf724b6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"imtokenpay.top/","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.165","port":0,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-10T22:00:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"imtokenpay.top","ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":42,"request_count":14,"received_data":633198,"sent_data":6235,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ant Design","description":"Ant Design is a UI library that can be used with data flow solutions and application frameworks in any React ecosystem.","website":"https://ant.design","common_platform_enumeration":"","icon":"Ant Design.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"imtokenpay.top/","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a7c38907ab9aca911443533e2daa644b","sha1":"412ac721c52208a5f31cc4c797b6d0c9db3b2bad","sha256":"328e789ef44ac2f1870847a842d0bde6ce3de73244c45296cfce322368174d43","sha512":"7446f756dc9beb78a1ca13c458757fd628b4e9d8477d8e174c5df0a300c28a61515abf160957153c866d788cd6471ce36e1c628cd0aa268f6792dd555d35a40b","ssdeep":"192:feTg6TGli+Hc1/121jdYXOkHQT+rXV2ELIftkb6BzJnB6eVR0iVIO/ADK:feZyG98OHrXQ/tO6DB6eVR0iW32","tlshash":"ea0284ddb2bf1011066724e96baf65897934c513285ac445fe0d83882f91c1965f3feb","size":8899,"data":"","first_seen":"2026-01-02T05:11:38.910408Z","last_seen":"2026-05-27T21:46:03.734295Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/js/jquery.min.js","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b57cf46dc8cb95c4cca54afc85e9540","sha1":"05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac","sha256":"a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855","sha512":"a6996f5029858c6de6de30eda54f8acc47d9713cb1adc576173ce8f75f79a2b944b9c04bfa55ad62829e705cede4fcb7c7c90785e8cd3e0252d79a186b1760a7","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6tv:5kn6x2xe9NK6nC6N","tlshash":"728319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86926,"data":"","first_seen":"2023-03-07T01:03:01Z","last_seen":"2026-06-17T11:33:12.571832Z","times_seen":20392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"imtokenpay.top/static/picture/alarm.svg","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/picture/alarm.svg HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: \"68875e7f-215\"\r\nlast-modified: Mon, 28 Jul 2025 11:26:55 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\ncontent-length: 370\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":533,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b20df3089e50c545541d8ee900863574","sha1":"451b3f7e7fd362deed7642033c480082bcb0674a","sha256":"7c9ca78247b00b98096dc68fc15527fa07e332c5c87c7834e1511786a490af68","sha512":"40eb69a60fe3c221e70659a54d99e80089e6e8ea47994b7460dfb1ca0d03207570de0a7bb03ae32706a2e1c10a9fb791e8216a57bafe0c516f0f48eed0ea6a7f","ssdeep":"","tlshash":"bff05994538c9ebcb6224f24db1172b6207b31373b9d9258d863a43a216411d683f9fc","first_seen":"2023-05-07T16:57:14Z","last_seen":"2026-06-16T01:14:42.914859Z","times_seen":2067,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/picture/imTokenLogo.svg","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/picture/imTokenLogo.svg HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68bff74b-24de\"\r\nlast-modified: Tue, 09 Sep 2025 09:45:47 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9438,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ff362ef3dd8481a8b6507fb545025cf8","sha1":"a728dfb3d393258924ce63dfbc3f638b59d3330a","sha256":"690e08204f91ce6958a804b11ee08546156e4b5dca35f0b1ce00dee6266156b2","sha512":"a25bd09b8e65b5188bc5efcaf54aa7a215217cd53f8e92337c06edc96cf82b3e116e7771ea3ed36ac51f42d869f018178f0429e15044e8a43cfe72126643124e","ssdeep":"192:LJYVRfONtbZ36T9/zp+beh4ciRBi6m/Z1BnMg+K4jnFJibZLI2R9TZx9R:sRfONtbZ36PPiRBivPBMgxKnFJlE","tlshash":"681286f13aa463f59503ebf8de2754746a2b38fabfc54ae7c190ac499422055cdc9cc2","first_seen":"2024-08-08T18:51:51Z","last_seen":"2026-06-16T01:14:42.9115Z","times_seen":2192,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/css/7f7f1180.css","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/css/7f7f1180.css HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7c-3a884\"\r\nexpires: Wed, 04 Feb 2026 09:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:52 