{"report_id":"5a55d866-623a-4a8c-bdf3-78bb0e1ab765","version":0,"status":"done","tags":[],"date":"2026-06-17T15:50:12Z","url":{"schema":"http","addr":"glctp.vip","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"glctp.vip/pc/#/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"title":"FACKGO","dom":{"size":130112,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51094)","md5":"6f8815212bfd82165c78ff6f798943d8","sha1":"13e6d828b51724c12fa9a147d0f3a417d555b671","sha256":"91c6f79a33cab37fce0434bd4733a35ab42ef34c94a8d2530d93d865aba827cb","sha512":"73f58e5bea90f98a8cf16368edc12913014d838c8911fcef74ae34fca8ee02175e220f23fb66459e0daf3b4338cc15f117634cb39b4c4dcc779c1514793f8d14","ssdeep":"1536:D5Jae6JaeiJaeyJaekY0gaBEiWgEi0EiiEipJ+vXOd4+jJEQQ9wDV57RAC:oaW0Q6Fv","tlshash":"e4d3b829b2299163d077c1d494613f2b30e6f20b85c7da53b9ed63a51f8be78b6400b7","dom_hash":"domhashe16f7fe7b3f3a0933cb7c5576e6ab3a4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"glctp.vip","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T15:50:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"mfccfx.org","ip":{"addr":"47.236.224.27","port":3000,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2024-12-15T16:44:26.907384Z","last_seen":"2026-06-11T00:01:56.61457Z","alert_count":0,"request_count":1,"received_data":182,"sent_data":574,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.mfccfx.org","ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2024-12-15T16:44:26.905521Z","last_seen":"2026-06-15T12:33:31.209101Z","alert_count":0,"request_count":27,"received_data":189203,"sent_data":14230,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"glctp.vip","ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-27","domain_rank":0,"first_seen":"2026-06-15T12:33:30.418655Z","last_seen":"2026-06-15T12:33:30.418655Z","alert_count":120,"request_count":30,"received_data":5633139,"sent_data":14579,"comment":"","tags":null,"fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"glctp.vip/pc/#/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-06-22T05:54:10.574329Z","times_seen":23116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/0.1a10cfe064474e2a49ee.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea4eeb07128cd32f11e29425f273fa37","sha1":"e2198e737ceec7f7187517a7f0d74d54965f4ef7","sha256":"554710308996608ad4e914a7cf9e84b00410a75b2f33be0ec4890fbb9cf11e2c","sha512":"da29a36a85f1e1ae6146da8d479304d52f5af501a2d8804989a1fb44fff04d4a208d079a7f85aeb2d469371fc2f0abb15cdc2a74427028bef690face12af398f","ssdeep":"3072:3WR3NFn5VHxkt7zVrWogaYmdNDRBv9+HK2kKK:30rn5jkt/rFdVRx99sK","tlshash":"2f345b19b043b679487a4061202f2129b0752fd9a809d0a6f778dcd5adf4eb9232ff7d","size":239859,"data":"","first_seen":"2026-06-11T00:02:03.985543Z","last_seen":"2026-06-17T15:50:19.209608Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","size":10607,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/w3model.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","size":428813,"data":"","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/manifest.d75d13c50ca7633588cd.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b42ec6b041111b0885f237891e79de83","sha1":"d7a17483253efd0415a530d5200da3eb492b4d4f","sha256":"2a018e563c5e316c7b5375d0b0189d7a71171944e65d009e705d585cf3f88891","sha512":"06d9e8d57fb1a73ecb5c24ecaa1ad91a1b6e54e152bf540bba02c95f207d50bd1a4e042558cace35015e3eb7d42642843e13952f0cbe71cc1f9b0aaa56d9f7ad","ssdeep":"","tlshash":"c451d89e7a7df9d667b10c94123bb6a9b13c3e205d2cdc50e3cde6a83825c5093126a7","size":3119,"data":"","first_seen":"2026-06-11T00:02:03.915568Z","last_seen":"2026-06-17T15:50:19.217945Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/web3model.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","size":430146,"data":"","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/vendor.4b5ce9b4142481a9e749.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6ddf4a96942a5b756603b9f36a4a861","sha1":"338e52ccf9bde9bd2f704d1f7bd98698f201c718","sha256":"7eef725f662a2ba07ad93bc8fc9bcf236e0a87ba9a0a785d8d58954c300ae052","sha512":"cd48be97a979a888e57c54ed4a3246a89f56a3a2a8f65626e3b80f76bbf9236545f2c0692a6640116e00964e63ad11aa93f23ef214796f9eac7bec820c7f200c","ssdeep":"49152:HH4KkoNRm5Pzk2JawX0BBL2JXzdUimRH2vD/:iLP0W7UpH2L","tlshash":"21852b9d32c4b46247e321b5503f240ba3372958a80ac458ba75d4daacbd94e633ff7d","size":1786906,"data":"","first_seen":"2026-06-11T00:02:04.015464Z","last_seen":"2026-06-17T15:50:19.265281Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/#/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/#/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/#/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/1.012b03e3947f718952da.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2c92d8e1bac9260d73d302db8c573c5","sha1":"84dcc650dc2a80fe0c6b711171c07aed4b1ff2e2","sha256":"a1d631705343a0def512cd15d5558da41f08e5666cb1d697ae012f892c0d804b","sha512":"44f164ea73cbdd335b130f953908114bb043cfa37bfca8179afee2751017aa95168ee54b96e86b527854f2f7c4d816514b4965739f9cf632825ba6d201aac504","ssdeep":"768:v1g4pOx27O8/L3bYeRyHYL1LjE1VlQRL14ti/gWRLMssvi/grDYKJod/:vS4pOx268D3V4H01nE1UOti/gXi/g3Y5","tlshash":"b9233a0ab487b66dcc3a4060962f2139b07a1fe8901ad1d3f63cd9949ae5d39171fb7c","size":48322,"data":"","first_seen":"2026-05-06T11:01:26.044307Z","last_seen":"2026-06-17T15:50:19.234713Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","size":13418,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/swiper.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","size":122748,"data":"","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/country.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","size":44047,"data":"","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","size":9697,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/jquery-3.4.1.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-22T09:01:29.894379Z","times_seen":7145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/app.c5e43283136f9036e96f.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4f8f34aaed53a2602f9785d44bacc3e","sha1":"28e78ae9fd576091f61e5e5f2476887378ecc24c","sha256":"b552b7ca732193d4242146efea4d57aa57706e817aa5c456130b59597168bb60","sha512":"a360a391ac603e7bd190c84b16bfe77a698b033c21b9a02588e9202a23744ba6526fd6b78dee01385b4f4d03300d9d1bfe24fb0c274b7a7b838aebbbeca55a95","ssdeep":"12288:JNrGrZCSofYWWoRh+NDJReynMlRPGNpiEj7ay0fDxEMo3wD6UcV9FY0ZconS//CH:JwrIYWy6imO","tlshash":"33d46d7b11ce59a819428a06728b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","size":631002,"data":"","first_seen":"2026-06-11T00:02:03.977372Z","last_seen":"2026-06-17T15:50:19.228729Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"/","filename":"https://glctp.vip/pc/static/js/app.c5e43283136f9036e96f.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xaut.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.064Z","timestamp":1781711384064,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xaut.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 7688\r\nlast-modified: Wed, 15 May 2024 02:03:33 GMT\r\netag: \"664417f5-1e08\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7688,"size_decoded":8030,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"2615bb8aeb247f2b56501d9b299ca398","sha1":"6f94dbc3a1df9b6a69ef9a9d3fcbe8bfb3665593","sha256":"6bdc89d90af3a27056a874c2906ae19ce5bcee9884334303031251e25a4a50f0","sha512":"71ab52b12c29407996836faf6d7eb0a1737ccc02665e11e3bb55e19517f58e646870830e0654dd6b83abe2b6af9b81ada71dcaf7a0b702ddcfcc41620db18b5d","ssdeep":"192:W/0Mq6bv4UW4Z+vp+3saH4xSznCf398CsN7aqOk:W/BTv4x4gvI3JYxSo3983N7aG","tlshash":"37f19f00c064231ac30246b6ab45ea87ecdcd27ce76b792f9479eb44a9d00afe983546","first_seen":"2025-03-05T16:19:54.140594Z","last_seen":"2026-06-17T16:37:09.024848Z","times_seen":48,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/link.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.070Z","timestamp":1781711384070,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/link.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 4720\r\nlast-modified: Thu, 30 Jun 2022 09:13:07 GMT\r\netag: \"62bd6923-1270\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4720,"size_decoded":5062,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"daddfcd5b19144e686ba7f4048f9de63","sha1":"a1803333e242fd7ee0900da9f236a39f4cc2b802","sha256":"c707189076cf26f3b6c84b5c712f6f0e6b5de0279efbdb5d4d90d3698b8cd1ef","sha512":"646bbe55e2c6683959c978bd504fe71abcd8cc558129a42c9114593b70033c729a42469b919136a82e439d404518790a32ba8228e9c1245453c05cb2bb7addf9","ssdeep":"96:eqnGuMdVvZUGnDxNH6gJj0JOfJdq84MgqZIAWIJZhEHKPtZmOCGaZmPPPsj7:3mUEDxNH6gyJOhdZOqZLW7um8nPo7","tlshash":"aba16daef6781159e6d9744b030570699638d231240641a9c813c93b2a7f3aeaa426b3","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.018008Z","times_seen":92,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/trx.