{"report_id":"9e830514-1a51-456f-b168-ca2647a20823","version":0,"status":"done","tags":[],"date":"2026-06-17T15:03:18Z","url":{"schema":"http","addr":"ctpfund.vip","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"104.21.68.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ctpfund.vip/pc/#/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"title":"FACKGO","dom":{"size":131137,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51094)","md5":"3a607ff06aa98b7560d9ccb254211157","sha1":"b622fec8369952595b31dff8029bb17134e3fd4c","sha256":"21c9f32dac5bfa53f7d9b72767039e770ad8da2777d00a9ed6fbe3ecafee93e4","sha512":"a0f5371f2c258b835537f8c8f09ca0681c4811c1c3f9aabe9724161c39020debf6c8dde4b77c981d9d83862f740a6b42bfb36312b808b44ded5a7cfca16eb8e0","ssdeep":"1536:D5Jae6JaeiJaeyJaekY0gaBEiWgEi0EiiEipJ+vGjR9eHluJpnQQ9wDV57RAC:oaW0Q6gv","tlshash":"fed3a629b2299063d077c1d494613f1e34e6f20b85cbda53b5ec67a61fcba78b6400b7","dom_hash":"domhashe16f7fe7b3f3a0933cb7c5576e6ab3a4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ctpfund.vip","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"104.21.68.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T15:03:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mfccfx.org","ip":{"addr":"47.236.224.27","port":3000,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2024-12-15T16:44:26.907384Z","last_seen":"2026-06-11T00:01:56.61457Z","alert_count":0,"request_count":1,"received_data":182,"sent_data":576,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ctpfund.vip","ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-27","domain_rank":0,"first_seen":"2025-12-27T05:45:00.248076Z","last_seen":"2026-06-15T12:36:31.897392Z","alert_count":120,"request_count":30,"received_data":5633349,"sent_data":14697,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"api.mfccfx.org","ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"2024-11-27","domain_rank":0,"first_seen":"2024-12-15T16:44:26.905521Z","last_seen":"2026-06-15T12:33:31.209101Z","alert_count":0,"request_count":27,"received_data":189205,"sent_data":14277,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ctpfund.vip/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6697c1aeb4afe1fdabf59d2fc995ae89","sha1":"ba3d02704c92873449afb9dea74fe41db6882167","sha256":"267fb0b10610f5be8153df4c1879bdc847c14cc90e2d105d477380106df5e3a4","sha512":"ee8ab109c6757c1606b457463e20416207729cb3e494c5c0d2a859f73d4986ccbb282450d9b3633b9a12cf5b81646c6d608a5672b4f253393acc6135d7b8f64f","ssdeep":"","tlshash":"13e0d88ad782410735e22b19893b2586787204fb2c2458435b501fe4716a77f456be5e","size":358,"data":"","first_seen":"2026-06-11T00:02:04.013155Z","last_seen":"2026-06-17T15:03:32.022126Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","size":10607,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","size":9697,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","size":13418,"data":"","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/swiper.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","size":122748,"data":"","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/app.c5e43283136f9036e96f.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4f8f34aaed53a2602f9785d44bacc3e","sha1":"28e78ae9fd576091f61e5e5f2476887378ecc24c","sha256":"b552b7ca732193d4242146efea4d57aa57706e817aa5c456130b59597168bb60","sha512":"a360a391ac603e7bd190c84b16bfe77a698b033c21b9a02588e9202a23744ba6526fd6b78dee01385b4f4d03300d9d1bfe24fb0c274b7a7b838aebbbeca55a95","ssdeep":"12288:JNrGrZCSofYWWoRh+NDJReynMlRPGNpiEj7ay0fDxEMo3wD6UcV9FY0ZconS//CH:JwrIYWy6imO","tlshash":"33d46d7b11ce59a819428a06728b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","size":631002,"data":"","first_seen":"2026-06-11T00:02:03.977372Z","last_seen":"2026-06-17T15:50:19.228729Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/#/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"fcaea4b8885ca5c1fb3ddd5c490da5c6","sha1":"35745f87b37210d992a9ed534a593ae500b7adaa","sha256":"934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272","sha512":"65e3bda5b8bd909b2fed0a25e3d6d3d7d2984601de4a906783c783097fcd8902ea1c2fa05d33619126415bc5000a72e8459eb81c971a85e2ddb374f9fd9231aa","ssdeep":"","tlshash":"889002c520d965518ad321a061261a46615a04f914a48c5091589c56287303092695bc","size":54,"data":"","first_seen":"2023-04-12T08:25:39Z","last_seen":"2026-06-20T14:24:16.215706Z","times_seen":23087,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/w3model.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","size":428813,"data":"","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/manifest.d75d13c50ca7633588cd.