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":239748,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b8a9f8b8fbc9c01d0613bd4ccde036bb","sha1":"251a701157f03c448f65e18845198b16f7da420c","sha256":"c9caf7fc4d726cbbc6f787a3e25042dabadc102cd9264c9a38baaecbf68a4aa9","sha512":"b3bd5b85532c4814776e81ca0fcd2ca8e01cd7ff350037da6d25b641c7f7fa67991c42d25b37279c53442f71f1cfb79ef9be2bd940004ae919a08151facba44f","ssdeep":"1536:gBzfkfXfkfuf+fyf+f80vj5GOSTO19EOXo/12HF:0fkfXfkfuf+fyf+fxv9dvEOXj","tlshash":"1e34b8d165d1312cba6fc727b6e49889a7204523d36f9dfea131329dcf85287229370e","first_seen":"2025-08-26T07:14:37.193322Z","last_seen":"2026-05-27T21:46:03.718489Z","times_seen":36,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/picture/banner.png","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/picture/banner.png HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7d-228eb\"\r\nexpires: Thu, 05 Mar 2026 21:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:53 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141547,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"31b2b7726829be089d61a1b3238892f8","sha1":"419ba2f64dd5f7bd35c7f440fe993c6d16f764ee","sha256":"44a360e3f1753981cd79609f2a238f58648d2c132b958647f9bda8922d1c507d","sha512":"7dfd577d2ef15783b23e42442d4c8eeccab8a36ae37ff9aadddc404acb70bd1993369f8c028a845b9e699dcfa2b9c10512fd8c8db42285f0aa3740f487e02eb5","ssdeep":"3072:Bwm2VYh1sYAjd/J9EYPfMb8eM07+TyKwSl7mKLBpWcr2oYXE7nmWJAc:BFf1s5xCbBGwsHLBzr2oZ7mWJz","tlshash":"f9d3019939aba65edc1f147ab5b02edd0fc209a086761efd7433609adf4922cb410f1d","first_seen":"2024-04-19T06:46:35Z","last_seen":"2026-06-16T01:14:42.930028Z","times_seen":2203,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/css/1009f594.css","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/css/1009f594.css HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7a-13c16\"\r\nexpires: Wed, 04 Feb 2026 09:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80918,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"61b293fd330c93321b98f4891e46d465","sha1":"ac5a8393f4b9112b9554ba2f52eefa95bf041a49","sha256":"d0b7a3367c215ac64a9b273bb95499a206f5642ede59be7f4f0f5d31508dc43a","sha512":"126429830f1df4ea9c7e72a8c2a47a60838e18c17cdbb07ab4a5453b601cb962199c62f90d054a61521d1f475f7a65a859116b6771af229f5524e5730111c2b4","ssdeep":"768:wbKwmgzY0vPCuGZfg3byjQWjNc3Ug/WNm14ZsV9:UKhgkACuGZftQE8P/UeOy","tlshash":"cc835a2f2b11211ad2a2df1a66c53b9dd931ea33b179decff6d53c218786e464890d03","first_seen":"2024-01-06T17:59:57Z","last_seen":"2026-06-16T01:14:42.892179Z","times_seen":389,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":365,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/picture/to-top.png","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/picture/to-top.png HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=2592000\r\ncontent-encoding: gzip\r\ncontent-type: image/png\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7e-2084\"\r\nexpires: Thu, 05 Mar 2026 21:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:54 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8324,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 124 x 131, 8-bit/color RGBA, non-interlaced","md5":"13eac2560b1b5d187f0632729627c7eb","sha1":"9d767610734797f5f8dd98c82329d072171b67f8","sha256":"64774fdbbbc520f5748ccf6f48ede71a843d30cb3ce4bbc8da64c7f64d95b3ed","sha512":"ac2f7c596a78b4554e146dcf757f23248f8895189ead847dac8884b4e9b2f02cb3812d03fa4c7821e9073042768b06dd567b6ea078f069b1c2853b04473e2bc4","ssdeep":"192:n64wmsnaCQVU/kld8QRX3ok8arbdUK+H4sWt:nLOaNVU/kVz6K+H4si","tlshash":"7502b08242c004a419cf4da444fbef8c9ff73970caaac5693e7c14c6bf2a6991a4f520","first_seen":"2023-06-10T15:14:48Z","last_seen":"2026-06-05T23:41:08.278903Z","times_seen":286,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/js/jquery.min.js","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/js/jquery.min.js HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7c-15391\"\r\nexpires: Wed, 04 Feb 2026 09:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:52 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86929,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"4b57cf46dc8cb95c4cca54afc85e9540","sha1":"05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac","sha256":"a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855","sha512":"a6996f5029858c6de6de30eda54f8acc47d9713cb1adc576173ce8f75f79a2b944b9c04bfa55ad62829e705cede4fcb7c7c90785e8cd3e0252d79a186b1760a7","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6tv:5kn6x2xe9NK6nC6N","tlshash":"728319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:03:01Z","last_seen":"2026-06-17T11:33:12.571832Z","times_seen":20392,"resource_available":true,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/favicon.ico","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:56.