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.076Z","timestamp":1781711384076,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/trx.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 6495\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-195f\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6495,"size_decoded":6837,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"53d1c2f9fe08b9e1876cfe48d8515b9a","sha1":"cdcf316d85014fa6ff4e3734abbb423d1059dd8c","sha256":"5a64c819fd826d8183b1eae37b023fe72fd41d0c0c38e0311131d934fd0840bd","sha512":"4690750a0d8bd06649658f8fd84eb75409177aca8ba881aed166a370c4c7a2bd2ab6d28473a4df334e218d24830c3bddadedb48a7846907c14859c64279eb713","ssdeep":"192:G8+yL4eaVKn8cDxhgtcnwDnAJ6NjKdsVTLMLasKPQ:R9dDn/DUDAJcTAOst","tlshash":"27d19eb96367e69aa9c6f5b99b39e6225f62ddd0dcca15f20e98820041f3040b5814ee","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.011843Z","times_seen":116,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":481,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:49:38.875Z","timestamp":1781711378875,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/ HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:39 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aftA9ak67o72XWT3oRS135s73mlB5eptiJLgoLZyDnkgwarkFccU8q3JfH7DC8DWpdib1SpYd%2BMjG1Am5wQXIwD0e8ZeFFqUwQ8QwFqD%2FewiHHxOiYDz3rLesdE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\ncf-ray: a0d33495fba356a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":6947,"size_decoded":3145,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (956), with CRLF line terminators","md5":"1f29e26183a81baaf52aec67ee62d923","sha1":"bbd714450ac6a0c895cda2624e2dc55aff2b4720","sha256":"51b9494a8b7902908128b51754d9bc3b00b53f46b2c0a873cb723f9bbe833389","sha512":"bbba2a23919afd073c5c7f74e206982396f88192fc845161291ae043cc318b84d504b9ab91e415b23af681e2d1fa6c1cd61d3ebf4a422316eb1b253cd29ff097","ssdeep":"96:iJGxDGYUBzlV7TCD5SfWtOwDLT7/iFKsx4/ObAt5BAAuW:fybKD5oW/DLH/HNRt5BA5W","tlshash":"12e1755b5c01c0662ab265187373eb29f506b7675a11c801bafc80a49f74fce56a6fcc","first_seen":"2026-06-11T00:02:03.923455Z","last_seen":"2026-06-17T15:50:19.208823Z","times_seen":5,"resource_available":true,"data":null}},"time_used":814,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":814,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/0.1a10cfe064474e2a49ee.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.378Z","timestamp":1781711382378,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/0.1a10cfe064474e2a49ee.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6982713a-3a8f3\"\r\nexpires: Thu, 18 Jun 2026 03:49:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zdqtLXQ5YLm8j%2BFKe7izTl6tQyKdiqrqfDrvCd0J0M%2FmZGfAk9E3%2FN6%2BalHZTqhNS0B%2BhvfRoojRy0HDJTfkbaCQHijfJPlpoOMthxSblYf6N82Af9bz46JZ%2BzE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d334abdca056a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":239859,"size_decoded":98747,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65516), with no line terminators","md5":"ea4eeb07128cd32f11e29425f273fa37","sha1":"e2198e737ceec7f7187517a7f0d74d54965f4ef7","sha256":"554710308996608ad4e914a7cf9e84b00410a75b2f33be0ec4890fbb9cf11e2c","sha512":"da29a36a85f1e1ae6146da8d479304d52f5af501a2d8804989a1fb44fff04d4a208d079a7f85aeb2d469371fc2f0abb15cdc2a74427028bef690face12af398f","ssdeep":"3072:3WR3NFn5VHxkt7zVrWogaYmdNDRBv9+HK2kKK:30rn5jkt/rFdVRx99sK","tlshash":"2f345b19b043b679487a4061202f2129b0752fd9a809d0a6f778dcd5adf4eb9232ff7d","first_seen":"2026-06-11T00:02:03.985543Z","last_seen":"2026-06-17T15:50:19.209608Z","times_seen":5,"resource_available":true,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://mfccfx.org:3000/","fqdn":"mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":3000,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.735Z","timestamp":1781711382735,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 16:45:37 GMT","end":"Sun, 02 Aug 2026 16:45:36 GMT"},"fingerprint":{"sha1":"5E:31:61:CC:72:37:18:84:84:8B:E7:D9:D9:50:74:C5:A8:3F:40:B2","sha256":"70:54:E7:35:44:0E:EB:D1:4B:93:CA:BB:30:E5:F4:2D:5A:36:87:A4:B6:83:FF:01:79:51:7C:9B:D4:BD:6E:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mfccfx.org:3000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://glctp.vip\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: dU5dbVUDstFMCB0ckSBGyw==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: x6RthBF7brOPFqBR9ymWr9NFqd0=\r\nServer: workerman/4.0.18\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":182,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T11:29:50.742489Z","times_seen":16634939,"resource_available":true,"data":null}},"time_used":2803,"timings":{"blocked":0,"dns":4,"connect":254,"send":0,"wait":762,"receive":0,"ssl":1782},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/Practical-functions3.3ff97dc.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.749Z","timestamp":1781711382749,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/Practical-functions3.3ff97dc.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-6999\"\r\nexpires: Fri, 17 Jul 2026 15:49:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ACTAa%2F1RFUpmF02eLAX2gNjqAftxU%2FZBJFP29qtjMM250YhNACM5sxqlp%2FrXwLLxMrcr2assOhIYs4qFbgzbaUVGpH7il6%2FhDDEzA3Cz4tNm8r9WWZkr3KKp2ok%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 27033\r\ncf-ray: a0d334ae3cba56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27033,"size_decoded":27803,"mime_type":"image/png","magic":"PNG image data, 169 x 191, 8-bit/color RGBA, non-interlaced","md5":"3ff97dce9558ea7021ca410a2e730de8","sha1":"3d803d7eb5a242b5c035e0ed7d5ece557bb7270c","sha256":"4b8993833834ff23568d9fdd40d103942568b53a3ed0704fb3c678fa9fd74d1b","sha512":"43608f5e99af7dde42bd05abdf77df4b62670631c4650a66d40c7b0b9c81a9fc0f0226200b988bf3e5badf5fd27da158d1286f1eec1074b1a1291fd04f62336e","ssdeep":"768:dZ+x9Nc9X5WnhV3dSH/x8daijhvFT5thhL:dCIWnhV3dSH/OaeBjL","tlshash":"25c2e1dd8743af06c8399d6319faeb3608d09108564aa947cacf4fdb462f2b274605d1","first_seen":"2025-10-08T18:47:54.17253Z","last_seen":"2026-06-17T16:37:09.027031Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getmarketList?lang=en\u0026rtoken=EVLwe2RgK\u0026id=1\u0026type=1\u0026limit=200","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.765Z","timestamp":1781711382765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getmarketList?lang=en\u0026rtoken=EVLwe2RgK\u0026id=1\u0026type=1\u0026limit=200 HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11577,"size_decoded":11929,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d71ceef4aa29b8ed3c8a3862cd6284e4","sha1":"464f01e9851a8eafa4aa07b0465c85fdc9ba1577","sha256":"febaf733da6af7538facec653374004cc0f8880c4d2780788195df0bcbd51783","sha512":"1b5eb5b0c6c4de7766e5c032d84231ed0488755a207bca2723fa622bd3f6bc05ebb0b4c020280b9d4252ffa679b3c32f624d10857af79f770994dbda6fd2920c","ssdeep":"192:mcp47CCqJ0t63KTtL2D2GWIjZkypKSg8meGuGGGG5nxTyBCW332T:mcp47CCqJj3KJqB/lkypKSg8meGuGGGm","tlshash":"c032f2162a944e7463738dc8a7c6d874a56ef04aacc28fc743fda9a501d466b370af13","first_seen":"2026-06-17T15:50:19.211571Z","last_seen":"2026-06-17T15:50:19.211571Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1247,"timings":{"blocked":749,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.731Z","timestamp":1781711379731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/polyfills.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-25e1\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=olJ5Gd8%2Bg7owMZMnNy%2FMmRGUbtVR0jWGQ%2F%2Bzi2xGOnOoykgJloSoUISW53Yc5hdJHpsDD5sDOnQ6vjclwe09urPTvMNpGC4OuES9b3YLlWpr0Rf6OQKwGJRZRjk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b5bd956a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9697,"size_decoded":4335,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9695), with CRLF line terminators","md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"resource_available":true,"data":null}},"time_used":832,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/vendor.4b5ce9b4142481a9e749.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.753Z","timestamp":1781711379753,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/vendor.4b5ce9b4142481a9e749.