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b42ec6b041111b0885f237891e79de83","sha1":"d7a17483253efd0415a530d5200da3eb492b4d4f","sha256":"2a018e563c5e316c7b5375d0b0189d7a71171944e65d009e705d585cf3f88891","sha512":"06d9e8d57fb1a73ecb5c24ecaa1ad91a1b6e54e152bf540bba02c95f207d50bd1a4e042558cace35015e3eb7d42642843e13952f0cbe71cc1f9b0aaa56d9f7ad","ssdeep":"","tlshash":"c451d89e7a7df9d667b10c94123bb6a9b13c3e205d2cdc50e3cde6a83825c5093126a7","size":3119,"data":"","first_seen":"2026-06-11T00:02:03.915568Z","last_seen":"2026-06-17T15:50:19.217945Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/1.012b03e3947f718952da.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2c92d8e1bac9260d73d302db8c573c5","sha1":"84dcc650dc2a80fe0c6b711171c07aed4b1ff2e2","sha256":"a1d631705343a0def512cd15d5558da41f08e5666cb1d697ae012f892c0d804b","sha512":"44f164ea73cbdd335b130f953908114bb043cfa37bfca8179afee2751017aa95168ee54b96e86b527854f2f7c4d816514b4965739f9cf632825ba6d201aac504","ssdeep":"768:v1g4pOx27O8/L3bYeRyHYL1LjE1VlQRL14ti/gWRLMssvi/grDYKJod/:vS4pOx268D3V4H01nE1UOti/gXi/g3Y5","tlshash":"b9233a0ab487b66dcc3a4060962f2139b07a1fe8901ad1d3f63cd9949ae5d39171fb7c","size":48322,"data":"","first_seen":"2026-05-06T11:01:26.044307Z","last_seen":"2026-06-17T15:50:19.234713Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/jquery-3.4.1.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-20T16:13:40.692234Z","times_seen":7062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/web3model.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","size":430146,"data":"","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/0.1a10cfe064474e2a49ee.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea4eeb07128cd32f11e29425f273fa37","sha1":"e2198e737ceec7f7187517a7f0d74d54965f4ef7","sha256":"554710308996608ad4e914a7cf9e84b00410a75b2f33be0ec4890fbb9cf11e2c","sha512":"da29a36a85f1e1ae6146da8d479304d52f5af501a2d8804989a1fb44fff04d4a208d079a7f85aeb2d469371fc2f0abb15cdc2a74427028bef690face12af398f","ssdeep":"3072:3WR3NFn5VHxkt7zVrWogaYmdNDRBv9+HK2kKK:30rn5jkt/rFdVRx99sK","tlshash":"2f345b19b043b679487a4061202f2129b0752fd9a809d0a6f778dcd5adf4eb9232ff7d","size":239859,"data":"","first_seen":"2026-06-11T00:02:03.985543Z","last_seen":"2026-06-17T15:50:19.209608Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/country.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","size":44047,"data":"","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/vendor.4b5ce9b4142481a9e749.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6ddf4a96942a5b756603b9f36a4a861","sha1":"338e52ccf9bde9bd2f704d1f7bd98698f201c718","sha256":"7eef725f662a2ba07ad93bc8fc9bcf236e0a87ba9a0a785d8d58954c300ae052","sha512":"cd48be97a979a888e57c54ed4a3246a89f56a3a2a8f65626e3b80f76bbf9236545f2c0692a6640116e00964e63ad11aa93f23ef214796f9eac7bec820c7f200c","ssdeep":"49152:HH4KkoNRm5Pzk2JawX0BBL2JXzdUimRH2vD/:iLP0W7UpH2L","tlshash":"21852b9d32c4b46247e321b5503f240ba3372958a80ac458ba75d4daacbd94e633ff7d","size":1786906,"data":"","first_seen":"2026-06-11T00:02:04.015464Z","last_seen":"2026-06-17T15:50:19.265281Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/#/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71699678d8965a9cfa50149e1518c715","sha1":"6764a0d07c3a8a8d2b5e29b29c2d7f3b874cbe0f","sha256":"8f20f516480cbf3b4ab5a7c2122cdd3c8344e83ea09d6ce812a7881d0460d0bd","sha512":"3de9c078a84169ed673869227456ae038af1b74d638f5224cbc85854ac9e65dc7e956b4ee25844d6996e028b4e3e2f366f542572bba2ce7a75a5c58b144bf183","ssdeep":"","tlshash":"7341787b8850089167e3a03c969f47283914755b9ca57c007d3c41e4af099efabf2bee","size":2320,"data":"","first_seen":"2026-06-11T00:02:04.007161Z","last_seen":"2026-06-17T15:50:19.251017Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/#/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"54003f7b0f8904db58bad4315a4b5bdf","sha1":"b47084372f06853625d15dde7c0e741a947f7a6e","sha256":"fd702a667010166ffff6d4209d9fa523b2f87fb7c7e7d30736a7891bac48cdb2","sha512":"a526cf4515bbceeb2e2a0ca9c858ecffd52e88d62f0699db2d5728d6cf90f84726569bae236117677844c03d086e066bfef0f49290c20d622a871b9f25a1a480","ssdeep":"","tlshash":"58011289fc41b076a6863228713bfa07516212241c84a83388fdc36fef32d87811368c","size":830,"data":"","first_seen":"2025-10-08T18:47:54.234773Z","last_seen":"2026-06-17T15:50:19.263499Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/#/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"11c8a1aff94d50bd2f7e031f902bb914","sha1":"d47a01dad21d096b9c9a8a39966a5d80e58a1b6c","sha256":"3343e00546a2373402e0a80a7b32b60ebda9e66828712820df19ef5ae0cf1517","sha512":"f42cb58470d10793f82588c64bb4caa49b4f33b5ddb704036bb08a407cdc84835b0a8645e92759df3683721c440f98a609db4678e99f195fa6faaa52faab983c","ssdeep":"","tlshash":"f8f0a47918e760311f192b0032139ed83a655845f50cb88af58cc0c0bfa8993807f9fd","size":623,"data":"","first_seen":"2026-06-11T00:02:04.011469Z","last_seen":"2026-06-17T17:08:22.095937Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"/","filename":"https://ctpfund.vip/pc/static/js/app.c5e43283136f9036e96f.