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-encoding: br\r\ncontent-type: text/html\r\ndate: Tue, 03 Feb 2026 21:59:56 GMT\r\netag: \"695545f6-8a\"\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS, Status: 404\r\ncontent-length: 142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-06-17T13:09:51.732398Z","times_seen":280488,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/css/swiper.min.css","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/css/swiper.min.css HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7a-4d42\"\r\nexpires: Wed, 04 Feb 2026 09:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\ncontent-length: 3102\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19778,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19513)","md5":"13e3477e9b99b8653e80def106e569e7","sha1":"34a50a5848aea3d3b6345a2a29fea97d0b48e8c4","sha256":"cbd3907ccf320bf09a971e16978df6d2293228febdbcffd158ce25011a6d68a1","sha512":"54776d5f9ef56af29d4deeef3884c7385bdc0419698694a6c63481b53e17fd4af3c8ba89d95284944b23778cf66810b0ec705e9b757e7c798da15e7957398bcf","ssdeep":"192:dWaNv/lSSyJWCh8zfi5o/mXDN3eBxwdJ5c:dWa1/lS0Cifi5o/mXOGJ5c","tlshash":"5592612c17003057e6334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-06T20:39:57Z","last_seen":"2026-06-16T01:14:42.927614Z","times_seen":1668,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/css/faf1427c.css","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/css/faf1427c.css HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7b-38c2\"\r\nexpires: Wed, 04 Feb 2026 09:59:55 GMT\r\nlast-modified: Mon, 28 Jul 2025 11:26:51 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\ncontent-length: 2900\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14530,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14527), with no line terminators","md5":"924c8dbdce73bee54b343f6ae9b6ab1e","sha1":"723fa4aece80c69c9d32ac71b33c0fa894c2fb5b","sha256":"483b6dbfd7729c15193e5df58bfa8dc54dd26f4069c636c3a47c75c85b3cae22","sha512":"520995dd49d52f0950507bb14dc1b9bc2fdaa2094cb80e3cdcadcba3a6dbfc3594df58fa359779cd773e5fda48c45ee22c9d8774198221258f0cdc2454aef4ae","ssdeep":"192://xXQzvBhtSu/Vjj9gsb89ZXMGvppByqP5+:GbVyW0NMGvpryqQ","tlshash":"eb6212195234322c61e39335aac87d49f5358912837f45bde4e2b31edff84630ea6b89","first_seen":"2024-01-06T17:59:57Z","last_seen":"2026-05-27T21:46:03.709763Z","times_seen":203,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/static/picture/im-wallet.svg","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:55.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /static/picture/im-wallet.svg HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://imtokenpay.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: image/svg+xml\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"68875e7d-1fd7\"\r\nlast-modified: Mon, 28 Jul 2025 11:26:53 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: UPDATING\r\ncontent-length: 2841\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8151,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4a8d60705c4da90ce91d4f8903c235c","sha1":"6ad45ab8c6cb2a8ea097c79c1eb197d4462a01a4","sha256":"fefe0ac8ca8b6c7a2999e3c7923ab67cced26355f9b5eab0bbc7140d578eff59","sha512":"8cf7c7286a422458b80d6e37bc3970afdbf012f69d7307497e7bd78ab526ce6cc800120d8f150dd54038ee3d60bc35710841c6836edca29085ab767fbcb7f0f6","ssdeep":"96:lXSa2PgQvn0Nn5dpwOOzd+f/Y9rQTBNMazWRtt4qsQm9i8g3eybccDjFYDeSp:1SPgLdWOi+/9lkBF357uDeQ","tlshash":"a3f1a6cc23096ef18d80c3f4ef2aa0f4a51751f99a64506ccb706e6e39155ae1c7b9c7","first_seen":"2024-04-26T06:55:29Z","last_seen":"2026-06-16T01:14:42.858695Z","times_seen":384,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/uploads/ios_url.txt?_t=1770155996227","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:56.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /uploads/ios_url.txt?_t=1770155996227 HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://imtokenpay.