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-1b441a\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u16o5U%2F%2BGWG%2ByAJzym0TN5tWkRt6YFXNLdY%2FIwcGxtJAa9LMtL4wBFyNUTB8seJHWGmlILFAf7AIq%2FSjKHrppdYD%2BV1seDipgxeeGJB5pnjcNYa1bwgEb2a49fw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b7be456a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1786906,"size_decoded":644111,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37287)","md5":"851f0e7ed8c7d29b5a47ebba573c503f","sha1":"6f2576dc96f41084b165650924212090afac5d0f","sha256":"9c91b2f3f2535f570fb6e11e14fa21f794472c15a350213879334c20092b8096","sha512":"4430a86caa90172cdf8bb72c0e5d6980fb5ad447f41efd2e978371b393816cb2e544476c6ca07caef87da0182ddfc7bd7cd20cce0fc08d50f3abdd36163302e5","ssdeep":"12288:p/5H4KEh+NlpJ8ei75Gm5PiMta2JpIuuiXuHBBL2O:pBH4Kkoj8eQGm5Pzk2JaRiXuHBBL2O","tlshash":"2425199d32c4b06643e331b5503f240fa3372959a80ec558ba26d4daacbd55e623bf3d","first_seen":"2026-06-11T00:02:03.894781Z","last_seen":"2026-06-17T15:50:19.213474Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1127,"receive":1115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/Practical-functions1.c0da3ff.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.746Z","timestamp":1781711382746,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/Practical-functions1.c0da3ff.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-5372\"\r\nexpires: Fri, 17 Jul 2026 15:49:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wi0mLp9BNa7nVA4yCOht4NZXTqr9YAtPkWmaZFlcHwE3YGD4Ge16jsFbvUGPMz%2BQhljsQmSE4BZMrvUIbYHhmCAoMnukPhuf0ztVzMp%2BYp7jrgox6eQl%2Bcpx7f0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 21362\r\ncf-ray: a0d334ae2cb856a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21362,"size_decoded":22130,"mime_type":"image/png","magic":"PNG image data, 177 x 184, 8-bit/color RGBA, non-interlaced","md5":"c0da3ff65a7ac5ad30efe0d4189f6bf7","sha1":"da0a6e5f35d7817c72fec31be4b42e650b220251","sha256":"7d1b05513ade90fb51b327e04ff5ed8d89512fd28061a445335521f7a2583937","sha512":"ca8ac12cad7e72353af544409e5a3288b2096839604e066f7665e93ada571ea9174519371c2cd55985d6df7f1442df822b409c122a39abb37d0b3acb458234e1","ssdeep":"384:MorgqrZ+NnAk5gUgAnd2vci1EfJoBGYsiPEkrCZxTB5ITXfnmRT:M1q1oAk5pgAQUqEfE/siPvIx95ITvmRT","tlshash":"97a2e101fd855a30ca98aee7128b6887e63dda81adc4129360d6fdbff254c3d274db40","first_seen":"2025-10-08T18:47:54.205989Z","last_seen":"2026-06-17T16:37:09.016877Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/bch.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.090Z","timestamp":1781711384090,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/bch.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 16801\r\nlast-modified: Thu, 23 May 2024 14:06:05 GMT\r\netag: \"664f4d4d-41a1\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16801,"size_decoded":17144,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"2bd4379737af182cf6b374660ad7109b","sha1":"a0b1196695abbf8f226436f418d59d5e063f21bc","sha256":"f1af00d76c161758b8516a1744561a53d56cf64f531e069daee8707a483e995e","sha512":"358bd403fd26907aed06b9e3eb3f0b0d830e0302559d321ad3f5561b7316d14c47fff6ecef97708e69a397c6aa3bf966e7ef399327b19fe8d3f38b899340dd62","ssdeep":"384:5mnidTfSuu0nTbEaiXIpCg5uxNRiv5jq2a9NLTt7aeXgbA:g+usUa+Tg2iv5DSZ7xQ0","tlshash":"ee72d1c99f085c93730aaa4465b5f51337363fa9c99249e638f3142abff05b0442abc2","first_seen":"2025-10-08T18:47:54.181689Z","last_seen":"2026-06-17T15:50:19.214683Z","times_seen":34,"resource_available":false,"data":null}},"time_used":713,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getGG?lang=en\u0026rtoken=ifj6aSH6afPFkf3","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.761Z","timestamp":1781711382761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getGG?lang=en\u0026rtoken=ifj6aSH6afPFkf3 HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76,"size_decoded":428,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7d43881d02829cc21cfaf05bf623af22","sha1":"02a81cb73813471c785dde716ceaabe284224f3e","sha256":"0585e212f5ab7c2fb6453a23feb261aeebd037acd19f2d4f1f8b961246fc2f99","sha512":"de96bb6c4d7cd13f0b56f8637cdc6a2feb16a5d74c30e2cf20727c967c7daf54e7a9f3cf1673759a0d0faf7ee201e3197de609e35db11039937c083d82eb2aff","ssdeep":"","tlshash":"dfa0120129041d040b056017580978c0115c10a688001590c8851e2cc3130601642030","first_seen":"2026-06-17T15:50:19.215317Z","last_seen":"2026-06-17T15:50:19.215317Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2050,"timings":{"blocked":-1,"dns":0,"connect":252,"send":0,"wait":273,"receive":0,"ssl":1524},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/ltc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.091Z","timestamp":1781711384091,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/ltc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 3000\r\nlast-modified: Thu, 30 Jun 2022 09:13:08 GMT\r\netag: \"62bd6924-bb8\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3000,"size_decoded":3341,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"d2aac3e0950db13ab4de39f9b3fb3250","sha1":"7874f43168bd616b0dfc1b1dc0f80690325a6504","sha256":"8763ad8af5caefedb4b1a20bb07625cc896c037cb9b0ccf735b9f29f4b51710c","sha512":"22f9c75684a6635b92cb83e637494c0b6f0b47c22c062596b42186e8aa063bc2b2461b3ded4b4b85387ff25e8dd53e900c757ecd289182e30be2e20389b38a2b","ssdeep":"","tlshash":"be512bc2f3ee59bbdfa08d01990d4737e22894a320915ce716355e3d1a12d9dda00ead","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T15:50:19.216652Z","times_seen":94,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":708,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/web3model.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.740Z","timestamp":1781711379740,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/web3model.min.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-69042\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=corKYpXSTgDmyX6G0%2Fy%2FDZ927T5%2F1ovccTmSe001O08NFW3G9wQUf0EH3pc%2BLxcuPCAOTcr3J6C0rxdxEpZJ6JnaisjfrxuCpwvBNmVclb7N55eTxhuzDBIcHb0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6bdd56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":430146,"size_decoded":218041,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44112), with CRLF line terminators","md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"resource_available":true,"data":null}},"time_used":1868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1075,"receive":793,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/manifest.d75d13c50ca7633588cd.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.752Z","timestamp":1781711379752,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/manifest.d75d13c50ca7633588cd.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-c2f\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hGiTsY74ddShlsIEVIiX4Ha58Pf0ovURc4rlvbeZcOKPCclC%2B%2B8yKOJHcF6aR2NXYXUbVgrS4IuZpnxKJY%2Fdky18uCbqxL6NmvYWlincXTc%2BAyDMZXLrBbb%2FwEM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b7be356a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3119,"size_decoded":2669,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3061)","md5":"b42ec6b041111b0885f237891e79de83","sha1":"d7a17483253efd0415a530d5200da3eb492b4d4f","sha256":"2a018e563c5e316c7b5375d0b0189d7a71171944e65d009e705d585cf3f88891","sha512":"06d9e8d57fb1a73ecb5c24ecaa1ad91a1b6e54e152bf540bba02c95f207d50bd1a4e042558cace35015e3eb7d42642843e13952f0cbe71cc1f9b0aaa56d9f7ad","ssdeep":"","tlshash":"c451d89e7a7df9d667b10c94123bb6a9b13c3e205d2cdc50e3cde6a83825c5093126a7","first_seen":"2026-06-11T00:02:03.915568Z","last_seen":"2026-06-17T15:50:19.217945Z","times_seen":5,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/logo/favicon.ico","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.595Z","timestamp":1781711382595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/logo/favicon.ico HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zUTSz7ltDh5e3B8SAiqEB6BbTsSjfkhFWEvhr%2BRwo6svtUn%2Fpy6LbLJ7mMHIHwCUm%2FLIx5URFeHTV2T2fABzmpVGxe0W6Mb5qfQWX9SdqTV7trXqjgzHaFZ%2BTVA%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6982713a-26c\"\r\ncf-ray: a0d334ad3ca856a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":620,"size_decoded":1343,"mime_type":"image/x-icon","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"e71901f4a1906296ef6d5a12656798f5","sha1":"2e92cbfa78fbe82cc6e57228509e8c5757377f39","sha256":"d5ac55aba77970de1708346460bf6c9f295d2da45ce7ed58897ba2b2d06e9330","sha512":"7560549f1707fbf0fffcf46b3c1ef3909c53f7f4a1ce59828dc31fab47b63ba9d7bc569912b1091a638fb65f126eee9461c4db319ba4ff0b512c0b2a866a417a","ssdeep":"","tlshash":"1af002faa290dd41826587643081e525e9a2f123af9323fcba09499626799c1f25092e","first_seen":"2026-06-11T00:02:03.989472Z","last_seen":"2026-06-17T15:50:19.218923Z","times_seen":5,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":792,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getQrcode?lang=en\u0026rtoken=pVNqoTGcdUXE3LL","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.762Z","timestamp":1781711382762,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getQrcode?lang=en\u0026rtoken=pVNqoTGcdUXE3LL HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":290,"size_decoded":642,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"99c928db13d223dd13a7a8ec80a37b26","sha1":"f43f8844c9aef30a8b7740cd6d332456402c477d","sha256":"1f96378c629246fcdfeca37df60a7d53f899c3c955bb447d3f79aa01eb0784e0","sha512":"f1d7394bcf4dbf3b731b0ed53f359b5f838ed7fbdab59dac430a4c78925e0914393b57500c6f68fd1ddddf986539966f1a7a31b3ebd8f61b898f0278727ad0f9","ssdeep":"","tlshash":"ebd0c2b32e948c0406b220d1261f39de991e9193dd41307dcf840be884225332017eb2","first_seen":"2026-06-17T15:50:19.219536Z","last_seen":"2026-06-17T15:50:19.219536Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2084,"timings":{"blocked":-1,"dns":0,"connect":258,"send":0,"wait":275,"receive":0,"ssl":1551},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/swiper.