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/swiper.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.584Z","timestamp":1781708575584,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/swiper.min.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6982713a-1df7c\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8%2B56FP1qaffIZcLgwszI%2B%2F5pOExCwLB6yXneXW3fw0tHLvh0sgudd718fQGPKdUqws%2FK%2FfIxxEDYPujmvEB6XDjYE4DSMkefq%2FT19NtrbXSF92NNNYebXGv1sZVBiA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f562efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122748,"size_decoded":37429,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65264), with CRLF line terminators","md5":"98d2e1c621c2f951ede456d131608c76","sha1":"e826d3417232c8dd7b234d1e53750710b52b34f3","sha256":"e1b64e3405e7630f429cc551f4922ef5ed9d775834d8f476aeae9e9f4916c439","sha512":"e57e88be238f0016ae43d2e8ed18a2d30c2b2753276c21dada3196ac63dd0081eadcf913b5e2ce5901d141fa58769664cf304c6c950c82588260e89a8906a7af","ssdeep":"1536:VL2qg0G1fVLJW4bU98IA9SK8FDliAfKrGny55T1s53V7gZxj8rvHgZsUOUBDBWqv:CpbUAxSqBohgZu7HgZsUOUFBWqjxJr","tlshash":"b6c3094eb390619510e36256529e9241a3b72849780ad0ac35b68cd7adbde4c13bfffc","first_seen":"2023-03-07T16:46:46Z","last_seen":"2026-06-17T17:08:22.005834Z","times_seen":114,"resource_available":true,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/swiper.min.css","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.587Z","timestamp":1781708575587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/swiper.min.css HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-4d4a\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d7lwXuXyU0ZvDuX3S73Myw0dBXqJa61QAtxrybPp%2BmT%2Fo8ioYNpxQKE1yqZ%2BMr53mc6UT8LTXjgDwUTQoI%2BrBZIYkx39tMoP4dx5XhPzj89iMnV9zXDOu3K1pWWnXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f5a2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19786,"size_decoded":4270,"mime_type":"text/css","magic":"ASCII text, with very long lines (19512), with CRLF line terminators","md5":"94160d512c97c05e7c4aeeadd30f23c0","sha1":"04261a673b7e5100f78742455b8b7eb48ae11566","sha256":"783bfe0f2494079631972de7df124e1341f235b0b37d51d3c488356c1fca06f8","sha512":"121df9bdbaa00deaada17df94f56fbe36ddce44494022760f21ce7e59dc589d62c296ca5b661d642a6ca0155081ee35c18a45c53f982b5d98df4cf3e76aff1cf","ssdeep":"192:PphaNv/lSSyJWCh8zfi5o/mXDN3eBxwdJ5R:PHa1/lS0Cifi5o/mXOGJ5R","tlshash":"b392622c17003057e2334f1a87d99778c724c9939e4358ef6250ee48c7bb96a32af766","first_seen":"2023-04-17T17:48:16Z","last_seen":"2026-06-17T17:08:22.08553Z","times_seen":84,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":813,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/fonts/element-icons.535877f.woff","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.145Z","timestamp":1781708580145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/fonts/element-icons.535877f.woff HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: font/woff\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-6e28\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LnD4uLmD1Qcodi6MNzUNarscSHR4r0iSGowNAmFCEZ0gyOnYXOzFYNp5Kx0OC3QuC%2FmS3FKLzHQ9Imyi89yi8dzLC%2FlJMdyIT%2F%2BJVpMiHoQ%2F6S9DLxSaiSbZuHqU%2FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 28200\r\ncf-ray: a0d2f041ec682efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28200,"size_decoded":28941,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-20T11:36:25.963502Z","times_seen":26307,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/ada.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.539Z","timestamp":1781708581539,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/ada.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 16287\r\nlast-modified: Thu, 19 Jan 2023 04:54:56 GMT\r\netag: \"63c8cd20-3f9f\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16287,"size_decoded":16630,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"ddbd783f7bcbbf07bc974485aabfacbe","sha1":"db97ab8ca9e8938781f7f8f42f7b97b5f2a8efa4","sha256":"963ea06d1c04c2ae26332fcb8b0f1e45f2f3eba148a0b1a77ec66aadba47b55f","sha512":"8bf0121ce9c2b6b3716f12414ba5dca7e2b951e3e8204a1a2a9c737d220a2fd9915385f87a1070c42f3b8d9ebf49e94c349f902bc949f4294d7525460ce67f8a","ssdeep":"384:7nKBaor7iF6iT9pMRYHT/B6uKF1DDCm7PwGnwNAO:7qrGHT9pMwTmDCE4R","tlshash":"7f72d082c4d0df9c77c7f28528cf13aba912468269c6f912bfc4e432be54825f6893c1","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99839Z","times_seen":59,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xrp.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.549Z","timestamp":1781708581549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xrp.