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-type: text/plain\r\ndate: Tue, 03 Feb 2026 21:59:56 GMT\r\netag: \"690647b3-20\"\r\nlast-modified: Sat, 01 Nov 2025 17:47:31 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 36\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"03b33a25f02149724bf996bf4af5924d","sha1":"b56d38f11268eda58367bb6fce1e00ac07503735","sha256":"301432837997b8fe2bb81bce0315693a26bcfff69a9c44a92f8b254168e88c1a","sha512":"3f324ef72056be26f07746589d6d38d7067b584ea403604577b12cf2e11e168b13fa3b2632dac199f087424cd504a6b3151d4b3785598ba80fc6cd49e0e540e2","ssdeep":"","tlshash":"5d80002b0b0abb000aa80cc288aa380c08820e0fab822808f3208ac20c00a220023200","first_seen":"2026-01-02T05:11:38.900743Z","last_seen":"2026-02-03T22:00:23.973296Z","times_seen":5,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/uploads/latest_oss_url.txt?_t=1770155996226","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://imtokenpay.top/","date":"2026-02-03T21:59:56.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET /uploads/latest_oss_url.txt?_t=1770155996226 HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://imtokenpay.top/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-type: text/plain\r\ndate: Tue, 03 Feb 2026 21:59:56 GMT\r\netag: \"69826ee6-44\"\r\nlast-modified: Tue, 03 Feb 2026 21:55:50 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\ncontent-length: 72\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"08f17e1e26f4432c97108efe80b50d3f","sha1":"506e850a94e55e9f4e642bacf7658ffe17ad1d50","sha256":"5da35f03facf3c37b4760054f3e5ce4cea2d5bd00d8c769a9816d53bda7023da","sha512":"8a7bf265b28d2fcbdf16812f62f8da937af138fd395bf7177bbb954cc7133c05f31277342baf39e4ed593c9d7939919ab2619d7026b9bddb470bee44beec30ee","ssdeep":"","tlshash":"63a0220a23c200380008802c80cb32088002b20a088b330e38f2a8c0080202f8203a00","first_seen":"2026-02-03T22:00:23.979789Z","last_seen":"2026-02-03T22:00:23.979789Z","times_seen":1,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":237,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"imtokenpay.top/","fqdn":"imtokenpay.top","domain":"imtokenpay.top","tld":"top"},"ip":{"addr":"31.57.51.54","port":443,"asn":2914,"as":"NTT-LTD-2914","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-03T21:59:53.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"imtokenme.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 31 Jan 2026 10:35:59 GMT","end":"Fri, 01 May 2026 10:35:58 GMT"},"fingerprint":{"sha1":"9E:2E:35:67:17:B7:69:60:C5:53:00:B5:64:1F:CD:9E:A7:6F:7A:32","sha256":"CB:C6:DF:C2:E9:FB:FF:BD:AC:DA:EA:FC:CB:EA:08:20:90:DA:94:52:F7:C3:46:85:E5:77:C4:9A:C6:65:64:D9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: imtokenpay.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\ncontent-type: text/html\r\ndate: Tue, 03 Feb 2026 21:59:55 GMT\r\netag: W/\"695545f6-49b8\"\r\nlast-modified: Wed, 31 Dec 2025 15:49:10 GMT\r\nserver: nginx\r\nvary: Accept-Encoding\r\nx-cache: BYPASS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ant Design","description":"Ant Design is a UI library that can be used with data flow solutions and application frameworks in any React ecosystem.","website":"https://ant.design","common_platform_enumeration":"","icon":"Ant Design.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":18872,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1298)","md5":"ae9a6464a04660a870ac841d5475b138","sha1":"925ee6a075b8c90986d93b45bb44b15a45154c96","sha256":"be0adf538e5f9b6f6a7fce17f7023eab19a5557769cbcde5e5e735b7053535dc","sha512":"7416b4ae78333494e3fd886250653778e4bbd16049d73515473413345f04c32a0cfd851e58c73336a4a358a21ceacd7cd35a530d2802e98b669d0b6b9049d211","ssdeep":"384:ALeC2Ul0GWhyfeZyG98OHrXQ/tO6DB6eVR0iW3xt8fMKoN:mbNeEG98QrXcO6TRpWP+MKU","tlshash":"f9823a66f0fa3022016790d976eb4b4f79a1c203952ec901f96c87d49fc2d45a9e3b5f","first_seen":"2026-01-02T05:11:38.906952Z","last_seen":"2026-05-27T21:46:03.722799Z","times_seen":13,"resource_available":true,"data":null}},"time_used":2539,"timings":{"blocked":1122,"dns":734,"connect":190,"send":0,"wait":289,"receive":0,"ssl":199},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-03","alert":"Phishing Block","trigger":"imtokenpay.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-03","alert":"Sinkholed","trigger":"imtokenpay.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}