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.743Z","timestamp":1781711379743,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/swiper.min.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-1df7c\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bf3ff5plLlvBbIe%2B16bBHlMA%2BAKM2No%2FJsDkFNiFoW43HQ9CdOi9ugBYcR3kywqdRiNPhWJwE0p534FNij8gLRcHXaF7i7wp7JLxkqE2vsahc7U0%2FbYyXtK7qTI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6bde56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":122748,"size_decoded":37414,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65264), with CRLF line terminators","md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"resource_available":true,"data":null}},"time_used":1080,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/swiper.min.css","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.747Z","timestamp":1781711379747,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/swiper.min.css HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-4d4a\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uA%2F%2BbEKSg%2Bp9hqtEFnD3VBgwpQYAakBumyHqSxg%2FOdEb3Kq14yaa1aVK8xAwUrz5EE3YIBS7V1gws5OfBk%2FDm934wI6M8I9SyUJgztYDiyYq3uCiIquiKxojCR4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6be056a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19786,"size_decoded":4266,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512), with CRLF line terminators","md5":"94160d512c97c05e7c4aeeadd30f23c0","sha1":"04261a673b7e5100f78742455b8b7eb48ae11566","sha256":"783bfe0f2494079631972de7df124e1341f235b0b37d51d3c488356c1fca06f8","sha512":"121df9bdbaa00deaada17df94f56fbe36ddce44494022760f21ce7e59dc589d62c296ca5b661d642a6ca0155081ee35c18a45c53f982b5d98df4cf3e76aff1cf","ssdeep":"192:PphaNv/lSSyJWCh8zfi5o/mXDN3eBxwdJ5R:PHa1/lS0Cifi5o/mXOGJ5R","tlshash":"b392622c17003057e2334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-17T17:48:16Z","last_seen":"2026-06-17T17:08:22.08553Z","times_seen":84,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/uni.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.073Z","timestamp":1781711384073,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/uni.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 7130\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-1bda\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7130,"size_decoded":7472,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"31f17f13b53757a892502af9179f6bc2","sha1":"1db9427d6720bafe36824262466d2f75c55b637d","sha256":"2e8697588da2d88c23823b1c61813280ff82d59481019553719946e2b7260269","sha512":"b591743bd756e6019aff32d5e817948a6dc5544818b83df383f4a1cec447ae9b864ba86b61401a4f76c1ec907c1211e7f75ca1a45a2d49220a6bc75d4fb2f07a","ssdeep":"192:pDOYGPzaIfpNIreNg5HRBC9ocE/jPJJcc6pM644Y:2eo/uHbFRD6SMY","tlshash":"0ce19df0f63b540d4adc9e270ce424c11ae31559750334bfed8f099ee39340a0a94ad5","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.003264Z","times_seen":60,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xrp.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.088Z","timestamp":1781711384088,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xrp.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 10658\r\nlast-modified: Thu, 19 Jan 2023 04:54:57 GMT\r\netag: \"63c8cd21-29a2\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10658,"size_decoded":11001,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9570d96dea0a3383407c5269d859c7cf","sha1":"3c7077c3e8f2f13ebae17adb28013c4e79e36f0c","sha256":"fe8fdfff3112480f8b11dbe6c6d23fef3066d94bf92622dba2fed45fe3999006","sha512":"4bfa5a222d8ae0a74e02f86b3fdd7a0919a92d563b8a65da88ce1ca7ad47cd180c4a1103e6a361c124281000b42b91353b72d4f834c8df04c3e827ef398182b0","ssdeep":"192:Lkkn8Hh8N/uvVnGTzQT6yYh8uBfWQidYLS7nRC3Qvv2O3eJIP8aK:7n8B8N/uvVGPRyXu9PidYL+RE+3GIo","tlshash":"99229017d9095ce8af08fc89d574aa5beb3b54c0c841740e1855549ffaf04f595cc4d7","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T15:50:19.22262Z","times_seen":49,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":711,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/country.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.745Z","timestamp":1781711379745,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/country.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-ace1\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yWnQhIBGgubtjRU1UnDYOS%2BM88SnOH2xMBCtXxW%2BRkSrBRl4LCIWByiFQ06dda%2F7edQx99QGtKD1BqKmeUhqH%2F79X39Fkr%2BBGqUKHdAS7J7k4icU5zzpg9TBljg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6bdf56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44257,"size_decoded":12396,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"resource_available":true,"data":null}},"time_used":1096,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1095,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/logo/home_logo.png?v=6","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.732Z","timestamp":1781711382732,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/logo/home_logo.png?v=6 HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-711\"\r\nexpires: Wed, 15 Jul 2026 12:33:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 184601\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RM3aR1dpdmnesPkFZF4umAGUQ45Pfbymva7KHM0NrUIm2Dl0JKDerNDtYLjgfdeo9EV61vssku%2BrhvZBxiy6KaXigtbB0Aa635tOTfC664SFq0gRGLMJc8WS3IM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1809\r\ncf-ray: a0d334ae1cb456a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1809,"size_decoded":2583,"mime_type":"image/png","magic":"PNG image data, 195 x 60, 8-bit/color RGBA, non-interlaced","md5":"dcbc988a93c8443746d1f0db30921272","sha1":"774bf235bfe3ac5deafb1cfc2a9f519631b03e4a","sha256":"57d5eee9c9f90c296da216b70e84fd0eb695e3dfd25b5c287eb2b5bd0051ceb4","sha512":"a913fd56525de3bb55afc511e1011e71dada908f6d77a41349fe4788089568d56b129526b8e5ecb8fd618167c5ca05162ead6f0ccc75d4d9ff7bd9a88803afa9","ssdeep":"","tlshash":"ca31098d0fc1fe219251bde7abc4e613caa79983513f16dc3509c016d313c50d740b45","first_seen":"2026-06-11T00:02:03.997011Z","last_seen":"2026-06-17T15:50:19.223938Z","times_seen":5,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getLogo?lang=en\u0026rtoken=WufFKDp3ACZwAW\u0026key=web_footer_logo","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.757Z","timestamp":1781711382757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getLogo?lang=en\u0026rtoken=WufFKDp3ACZwAW\u0026key=web_footer_logo HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130,"size_decoded":482,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b7ff09b15e74e6af8d96a53d1d25e0bd","sha1":"192bdcf615181bd207aa2130ad4987ade7ed7a77","sha256":"662d236116b0c3b3565f84d2c8b6d6b22af0af24293777bae76dfec29a2bdd55","sha512":"fa1154f597e042a3c56527712316e8d71e10c5b1680c8f93f9714893b1d1fa7d95fdad9f2ce607cde52b38ad8e1e509d59ae9c82815d1985f35e8a5e8ca35292","ssdeep":"","tlshash":"04c02b733b804c04070251d2194f34c8410d11d3cc012560cc8c9cdcc2130302307531","first_seen":"2026-06-17T15:50:19.224612Z","last_seen":"2026-06-17T15:50:19.224612Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2072,"timings":{"blocked":-1,"dns":4,"connect":256,"send":0,"wait":273,"receive":0,"ssl":1538},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/aave.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.066Z","timestamp":1781711384066,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/aave.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 7463\r\nlast-modified: Thu, 30 Jun 2022 09:13:01 GMT\r\netag: \"62bd691d-1d27\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7463,"size_decoded":7805,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"5cdd0aee69e8122fd5c09e5cdcd98624","sha1":"68ebafd85948ed3aaac87fb683aa655fdfaff4d3","sha256":"9ef23fac5df6aa17c2df63f9a9bd75116a079378ff33e407f6c17ff044738c23","sha512":"125f42ad5b32cafa0859d96226838798c7c5ed8fbb193bf0a698132415220ecbadca205521d858abbf31c56efa7e9681fe9b0ddefbb57021090ca32213f0dc06","ssdeep":"192:UP03OA6fWgKMO01wvKfgHwK+41cWvoRtjNPxrwo9hoWlA:80+A6f1NqvB31Ct1xrxhTW","tlshash":"27f19edd4fb240cefcbfe649c87720e67a04d211b78afa408bae7c96a990405c1a1d31","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.024304Z","times_seen":51,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/bsv.