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 10658\r\nlast-modified: Thu, 19 Jan 2023 04:54:57 GMT\r\netag: \"63c8cd21-29a2\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10658,"size_decoded":11001,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"9570d96dea0a3383407c5269d859c7cf","sha1":"3c7077c3e8f2f13ebae17adb28013c4e79e36f0c","sha256":"fe8fdfff3112480f8b11dbe6c6d23fef3066d94bf92622dba2fed45fe3999006","sha512":"4bfa5a222d8ae0a74e02f86b3fdd7a0919a92d563b8a65da88ce1ca7ad47cd180c4a1103e6a361c124281000b42b91353b72d4f834c8df04c3e827ef398182b0","ssdeep":"192:Lkkn8Hh8N/uvVnGTzQT6yYh8uBfWQidYLS7nRC3Qvv2O3eJIP8aK:7n8B8N/uvVGPRyXu9PidYL+RE+3GIo","tlshash":"99229017d9095ce8af08fc89d574aa5beb3b54c0c841740e1855549ffaf04f595cc4d7","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T15:50:19.22262Z","times_seen":49,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/w3model.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.581Z","timestamp":1781708575581,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/w3model.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-68b0d\"\r\nexpires: Thu, 18 Jun 2026 03:02:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KILgKArLeI0klEbKP4Cc8BY5Jst6xtIxvjAe4vLzlXQi1%2BR%2FZpUFaDbSXuQ%2FQcgJ4zIkrXQxDQ3qk8bM2T0QgKa3gve3EBR%2Fd5Jy29Ae6OMgdq8wt%2B%2B%2BH3oIzCgyTg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f542efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":428813,"size_decoded":217379,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (62529), with CRLF line terminators","md5":"aad4132b8256c7015fe00c906fabba82","sha1":"6313837eb6181532b0f5906566ee8cdcbaddca9c","sha256":"3c2954dd18092c2a0601dda1a400cfd9e7b3d052d1ed981037cf504b23519dc8","sha512":"5b8a42b608f2aefb2407a7b27b5a7ec7ed1c36ca9f30ea289c736b35f13dfaed4ac187f45196aa8013cff775993cb9b1406e34d6e4ffcd64eee92cf0b447d800","ssdeep":"6144:4HOdrcjrE/0NNWS9UO2/HE2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqd:8OdgDEzaneYZEl5+qQ8zztN8d","tlshash":"d694aee93582f42157f366b740af1806b33d691b140c88a0f255edd5a8f84aa913bffd","first_seen":"2026-05-06T11:01:26.018631Z","last_seen":"2026-06-17T15:50:19.242688Z","times_seen":20,"resource_available":true,"data":null}},"time_used":2593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1785,"receive":808,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/web3model.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.582Z","timestamp":1781708575582,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/web3model.min.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-69042\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p0SygCJm%2BA1vpMIgvPxGnW8Sh1%2BRstVc%2FehyUoonQ%2FojgSK2L84ycUXorQUm6%2FbnFOfsmIU6t4Ws3pjpPQ2Gw6IdGgZoVxY5u0Nv0fTyjH9UPVHIQvq1NeF5dASY7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f552efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":430146,"size_decoded":218049,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44112), with CRLF line terminators","md5":"ff48642b91a7c867f3e85a7cfaf0f842","sha1":"dd5e1cc5557adb3a0b378998293ba56cea15ed51","sha256":"23900fd2a07518314bcaa998d960ecc2880869ea73797ca8000217481afd68a1","sha512":"734bc3285fc226b1925483c528962fb24ad35d6efd6f599f5e15779694d733cc789b8df6cd198f8c9342549fedb319c1316c33657b169d95438237fe79f67487","ssdeep":"6144:HULdr3jrE/0NNWS9UO2/H/2jz05O1HaeJ3qZEZDj9+b+Q88MzfFNo8vqU:0Ld1D1zaneYZEl5+qQ8zztN8U","tlshash":"4b94aee935c2f42117f366b740af1806b33d691b140c88a0f255edd5a9f84aa913bff9","first_seen":"2024-02-04T22:02:45Z","last_seen":"2026-06-17T15:50:19.217287Z","times_seen":48,"resource_available":true,"data":null}},"time_used":1853,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1067,"receive":786,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.589Z","timestamp":1781708575589,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-83214\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Is8%2BVMD5dOWDnmnS9D57W9ZyweSl3IUvSPLljQPuGQ3C6COp8P%2Bu98PvhLpac5glBY%2Fo3lNZxYirsqS6q%2BrsaTJBY%2BmYodCuupznhtm2tRM0Lgz2heyD9knMe%2BNMeA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f5c2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":537108,"size_decoded":99780,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"754d69772565e9304389182c50d5c059","sha1":"c8b8d5d9925ad6b424f647a22e62d48804114195","sha256":"f47fd9b97798e25b5e32b82e8f283b28f56401815cbb9dd81d7a9be64730e2d8","sha512":"ddd62a364e6fa842440ea8d62c7c1ab2685925c27867f408c59b7e7ad04a183838449324b2616d4562b47e3e76dfb47cba04ca59868119c5104f87aed823f1ec","ssdeep":"12288:Eva5zXYo4YsK/iyfpwo1OAPkuD336ya5hrCez0eTR:sa5zXYo4YV1fpwo1OAPkuD336ya5hrCW","tlshash":"bbb4d8239717121a613bca64a6d4abc96b14d363d02317fffa433819cfc759a226670f","first_seen":"2026-06-11T00:02:03.868581Z","last_seen":"2026-06-17T15:50:19.246615Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1073,"receive":522,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/vendor.4b5ce9b4142481a9e749.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.592Z","timestamp":1781708575592,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/vendor.4b5ce9b4142481a9e749.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-1b441a\"\r\nexpires: Thu, 18 Jun 2026 03:02:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KqzgIxNIgre1WjED%2F6sANuNgkratZUN9SCnbHmvW%2FBqiIZWNlJtY5lTwJrsJIziDBKs3t6j83473ue3n%2B9uek046K8%2FZ8trJjrkIzx8mF2iwANXNSGKjhfV3%2BHbrIQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0257f5e2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1786906,"size_decoded":644115,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37287)","md5":"851f0e7ed8c7d29b5a47ebba573c503f","sha1":"6f2576dc96f41084b165650924212090afac5d0f","sha256":"9c91b2f3f2535f570fb6e11e14fa21f794472c15a350213879334c20092b8096","sha512":"4430a86caa90172cdf8bb72c0e5d6980fb5ad447f41efd2e978371b393816cb2e544476c6ca07caef87da0182ddfc7bd7cd20cce0fc08d50f3abdd36163302e5","ssdeep":"12288:p/5H4KEh+NlpJ8ei75Gm5PiMta2JpIuuiXuHBBL2O:pBH4Kkoj8eQGm5Pzk2JaRiXuHBBL2O","tlshash":"2425199d32c4b06643e331b5503f240fa3372959a80ec558ba26d4daacbd55e623bf3d","first_seen":"2026-06-11T00:02:03.894781Z","last_seen":"2026-06-17T15:50:19.213474Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2941,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1870,"receive":1071,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/logo/home_logo.png?v=6","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.094Z","timestamp":1781708580094,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/logo/home_logo.png?v=6 HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-711\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zzes0RJMH4zBdW9g5ZJLNIeNaG5zU1ryOEwmGP33SyKPiYYNP2RYHcbfE06MTv%2FL%2FGiOyS4A8ZZTzhRd54oN3OYPlt45k9MFhTWLXXK%2B3F7LjalHXltPx%2FrW9W%2Ba6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1809\r\ncf-ray: a0d2f0419c582efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1809,"size_decoded":2585,"mime_type":"image/png","magic":"PNG image data, 195 x 60, 8-bit/color RGBA, non-interlaced","md5":"dcbc988a93c8443746d1f0db30921272","sha1":"774bf235bfe3ac5deafb1cfc2a9f519631b03e4a","sha256":"57d5eee9c9f90c296da216b70e84fd0eb695e3dfd25b5c287eb2b5bd0051ceb4","sha512":"a913fd56525de3bb55afc511e1011e71dada908f6d77a41349fe4788089568d56b129526b8e5ecb8fd618167c5ca05162ead6f0ccc75d4d9ff7bd9a88803afa9","ssdeep":"","tlshash":"ca31098d0fc1fe219251bde7abc4e613caa79983513f16dc3509c016d313c50d740b45","first_seen":"2026-06-11T00:02:03.997011Z","last_seen":"2026-06-17T15:50:19.223938Z","times_seen":5,"resource_available":false,"data":null}},"time_used":822,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":822,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getQrcode?lang=en\u0026rtoken=3cD8o2EZduv","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.114Z","timestamp":1781708580114,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getQrcode?lang=en\u0026rtoken=3cD8o2EZduv HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":290,"size_decoded":642,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"99730f4a25eba122022f2a86c8702d43","sha1":"9b1e5f765e589a715ac6df36eab8b00ff3af4432","sha256":"760d6301f6ca45560c75c8e3de0a561de78e71d899deff09ea57f11ab2057bc1","sha512":"b609a6367036a65532f4b1e5acbb815d2b5d7a3d1ccd8db5a2227b0936a1923c67f304000c59d52f95286e91f32a5bfc9ddf8b7f88e61b25dd5cf7790cc534cd","ssdeep":"","tlshash":"49d0c2b36e948c0417b220d1261f39dead1e91839d81206dcf840be884225332017eb2","first_seen":"2026-06-17T15:03:31.926209Z","last_seen":"2026-06-17T15:03:31.926209Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2154,"timings":{"blocked":-1,"dns":99,"connect":248,"send":0,"wait":315,"receive":0,"ssl":1492},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getParam?lang=en\u0026rtoken=mxKS5CB6eVc","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.116Z","timestamp":1781708580116,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=mxKS5CB6eVc HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e7f07eb1e01ac902fc79cee7e99b6a6f","sha1":"4be5c063776358a918f2e1f2eb32ecab9369c8e5","sha256":"8d44e4b4153dcf8e25b4f8f96fd7a9c789e03c9d0f367b2836c4b521852de196","sha512":"b10ea0781d82ee17a0f064b10ffc8224cc640c4732fee63870f27e98181f23bc020eaae187dfb25c061d431f6d0a55dcf2ce087dff58d75c67391e0be5bf8f66","ssdeep":"","tlshash":"6621054d31e80c7fe7c34449ad4b1255bbd969db14ae0cc546acddb438c68d3840a963","first_seen":"2026-06-17T15:03:31.930002Z","last_seen":"2026-06-17T15:03:31.930002Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1141,"timings":{"blocked":857,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/fil.