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.081Z","timestamp":1781711384081,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/bsv.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 5498\r\nlast-modified: Thu, 18 Apr 2024 13:56:43 GMT\r\netag: \"6621269b-157a\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5498,"size_decoded":5840,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0d59d213ad783528adfeb1d20e1adf93","sha1":"f8ac8bd0de83dfb109ddd7f471a4d2fc9810d5ac","sha256":"1166a5cd4f51593c9a5e08f29c6a4619645c92c96b49f42cad35335a21dd9793","sha512":"de7bbd0436b058559aeed7cc050029542db5a2d68802cb6f2d77bbf3c09e28a74353b5c080cd85d73bec9b918b3f0530afa51aba1ac12c95bb73f514caf77988","ssdeep":"96:VIrZQ20cPRHXflxra2KpD8DGvHiJa5Lkj/vqz9yP4hukLmj318f/O26GR59jgCWP:ZLSDra2AD8SvHPC3qIGuN3P2zHNa1ck","tlshash":"12b16ce76744e198af7f448723a9c6cc640ac536c8b5a169d17640d8feee244c84798b","first_seen":"2025-10-08T18:47:54.17931Z","last_seen":"2026-06-17T15:50:19.226761Z","times_seen":36,"resource_available":false,"data":null}},"time_used":718,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":717,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/etc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.086Z","timestamp":1781711384086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/etc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 4097\r\nlast-modified: Thu, 30 Jun 2022 09:13:05 GMT\r\netag: \"62bd6921-1001\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4097,"size_decoded":4439,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"25142b79a3de886616c73a68e453d984","sha1":"43299b672ed710ce0a0e1b9ccd2d552b5accb15e","sha256":"b5b056cda87836b811627fb320e1cdcbf98edbfc30c68a4a20013c0c37b43bbe","sha512":"62b866a53db06bf11581d30f68d6bf1f40881d03f8470052612978c595b96d194195fd4aa55600af07d3f6a380f413125c7a94446f253d24647e6a944a70db41","ssdeep":"96:iP9Sli9htPIcpQU+lU8L4qna1u7LvpSBafIn:iP9CitNpWS8xa1ufvpY","tlshash":"ac818fc3c812c295104682f94e8dd0b831d04e5f5b05fc67369d6dbd542ca07eda5ace","first_seen":"2023-05-28T01:03:43Z","last_seen":"2026-06-17T15:50:19.227439Z","times_seen":81,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":713,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/credit.css","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.748Z","timestamp":1781711379748,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/credit.css HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-486\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2FmIORL61oSMQCUKRazG865mewbtatKhuG9ogvh3M3mSuhX8mmUPVcgGAx%2BAdOg3XsYAO86Qv0cHy3Aw%2B%2By1fQVsn9WsDXGQkpCg3duT2uo1MgL90Y9VpV1%2Fse4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6be156a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1158,"size_decoded":1335,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"5a7fa046f781d26b95e54a677a8fb4b4","sha1":"1757d1022877d02cfcf9942d46ed6201878c6c73","sha256":"76d1d8567e8eb407f259585548ff5c0b3c3b9cf14cc6701f359b2d812493cd1b","sha512":"4b481baf5a408f3f70eec7f360412075b2a95363daf63ad1004ee29f671b6d3445cf71534e7f65c9de541253469d41c4ce9c4227b1902cd77baf31068845b116","ssdeep":"","tlshash":"0e21d02eba0e284adbe93ed23efc2a64de7e00ea15b342d0f298c154e1d2c1913745d5","first_seen":"2025-08-04T10:45:31.520242Z","last_seen":"2026-06-17T17:08:22.007444Z","times_seen":70,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":841,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/app.c5e43283136f9036e96f.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.755Z","timestamp":1781711379755,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/app.c5e43283136f9036e96f.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-9a0da\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z2UF3Cdjc5B0h5UVIA6vyEwkmO7EtwWze6vx2UqK7NYD95GeZ30Uux9C5uGjA2HNQxJZWgSuOw2etEUkI53r0ygGoFstbNZFLXz6HEDfu6xAaJkExa5E1v3TOe0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b7be556a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":631002,"size_decoded":234306,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65130), with no line terminators","md5":"e4f8f34aaed53a2602f9785d44bacc3e","sha1":"28e78ae9fd576091f61e5e5f2476887378ecc24c","sha256":"b552b7ca732193d4242146efea4d57aa57706e817aa5c456130b59597168bb60","sha512":"a360a391ac603e7bd190c84b16bfe77a698b033c21b9a02588e9202a23744ba6526fd6b78dee01385b4f4d03300d9d1bfe24fb0c274b7a7b838aebbbeca55a95","ssdeep":"12288:JNrGrZCSofYWWoRh+NDJReynMlRPGNpiEj7ay0fDxEMo3wD6UcV9FY0ZconS//CH:JwrIYWy6imO","tlshash":"33d46d7b11ce59a819428a06728b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","first_seen":"2026-06-11T00:02:03.977372Z","last_seen":"2026-06-17T15:50:19.228729Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1098,"receive":804,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/bannerImg.c079820a.07144ed.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.740Z","timestamp":1781711382740,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/bannerImg.c079820a.07144ed.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4d877\"\r\nexpires: Wed, 15 Jul 2026 12:33:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 184601\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FHjersjAahw3qnw8yi8dcO3nU9aibsvsE8CvRDDyXJgYAD1tfvQpnHy5ZXn%2FxU58QPspk%2FW1i6AVBNJ47ZVkayvib1ieXdDAnFNkoIfX9ddpyJ2TmbCl0clNERw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 317559\r\ncf-ray: a0d334ae2cb656a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":317559,"size_decoded":318341,"mime_type":"image/png","magic":"PNG image data, 834 x 586, 8-bit/color RGBA, non-interlaced","md5":"07144edaf476d4176c919cb1df1a9534","sha1":"72ea3e390cc0593204216f66a6f7c858da227915","sha256":"2a7f3a484b3fccdb68d6a4d9b224b546cdde59a3f8b3ab1ed7b89493aa608938","sha512":"9fe670a1bd4636331bd1af1df101f1260e7f0b0c4c2028acd1b4589888ca89bc878739d334c403ffe44e36311444684f6fea7d4f02cf77115097924c38b8ac45","ssdeep":"6144:0EvVt+4HNRXtg57dlhNUfOX2/Ybc6ux6HwEjlPmmWnLn8sCheG:3tjNRdg5RloAZux6/c7/geG","tlshash":"1864230d26ec8f837c451be77ebf103634b585248b54ed97cca259af9a92c630e46077","first_seen":"2025-10-08T18:47:54.169022Z","last_seen":"2026-06-17T16:37:08.997779Z","times_seen":20,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:49:37.736Z","timestamp":1781711377736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:38 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f90aAVIbmQJtEJj1rDU0UO%2B52zDsQthPtUgAB5rTlBDlk2wo36O6qXRUeGT8oUUcOQIxw%2FmZERFZzl02Sw%2Bny3AO%2BjhLeiUJx2bJ4yNwvlP%2BO7SrxTZkgrXn3LM%3D\"}]}\r\nlast-modified: Mon, 15 Sep 2025 09:03:32 GMT\r\npriority: u=0,i\r\nstrict-transport-security: max-age=31536000\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0d3348f3b2256a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T11:29:50.742489Z","times_seen":16634939,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/picture_new@2x.77abe9c.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.747Z","timestamp":1781711382747,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/picture_new@2x.77abe9c.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4dd5\"\r\nexpires: Wed, 15 Jul 2026 12:33:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 184600\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I5NKw1dJpnlWSWgqTCLkLbus2ACcO%2FFbx5300iBDSxkqx2hSbFMkeV%2B%2FqpnjYHSDKzT99LpEkWqZlWyGnOnGxWCxmZRSjLW2cc%2BKtDvp775bioR5ONaaW85XN84%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 19925\r\ncf-ray: a0d334ae2cb956a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19925,"size_decoded":20707,"mime_type":"image/png","magic":"PNG image data, 166 x 176, 8-bit/color RGBA, non-interlaced","md5":"77abe9c18fddc20fcf6b1dfec28d92fc","sha1":"3207c6cae0b76124e35315d86e7359f6fdc33513","sha256":"e00b07d174ab09ac6deedef61d9ba604835e019eb616d17e1dac0d145cad3b24","sha512":"8e7ffbf1a17adccdda10ba0b18a9788958d8083927c4942815d41aac2307b367ac0b1701046b16a2a091b1cdf70ff7692203a7d13b58707cd034d2bf46975153","ssdeep":"384:sVtmceKyi6ZkSuiApsAXIkCt6iVqv7c/GoYU8Iqj5c2Pqb7/+SqfW3Y2eUb:MQce/iwDApsAsBVH/GoY7/qbT9LoS","tlshash":"4192d079b4d0b8e7b1cd9dc560ff800279af36622968daf1ae907217a9605dfca44422","first_seen":"2025-10-08T18:47:54.15141Z","last_seen":"2026-06-17T15:50:19.230371Z","times_seen":9,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/btc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.060Z","timestamp":1781711384060,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/btc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 4460\r\nlast-modified: Thu, 30 Jun 2022 09:13:03 GMT\r\netag: \"62bd691f-116c\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4460,"size_decoded":4802,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"9eb539141888680fff6af0fd28192cb6","sha1":"acb0616e046a9245bbbe5a103a7084aa84690143","sha256":"e1a52196ce78bb48c596194be187394057e3f8db03b2a314efbd358a9b1c0a46","sha512":"9a21f75879b30c9fb0adb138215d50e88cea6bad1fc7742ed866d21115330bed45a1a5d871e0918ab7c623f1cc309deb269bcb92cd4ead546dfad2bc509737db","ssdeep":"96:Wefn1ttzgLb0WBkw0JgfAsWEqgHcG5iU27QGmWCFCL:J1tZISnef4g8G5iU2N+s","tlshash":"bd911961ef9551fbabaa5a0e13fd0093e571ac7e5284da1528c7717f825afe10cf8d00","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-21T09:02:41.797009Z","times_seen":81,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xmr.