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.537Z","timestamp":1781708581537,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/fil.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 4005\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-fa5\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4005,"size_decoded":4346,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"4edc5dafe73f16af2629cfb1fd6cb4d5","sha1":"e5d6aeb9955a18693871b73a83577abdf64e5293","sha256":"586c85d6fd474cab3947b5f3e64c3fc76fb8620111231682106cc9abfdc5339a","sha512":"49d64c4278a861b60b1c0a0341a2e3b96f2988165d5c3a7deb779f8592d4242e8552669cdf9a9d9e9997d2f84f02470b926effcd5437343aee872c172a507e31","ssdeep":"","tlshash":"e4818f877f354c078c6ca096024e2b36d5bfa80264f4c8edbf6160828b5f5058f9d5dd","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:08.99677Z","times_seen":54,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/favicon.ico","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/","date":"2026-06-17T15:02:54.828Z","timestamp":1781708574828,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/image/remind.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.597Z","timestamp":1781708575597,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/image/remind.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:55 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4deb7\"\r\nexpires: Wed, 15 Jul 2026 12:36:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 181613\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HYKt3xfCSM0cz0iW7nKnsPdBI8Gdnj3uXQHXKbabrXXW0F4n%2BsFjNetZj%2B5n4x8ooze%2FMtjrXva6zYlxTMBkA2V%2BJ7H6wQcYGkm3ebcfAbOsDNgiFNo93thqmCKfkA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 319159\r\ncf-ray: a0d2f0257f602efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":319159,"size_decoded":319949,"mime_type":"image/png","magic":"PNG image data, 2163 x 2283, 8-bit/color RGBA, non-interlaced","md5":"42a3301ec37986141e520b49d598e73b","sha1":"83c6e41ecfc381ef9d39dc5767272ea843e0a679","sha256":"60ddd3846aa5aaa641439a451b27834bdf41fabcf4601ed9c9239908dc5a6339","sha512":"db3eae8a9caf09de6f41e3ab079844691df7372295aabdcda662b6d042e07e707d1e8ad786c42b9eb4d0c8c5b5156039c1fc389df26b0a1230a793fb153d7b38","ssdeep":"6144:UT+B9YsJyUqYWWLq7M6jzqhyWykRcTUEWPaG/4Jb6lHGKYT:SAYCz1ZhyW9RJEKaG/Qb6lG","tlshash":"58642351da3dcc5ac5fb9635043f212ea9b84330b698fad6ca3f75501b42ca76227db0","first_seen":"2023-05-25T13:54:34Z","last_seen":"2026-06-17T17:08:22.06114Z","times_seen":90,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/uni.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.532Z","timestamp":1781708581532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/uni.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 7130\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-1bda\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7130,"size_decoded":7472,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"31f17f13b53757a892502af9179f6bc2","sha1":"1db9427d6720bafe36824262466d2f75c55b637d","sha256":"2e8697588da2d88c23823b1c61813280ff82d59481019553719946e2b7260269","sha512":"b591743bd756e6019aff32d5e817948a6dc5544818b83df383f4a1cec447ae9b864ba86b61401a4f76c1ec907c1211e7f75ca1a45a2d49220a6bc75d4fb2f07a","ssdeep":"192:pDOYGPzaIfpNIreNg5HRBC9ocE/jPJJcc6pM644Y:2eo/uHbFRD6SMY","tlshash":"0ce19df0f63b540d4adc9e270ce424c11ae31559750334bfed8f099ee39340a0a94ad5","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.003264Z","times_seen":60,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/bg3.0733f40a.673c0c7.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.100Z","timestamp":1781708580100,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40a.673c0c7.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-3e4c7\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tfDA66mu%2FRVnvIBHDee%2FOpzhh0nZ0F0Qx2dC79pOksDrk%2F3HuDeruebVuI5%2FDi5AeJo8pdnnmyjKco60a2AhzrSNWeH8yZkmU0K3wKu2WXpzYYjMLzt88Nn2PDFlGg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 255175\r\ncf-ray: a0d2f041ac5c2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":255175,"size_decoded":255953,"mime_type":"image/png","magic":"PNG image data, 1050 x 542, 8-bit/color RGBA, non-interlaced","md5":"673c0c7d619cc45086259e7c45dcd16c","sha1":"b528dca9d7da4977a998dbc09bd2e7909777958a","sha256":"750a12745f329aa57268972132c7bafc5dce261fdc014b94b64e3b550c45f217","sha512":"988a4c9ca2236c1477c5809a708a94f08d04b0d60f33c5ebec643b12d063d1b31c37d8412d813ca894a51da6a429c41a78534d0470d5b64430e51132edb6af3b","ssdeep":"6144:1XjXnBvr3hulxAUOtRDRxzC22Uz5VKJRTPsXT3:pjxjMLOtRX+oT3","tlshash":"23442282faa9b13e68e7bc020419dbc9498199dd68447fa72c60d31cf853e1d0d7be47","first_seen":"2025-10-08T18:47:54.130405Z","last_seen":"2026-06-17T16:37:08.991626Z","times_seen":20,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":266,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/bannerImg.c079820a.07144ed.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.096Z","timestamp":1781708580096,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/bannerImg.c079820a.07144ed.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4d877\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vEwFckDUa6s9dZ9sHiwVW0i03YrVNvFAT%2FDLfpgqDJJb5FWEKrsvGJo3Bl%2F27sn40tXwok6d4uIQ34GknH8XWc5ir1584gDVL2hyq2Uv3VM%2F0fDRsIix19OHgQe5Hg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 317559\r\ncf-ray: a0d2f0419c5a2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":317559,"size_decoded":318335,"mime_type":"image/png","magic":"PNG image data, 834 x 586, 8-bit/color RGBA, non-interlaced","md5":"07144edaf476d4176c919cb1df1a9534","sha1":"72ea3e390cc0593204216f66a6f7c858da227915","sha256":"2a7f3a484b3fccdb68d6a4d9b224b546cdde59a3f8b3ab1ed7b89493aa608938","sha512":"9fe670a1bd4636331bd1af1df101f1260e7f0b0c4c2028acd1b4589888ca89bc878739d334c403ffe44e36311444684f6fea7d4f02cf77115097924c38b8ac45","ssdeep":"6144:0EvVt+4HNRXtg57dlhNUfOX2/Ybc6ux6HwEjlPmmWnLn8sCheG:3tjNRdg5RloAZux6/c7/geG","tlshash":"1864230d26ec8f837c451be77ebf103634b585248b54ed97cca259af9a92c630e46077","first_seen":"2025-10-08T18:47:54.169022Z","last_seen":"2026-06-17T16:37:08.997779Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1870,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":809,"receive":1061,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:02:54.716Z","timestamp":1781708574716,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/ HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:55 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L76JgH6QXGMV1F8hd%2BA36QDFx%2Bmx%2F82QYRaX%2Fts3krtucncE6qI0NiusdlrHJeKsxHKRm4jKzrjq9bcdIG%2B7RpXs6rcdnKPxVQl5znIUewAgiyxN9CwTUBdW%2BS3Hlw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\ncf-ray: a0d2f01ffe162efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6947,"size_decoded":3159,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (956), with CRLF line terminators","md5":"1f29e26183a81baaf52aec67ee62d923","sha1":"bbd714450ac6a0c895cda2624e2dc55aff2b4720","sha256":"51b9494a8b7902908128b51754d9bc3b00b53f46b2c0a873cb723f9bbe833389","sha512":"bbba2a23919afd073c5c7f74e206982396f88192fc845161291ae043cc318b84d504b9ab91e415b23af681e2d1fa6c1cd61d3ebf4a422316eb1b253cd29ff097","ssdeep":"96:iJGxDGYUBzlV7TCD5SfWtOwDLT7/iFKsx4/ObAt5BAAuW:fybKD5oW/DLH/HNRt5BA5W","tlshash":"12e1755b5c01c0662ab265187373eb29f506b7675a11c801bafc80a49f74fce56a6fcc","first_seen":"2026-06-11T00:02:03.923455Z","last_seen":"2026-06-17T15:50:19.208823Z","times_seen":5,"resource_available":true,"data":null}},"time_used":828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/datafeeds/udf/dist/polyfills.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.578Z","timestamp":1781708575578,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/polyfills.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-25e1\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eTTkMKaha2JkYgJkY6agfZa1krhhh8qWl2v1L8OnJKUILdiPmo5xMhVdJSPu2rpYOdE8EKHPFEiQAu1r5yrDQBS9QJjoDvXCf0FG8ltCwUGIIjxi9HUhok4Ay3mQpw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0255f512efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9697,"size_decoded":4333,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9695), with CRLF line terminators","md5":"ffed8bcc0af9db588e19127393f38aca","sha1":"5d7c37579a895c795e3b99e538bc21acab7d810f","sha256":"8b8d3e2917ea726f9bef63e6d089db0d83d275bf909b3e93cd816f053a43fc0a","sha512":"70557f07558317fd46f1186df5a4df6b4d53fc65c09b316af37f4cd914248d12c6d6c66fb3ef88f88236f14739b30ee86d892baa70f025ee59c668c66fccdf6e","ssdeep":"192:x5C5b4QNokiNLw0mrZA3KoluxV68ksmZ15UPQ0wx9Z4ESjxLhFZvL:/G1gsr7idsirPCESjxLhP","tlshash":"c1127488f7e0b46243a370b4917f550fb2b52925658e41b8f260d8ea6cfd04d962bf7c","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.017439Z","times_seen":64,"resource_available":true,"data":null}},"time_used":787,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":787,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/bsv.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.541Z","timestamp":1781708581541,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/bsv.