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.084Z","timestamp":1781711384084,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xmr.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 3356\r\nlast-modified: Thu, 30 Jun 2022 09:13:12 GMT\r\netag: \"62bd6928-d1c\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3356,"size_decoded":3697,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"1a427fee0bd67c531b69fd143c56405a","sha1":"a3985aba306276b834887763bdcbd291f123270c","sha256":"c60054e81964269ce55dbfc325e99e3d4d491952bb516e3f68097ba475cf65ba","sha512":"40106610c0056285dfe7a02b810b456e19d1f96049874853b3fe76572f02fd9a477d764eb08270309f7f05d47d7049322cb9a6e753af492bb53a5b1f6efa1658","ssdeep":"","tlshash":"18615ce3dd6f1d7637369351b717b80288603df1ad5e733d5515181225120bbce553a8","first_seen":"2023-05-26T11:52:40Z","last_seen":"2026-06-17T15:50:19.231585Z","times_seen":50,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":715,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getBanner?lang=en\u0026rtoken=C15E9v3CmWYWED","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.760Z","timestamp":1781711382760,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getBanner?lang=en\u0026rtoken=C15E9v3CmWYWED HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":457,"size_decoded":809,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4bfb221ca41f60783bfd19255be4a352","sha1":"4293881eab32bb3da9bc379326cc36f556fd6cfa","sha256":"7576461cbd94f0716ec7b13f9da67f831ba02fcd7966f1a7b98a21a8897885d2","sha512":"020f26c67bbb175292efd2c93fda7dd17328e336d18bb77a1901c979c0bb51740976e896eddf14386604abcee768a5f7d8ce667c7268ede4b5e06559dbdf0fd0","ssdeep":"","tlshash":"02f0e2271d6c6827b7c842ca04173068699e600bdd84519ac0ce8c5d40adbf0134b2da","first_seen":"2026-06-17T15:50:19.232886Z","last_seen":"2026-06-17T15:50:19.232886Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2045,"timings":{"blocked":-1,"dns":1,"connect":249,"send":0,"wait":296,"receive":0,"ssl":1498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/1.012b03e3947f718952da.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.380Z","timestamp":1781711382380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/1.012b03e3947f718952da.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-bcc2\"\r\nexpires: Thu, 18 Jun 2026 03:49:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o7gJc7Y98JzbwWDx5As1E67nkSiJI1HKvXDgWCL9m%2BsFlu3ArBEKhQcrMbm3LrT3eeRO75IdHw1vjbLgsonKLyZvceFACU478eg4NeZsFHvLP8EWNChFOuZGz78%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d334abeca156a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48322,"size_decoded":23230,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48257)","md5":"e2c92d8e1bac9260d73d302db8c573c5","sha1":"84dcc650dc2a80fe0c6b711171c07aed4b1ff2e2","sha256":"a1d631705343a0def512cd15d5558da41f08e5666cb1d697ae012f892c0d804b","sha512":"44f164ea73cbdd335b130f953908114bb043cfa37bfca8179afee2751017aa95168ee54b96e86b527854f2f7c4d816514b4965739f9cf632825ba6d201aac504","ssdeep":"768:v1g4pOx27O8/L3bYeRyHYL1LjE1VlQRL14ti/gWRLMssvi/grDYKJod/:vS4pOx268D3V4H01nE1UOti/gXi/g3Y5","tlshash":"b9233a0ab487b66dcc3a4060962f2139b07a1fe8901ad1d3f63cd9949ae5d39171fb7c","first_seen":"2026-05-06T11:01:26.044307Z","last_seen":"2026-06-17T15:50:19.234713Z","times_seen":7,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.730Z","timestamp":1781711379730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/tradeview/charting_library/charting_library.min.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-296f\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c9s6o9L7QSjugiZPVCblKlzpE%2B0VuQy7Pz4hA37OHELpo5Ei4CaWlLZAS7qd1FKJRyOBCyb5Bs5IMhtG1TMS9yU7wg5wh6K3JjJ0TL5AXWpAtbxG97i1fHchWTM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b5bd856a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10607,"size_decoded":4165,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10605), with CRLF line terminators","md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/jquery-3.4.1.min.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.737Z","timestamp":1781711379737,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-15851\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f7fL6f2P3ZRvWIev0xH81lsZa2szlV%2BDxNZ1oqIRfNhvM9qLgDvSmy85J5Wfiu3DQ8UWZWSFTyZGZqCZydrVFFwm2ZXgoPfpsjw826EcJC%2FtFJ%2FRPsj5PhnxUcc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b5bdb56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88145,"size_decoded":35276,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-22T09:01:29.894379Z","times_seen":7145,"resource_available":true,"data":null}},"time_used":1145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/bg3.0733f40b.031e605.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.724Z","timestamp":1781711382724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40b.031e605.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-2fa73\"\r\nexpires: Fri, 17 Jul 2026 15:49:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aQHRLyvCerTasomNeUhE4G5njiybn0fpJTMGX6Y5XedINlvgzKQPXcXvGyOo9ldsvhrxauAraUNl7rBZrWRCONwi%2BiJ%2FTGxmGd8PJxOvVhCeWtv0klDVROR4%2FII%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 195187\r\ncf-ray: a0d334ae0cb356a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":195187,"size_decoded":195957,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=861, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x861, components 3","md5":"031e605788311a288e4b78483092c05c","sha1":"c6fbb5beb0150a25be47654d9fa8b1fa9d7a431b","sha256":"8d4a6bf0b19742c7c79386bb6966c65248b5bae1a6ae9021bb7adbd80f0c0529","sha512":"951f0bc0cbedfb1610245b86aa764971a35f8cc7d103c880c0c5623b5849368028f7d93f9fb8abcf5533e5f789cfd32d73a8a2eba2f4885e069d61fa0e43ab7d","ssdeep":"3072:VSGExoSGDzM1+9tglqgEsW2nIIxjSWwavbX/nAdz8hh0aG8mC6AHEpp5cVpK+GTv:kGMGDU+9mfTnIIZSbaDvAdSXRyX5c2+4","tlshash":"3714127797c2ce60e6a4493c71d284873c0eebd8691700c97defa747bf586a0b978056","first_seen":"2026-05-06T11:01:26.041568Z","last_seen":"2026-06-17T15:50:19.237079Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1838,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1058,"receive":780,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/iconfont/iconfont.css","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.728Z","timestamp":1781711379728,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/iconfont/iconfont.css HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-acb\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BjYHgn32cI0mA3aszOYacZcJWtemya91KKlYR1FpAuVrN%2BgygQkDSAtScZciC55tVdL8j%2FLLZY8W9HOKLGNMNRRXz7dsketNnabnxLoLeW4ESQfa0t44e0fazQA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b4bd756a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2763,"size_decoded":2649,"mime_type":"text/css","magic":"ASCII text, with very long lines (1881), with CRLF line terminators","md5":"33d9b388cc148e6dddd6a6a4a14c12d3","sha1":"913f02bd13b862ac68800eadaf1a484c3b20aaa4","sha256":"ae4df143a2ee5a22c936892413a619a5afb57d04f5dbac72c60e23994c804937","sha512":"ce1b4187dc69531155ec5db9fd5a2451d967cccd8b42367dd8b7f48f467c247a4317af37377dcfaf2da00a4800fc8c0c274ee2dc82f0796795aef6a802eefc91","ssdeep":"","tlshash":"ca51f8ba584d30804bb16c7073e739249e5418bf9f5a28c2b52a246d45f7e20e2d2bdc","first_seen":"2026-03-06T10:13:01.542912Z","last_seen":"2026-06-17T17:08:22.017048Z","times_seen":46,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/img/bg3.0733f40a.673c0c7.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.745Z","timestamp":1781711382745,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40a.673c0c7.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-3e4c7\"\r\nexpires: Fri, 17 Jul 2026 15:49:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o18n1QNmKuXxMwVvl3Eoo0CNBlJAY7%2Fmv7YHidsjqADlGFYWH%2FG5vtCa%2BZGGCENJQbYFo%2Bl1EKpoP2aBYvY3sKH%2BffOEZfo92hmr%2BdCXB6HRfMGE%2FuUEfMQmSXw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 255175\r\ncf-ray: a0d334ae2cb756a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":255175,"size_decoded":255953,"mime_type":"image/png","magic":"PNG image data, 1050 x 542, 8-bit/color RGBA, non-interlaced","md5":"673c0c7d619cc45086259e7c45dcd16c","sha1":"b528dca9d7da4977a998dbc09bd2e7909777958a","sha256":"750a12745f329aa57268972132c7bafc5dce261fdc014b94b64e3b550c45f217","sha512":"988a4c9ca2236c1477c5809a708a94f08d04b0d60f33c5ebec643b12d063d1b31c37d8412d813ca894a51da6a429c41a78534d0470d5b64430e51132edb6af3b","ssdeep":"6144:1XjXnBvr3hulxAUOtRDRxzC22Uz5VKJRTPsXT3:pjxjMLOtRX+oT3","tlshash":"23442282faa9b13e68e7bc020419dbc9498199dd68447fa72c60d31cf853e1d0d7be47","first_seen":"2025-10-08T18:47:54.130405Z","last_seen":"2026-06-17T16:37:08.991626Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":1094,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getParam?lang=en\u0026rtoken=PC4UAjWzZhgPFOM","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.759Z","timestamp":1781711382759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=PC4UAjWzZhgPFOM HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ee53c0ddea11d09c8fc04a90e00b26c3","sha1":"0a32f7c66631b4e7e3b22a34e574e0ad7894adb3","sha256":"514e4f1741427aacf46f77788285285fd975a9298856a5be52deb0722ec11e4f","sha512":"e414ecb5ba32ea179c8e557cc6f3accc61bdcec4d7bc1b3bd0ad034ce96187197cf5f9089c584a9c0336b4b00f9aeac06d5478e4d8b70a598ab3fd8017f10137","ssdeep":"","tlshash":"1521024d31e80c7fd7c38549ad8b1255bbe969eb24ae0cc546acddb438ca8d3840a963","first_seen":"2026-06-17T15:50:19.238984Z","last_seen":"2026-06-17T15:50:19.238984Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2046,"timings":{"blocked":-1,"dns":2,"connect":251,"send":0,"wait":285,"receive":0,"ssl":1508},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/fonts/element-icons.535877f.woff","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.778Z","timestamp":1781711382778,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/fonts/element-icons.535877f.woff HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: font/woff\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-6e28\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bzcGgKvmCzrLemKxhfd84XCIwX7Ovxj1KD1iBjEg8D71s%2BwGXqKMnDjRNi8hrvRTVlU6TeEopyIwEVvdbMpVXw%2BUfzTf9ThcVImxiav6EomQF84AfZa2isoAWzs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 28200\r\ncf-ray: a0d334ae5cbb56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28200,"size_decoded":28927,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-22T10:26:33.849622Z","times_seen":26328,"resource_available":false,"data":null}},"time_used":1059,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/sol.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.069Z","timestamp":1781711384069,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/sol.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 15133\r\nlast-modified: Sat, 11 May 2024 09:15:11 GMT\r\netag: \"663f371f-3b1d\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15133,"size_decoded":15476,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"367f1436ee9b3610228944bd3fff5688","sha1":"53a3635989c5d1ef5f3e5c4fbf38c61c9dd9484c","sha256":"bdb5738b9fc51dc6c2fa4abf481cf26c772c1cdaf1db2501f7f8723afd7ef5f6","sha512":"4f189650a7c61be87eea1dac761a5d0065fe7c6f356f4b949ad4b22de9ce77aa09a0bef6a844d7df4c7eeb43ebd72f8a571d42290f52cd3d3785e744ea647b71","ssdeep":"192:WSlJknydbmXHNX8ELXgjuy263TxjpRXs6qaVlbgAg1wB6pDqcwtuWSnQYT+asefE:5InlB3LSo6qelUAg1OVBtuWSndTIeSNl","tlshash":"b062cf6a9c707e4c075479448e7c769ab31b028163d3dc8eecdee00ba8a25b48d9dcc7","first_seen":"2025-10-08T18:47:54.131475Z","last_seen":"2026-06-17T16:37:09.027557Z","times_seen":50,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/eth.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.096Z","timestamp":1781711384096,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/eth.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 3516\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-dbc\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3516,"size_decoded":3857,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"e1bc34d227baeb59b92475d8f7642b9c","sha1":"6f0c77064b9409b0a033281f1fc61479c90944b8","sha256":"44dc496a6f8f3214e47a8ac45adf6b81792de84f5f33f5257a0759865514c8e8","sha512":"f8f0069a89d9c9b957329b574485cbe5103c5af096ea10b1289e909c35de8d5cf14ac8b418366622bda20a887d49658d792772d090179efccd4aecc6c98a45ca","ssdeep":"","tlshash":"24716df2d915033083fab0719b0492dbeb64f74519c4a0698d9c8d2924b9e34b2d22bb","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.007499Z","times_seen":60,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/js/w3model.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.739Z","timestamp":1781711379739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/js/w3model.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-68b0d\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6U%2Byk6Otl39PSTSdU180aunjZti2O3DO%2BWPzrdmU9iH93erFJbK7RE2hzDV%2FSiZ0LfKu68QjAFU9WB5zVnBi2qyPlBZEfKk3WxjUbBYN6g7cy1OKYscVOld5H4I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b6bdc56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":428813,"size_decoded":217365,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (62529), with CRLF line terminators","md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"resource_available":true,"data":null}},"time_used":1871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1079,"receive":792,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/reg_checkcode?lang=en\u0026rtoken=sBvyOVqHss3mr","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.755Z","timestamp":1781711382755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/reg_checkcode?lang=en\u0026rtoken=sBvyOVqHss3mr HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":74,"size_decoded":439,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"6d8cdb6ae446fd3b6842c627dae2a9f3","sha1":"f840365184c67ccb105db95cc0742674504611e5","sha256":"013c8075dd5198b118e390c7f2454c5ede8892e56b998309b24e83dafa646480","sha512":"efce6f351378d2a0a7abf51a9f4ab5435f61cd5eb86b3489cd27a7a6a6d507a623f5ed6c65a6ebf681e85501f17ec63988d7114db063e9f353871f96376fe738","ssdeep":"","tlshash":"8fa0244314dd303345034013cd0d1f014f3c10311d00100cdc4d534457730343131017","first_seen":"2025-10-08T18:47:54.152661Z","last_seen":"2026-06-17T16:37:09.020988Z","times_seen":46,"resource_available":false,"data":null}},"time_used":2051,"timings":{"blocked":-1,"dns":6,"connect":254,"send":0,"wait":259,"receive":0,"ssl":1531},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/fil.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.077Z","timestamp":1781711384077,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/fil.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 4005\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-fa5\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4005,"size_decoded":4346,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"4edc5dafe73f16af2629cfb1fd6cb4d5","sha1":"e5d6aeb9955a18693871b73a83577abdf64e5293","sha256":"586c85d6fd474cab3947b5f3e64c3fc76fb8620111231682106cc9abfdc5339a","sha512":"49d64c4278a861b60b1c0a0341a2e3b96f2988165d5c3a7deb779f8592d4242e8552669cdf9a9d9e9997d2f84f02470b926effcd5437343aee872c172a507e31","ssdeep":"","tlshash":"e4818f877f354c078c6ca096024e2b36d5bfa80264f4c8edbf6160828b5f5058f9d5dd","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99677Z","times_seen":54,"resource_available":false,"data":null}},"time_used":482,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/ada.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.079Z","timestamp":1781711384079,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/ada.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 16287\r\nlast-modified: Thu, 19 Jan 2023 04:54:56 GMT\r\netag: \"63c8cd20-3f9f\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16287,"size_decoded":16630,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ddbd783f7bcbbf07bc974485aabfacbe","sha1":"db97ab8ca9e8938781f7f8f42f7b97b5f2a8efa4","sha256":"963ea06d1c04c2ae26332fcb8b0f1e45f2f3eba148a0b1a77ec66aadba47b55f","sha512":"8bf0121ce9c2b6b3716f12414ba5dca7e2b951e3e8204a1a2a9c737d220a2fd9915385f87a1070c42f3b8d9ebf49e94c349f902bc949f4294d7525460ce67f8a","ssdeep":"384:7nKBaor7iF6iT9pMRYHT/B6uKF1DDCm7PwGnwNAO:7qrGHT9pMwTmDCE4R","tlshash":"7f72d082c4d0df9c77c7f28528cf13aba912468269c6f912bfc4e432be54825f6893c1","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99839Z","times_seen":59,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":237,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/doge.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.094Z","timestamp":1781711384094,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/doge.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 22442\r\nlast-modified: Thu, 23 May 2024 14:06:06 GMT\r\netag: \"664f4d4e-57aa\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22442,"size_decoded":22785,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0c569ef88ad83d698e3ae278f59132fd","sha1":"b82eb090eaf49dd1580af9a66dd224eec7a54d49","sha256":"ffb0c803df2aab477ba5e0d882010316e1fcea34405c8d74bd3d9fdfcc9e1649","sha512":"f2b59960c791b606903a09a59a8a19836a80c83389f335d59ed01df748c95578937ca2665e2fd3411cc0ca00bddb8d0899e12bfab94fada70900939534026258","ssdeep":"384:5mn2pcQ1upNUsOosNpbVoT22ZV+eGzt4HexSk83+n0rNlugJbb5DJB27y:g3Gsv+yT2CQG+bh0bdbb7J","tlshash":"5fa2d155de6199819c9fb40802e93bf67ea6cb400bdf755257f28e01c8323da2d4d85f","first_seen":"2025-10-08T18:47:54.22222Z","last_seen":"2026-06-17T15:50:19.245115Z","times_seen":34,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":706,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.736Z","timestamp":1781711379736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/bundle.js HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-346a\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gGNG9awYNS6ocVoYzV88dYh3IM4%2BVOm4U8z%2BaOYoSb1YJiFd30Qcl9S9HuDnM40pjoYlGahnXgi7ylO3Ed69g85Pn7WqYJ0YSahWo1nhXcK%2FTvFBZgZsBsldb0Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b5bda56a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13418,"size_decoded":5367,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13416), with CRLF line terminators","md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"resource_available":true,"data":null}},"time_used":811,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":811,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.750Z","timestamp":1781711379750,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-83214\"\r\nexpires: Thu, 18 Jun 2026 03:49:40 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B4S8oobCMi6pXA4Bs0avjT3DDm%2F%2FuK9ueaGniVZK8vnGWUARyEYl19In8Lat9N9QDfPyreWifO9mFx735gWVvnBJNQy7jBY5UhebIIe4kOUlteiKZ5gmAGdrFDA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3349b7be256a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":537108,"size_decoded":99768,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"754d69772565e9304389182c50d5c059","sha1":"c8b8d5d9925ad6b424f647a22e62d48804114195","sha256":"f47fd9b97798e25b5e32b82e8f283b28f56401815cbb9dd81d7a9be64730e2d8","sha512":"ddd62a364e6fa842440ea8d62c7c1ab2685925c27867f408c59b7e7ad04a183838449324b2616d4562b47e3e76dfb47cba04ca59868119c5104f87aed823f1ec","ssdeep":"12288:Eva5zXYo4YsK/iyfpwo1OAPkuD336ya5hrCez0eTR:sa5zXYo4YV1fpwo1OAPkuD336ya5hrCW","tlshash":"bbb4d8239717121a613bca64a6d4abc96b14d363d02317fffa433819cfc759a226670f","first_seen":"2026-06-11T00:02:03.868581Z","last_seen":"2026-06-17T15:50:19.246615Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1088,"receive":528,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getParam?lang=en\u0026rtoken=1XJitMJwFDt6","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:42.764Z","timestamp":1781711382764,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=1XJitMJwFDt6 HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://glctp.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"260e7c211b7b7621ccd43b75bc471012","sha1":"851286e8b1e426a04c739042cc70de0a637e703d","sha256":"08388f46007c523446f718f143f1ffd9c971a283c0036e6ca564ba99b0f09da6","sha512":"3574339ce2b80f66960fa5d34e2d6504c08d26441cf2981b46c2ac2a20f2e41e41d2b93348127eba293c61975b6fb4076254f1ab6159ed95f3b5b4cf67c9285f","ssdeep":"","tlshash":"1d21024d31e80c7fd7c38549ad8b1255bbe969eb24ae0cc546acddb438ca8d3840a963","first_seen":"2026-06-17T15:50:19.24721Z","last_seen":"2026-06-17T15:50:19.24721Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1029,"timings":{"blocked":749,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/dot.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.085Z","timestamp":1781711384085,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/dot.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 7934\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-1efe\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7934,"size_decoded":8276,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"74ed062f033581755bd71e7005d22502","sha1":"4c7208a79fa9851a34a749e19835ef0925bdf272","sha256":"1748a91695619836aac60ea1bc9d38a4a6e7909a92d98f36c15651ccb05ebb90","sha512":"303c13483ca5c01fce0b6fa254c4fdb93740844b08ded84ca8a0bb4e5989669b9b8fd0116ab20c57d4c91b0b625b5936b1abef6dbab829031d7cf709aa114a43","ssdeep":"192:WSYkkn9099VHqYV04cZcGTtSN3DNjiuydjwElcU9GQtt:58nSKYV0fODxiZ1aU9JL","tlshash":"8cf1aee3fca9dd123b6ca4866cf542b7626b12248194d64aff4cd807c81e6fda61e481","first_seen":"2025-10-08T18:47:54.120882Z","last_seen":"2026-06-17T15:50:19.248311Z","times_seen":24,"resource_available":false,"data":null}},"time_used":717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":714,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/eos.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:44.093Z","timestamp":1781711384093,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/eos.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:49:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 14068\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-36f4\"\r\nexpires: Fri, 17 Jul 2026 15:49:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14068,"size_decoded":14411,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"da9ba5e4a0300c76b10d5ae5169c5240","sha1":"9979b71310904ba882a05f526bfd81d9ffa8c155","sha256":"cf10f279b4d4d76e376495bc25361df686073d54c0fc35fd12679a8932c99199","sha512":"37645c70e3c862e21a52a3d5f7424a6fb4a70f6112c1d5566b684039d1616942e07ab907e681c08e1982d04b6d0f7af0d9e8ad625e9114c8eff5e03187147c14","ssdeep":"384:5enmj5rmwyZNMTHdD8NIkmEfJ99paN+FZ1YW5NNekk1wA6:MM9mwyZWFLdSGDgNlzA6","tlshash":"dd52cf075e460893ad08bed24dba466f7d76e7ecf402792db47b4d394ca0ae14217346","first_seen":"2025-10-08T18:47:54.191908Z","last_seen":"2026-06-17T15:50:19.248897Z","times_seen":36,"resource_available":false,"data":null}},"time_used":713,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":707,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/favicon.ico","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/","date":"2026-06-17T15:49:38.990Z","timestamp":1781711378990,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T11:29:50.742489Z","times_seen":16634939,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"glctp.vip/pc/static/image/remind.png","fqdn":"glctp.vip","domain":"glctp.vip","tld":"vip"},"ip":{"addr":"104.21.59.232","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://glctp.vip/pc/","date":"2026-06-17T15:49:39.760Z","timestamp":1781711379760,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"glctp.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 20:34:56 GMT","end":"Sun, 19 Jul 2026 21:33:38 GMT"},"fingerprint":{"sha1":"9D:0A:D1:AE:79:8E:43:70:6A:E2:58:4C:90:69:00:48:51:DA:63:41","sha256":"8D:99:64:C5:7C:93:A5:55:F9:7A:2F:65:BA:DA:40:8A:DA:FE:D4:CA:7F:3A:9C:2D:0A:49:13:44:38:9A:14:D1"}}},"request":{"raw":"GET /pc/static/image/remind.png HTTP/1.1\r\nHost: glctp.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://glctp.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:49:40 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4deb7\"\r\nexpires: Fri, 17 Jul 2026 15:49:40 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BILuaYtNOzgvIOCwHDjfA2E%2FrNBWkDao03BZBxtFinA7F%2FMq88HN18KmSyFxehZ1wO7vHIxPGqdS9eWsXtKusa%2B1KWB7mioRIZwYet1o%2FqchMYBNcCopUxEUee8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 319159\r\ncf-ray: a0d3349b8be656a2-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319159,"size_decoded":319933,"mime_type":"image/png","magic":"PNG image data, 2163 x 2283, 8-bit/color RGBA, non-interlaced","md5":"42a3301ec37986141e520b49d598e73b","sha1":"83c6e41ecfc381ef9d39dc5767272ea843e0a679","sha256":"60ddd3846aa5aaa641439a451b27834bdf41fabcf4601ed9c9239908dc5a6339","sha512":"db3eae8a9caf09de6f41e3ab079844691df7372295aabdcda662b6d042e07e707d1e8ad786c42b9eb4d0c8c5b5156039c1fc389df26b0a1230a793fb153d7b38","ssdeep":"6144:UT+B9YsJyUqYWWLq7M6jzqhyWykRcTUEWPaG/4Jb6lHGKYT:SAYCz1ZhyW9RJEKaG/Qb6lG","tlshash":"58642351da3dcc5ac5fb9635043f212ea9b84330b698fad6ca3f75501b42ca76227db0","first_seen":"2023-05-25T13:54:34Z","last_seen":"2026-06-17T17:08:22.06114Z","times_seen":90,"resource_available":false,"data":null}},"time_used":1926,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1108,"receive":818,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"glctp.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}