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 5498\r\nlast-modified: Thu, 18 Apr 2024 13:56:43 GMT\r\netag: \"6621269b-157a\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5498,"size_decoded":5840,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0d59d213ad783528adfeb1d20e1adf93","sha1":"f8ac8bd0de83dfb109ddd7f471a4d2fc9810d5ac","sha256":"1166a5cd4f51593c9a5e08f29c6a4619645c92c96b49f42cad35335a21dd9793","sha512":"de7bbd0436b058559aeed7cc050029542db5a2d68802cb6f2d77bbf3c09e28a74353b5c080cd85d73bec9b918b3f0530afa51aba1ac12c95bb73f514caf77988","ssdeep":"96:VIrZQ20cPRHXflxra2KpD8DGvHiJa5Lkj/vqz9yP4hukLmj318f/O26GR59jgCWP:ZLSDra2AD8SvHPC3qIGuN3P2zHNa1ck","tlshash":"12b16ce76744e198af7f448723a9c6cc640ac536c8b5a169d17640d8feee244c84798b","first_seen":"2025-10-08T18:47:54.17931Z","last_seen":"2026-06-17T15:50:19.226761Z","times_seen":36,"resource_available":false,"data":null}},"time_used":728,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":483,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/credit.css","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.588Z","timestamp":1781708575588,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/credit.css HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-486\"\r\nexpires: Thu, 18 Jun 2026 03:02:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bC8rkfisftH6m%2FLjSkTx8mWlsv%2B4VrFmFIqpJrfa5sPthKFFii%2Bp3YT7Sr7z7YTf3%2Fac262ClzeCkjb0Ru4avNoORX2aGZCTIHJsoS4vQb1m%2Bdl7Hybiq22eZkihyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f5b2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1158,"size_decoded":1341,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"5a7fa046f781d26b95e54a677a8fb4b4","sha1":"1757d1022877d02cfcf9942d46ed6201878c6c73","sha256":"76d1d8567e8eb407f259585548ff5c0b3c3b9cf14cc6701f359b2d812493cd1b","sha512":"4b481baf5a408f3f70eec7f360412075b2a95363daf63ad1004ee29f671b6d3445cf71534e7f65c9de541253469d41c4ce9c4227b1902cd77baf31068845b116","ssdeep":"","tlshash":"0e21d02eba0e284adbe93ed23efc2a64de7e00ea15b342d0f298c154e1d2c1913745d5","first_seen":"2025-08-04T10:45:31.520242Z","last_seen":"2026-06-17T17:08:22.007444Z","times_seen":70,"resource_available":false,"data":null}},"time_used":1629,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/1.012b03e3947f718952da.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:58.926Z","timestamp":1781708578926,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/1.012b03e3947f718952da.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-bcc2\"\r\nexpires: Thu, 18 Jun 2026 03:02:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5PmbxvTI%2BZ4F2efYhw3jNpgNVHanD%2FlIGFcIZ85SHbtltIJfoApdO9Z2YWZKlAAzNMRo7QX%2BFoV2EjyevNKPZlgTP8M7%2BHii%2FkzCXnjN1HMeAu5zYbe1mKhyCwPqSA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f03a4ac22efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48322,"size_decoded":23244,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (48257)","md5":"e2c92d8e1bac9260d73d302db8c573c5","sha1":"84dcc650dc2a80fe0c6b711171c07aed4b1ff2e2","sha256":"a1d631705343a0def512cd15d5558da41f08e5666cb1d697ae012f892c0d804b","sha512":"44f164ea73cbdd335b130f953908114bb043cfa37bfca8179afee2751017aa95168ee54b96e86b527854f2f7c4d816514b4965739f9cf632825ba6d201aac504","ssdeep":"768:v1g4pOx27O8/L3bYeRyHYL1LjE1VlQRL14ti/gWRLMssvi/grDYKJod/:vS4pOx268D3V4H01nE1UOti/gXi/g3Y5","tlshash":"b9233a0ab487b66dcc3a4060962f2139b07a1fe8901ad1d3f63cd9949ae5d39171fb7c","first_seen":"2026-05-06T11:01:26.044307Z","last_seen":"2026-06-17T15:50:19.234713Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1107,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/picture_new@2x.77abe9c.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.103Z","timestamp":1781708580103,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/picture_new@2x.77abe9c.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-4dd5\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dTPCnpRm1aCeHUwIFgHnl3BoCuRW%2F4MewDnq%2F5ovKyKRkHERr16wEOxLxAdQDa8JoGkjEAtU8FC598liTu0AJk5qtF0rOf587w31ADQsjcsKQ5Gpz1x2GqPRsYT3SQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 19925\r\ncf-ray: a0d2f041ac5e2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19925,"size_decoded":20697,"mime_type":"image/png","magic":"PNG image data, 166 x 176, 8-bit/color RGBA, non-interlaced","md5":"77abe9c18fddc20fcf6b1dfec28d92fc","sha1":"3207c6cae0b76124e35315d86e7359f6fdc33513","sha256":"e00b07d174ab09ac6deedef61d9ba604835e019eb616d17e1dac0d145cad3b24","sha512":"8e7ffbf1a17adccdda10ba0b18a9788958d8083927c4942815d41aac2307b367ac0b1701046b16a2a091b1cdf70ff7692203a7d13b58707cd034d2bf46975153","ssdeep":"384:sVtmceKyi6ZkSuiApsAXIkCt6iVqv7c/GoYU8Iqj5c2Pqb7/+SqfW3Y2eUb:MQce/iwDApsAsBVH/GoY7/qbT9LoS","tlshash":"4192d079b4d0b8e7b1cd9dc560ff800279af36622968daf1ae907217a9605dfca44422","first_seen":"2025-10-08T18:47:54.15141Z","last_seen":"2026-06-17T15:50:19.230371Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1092,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":822,"receive":270,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getLogo?lang=en\u0026rtoken=Nl7Fk4eZnM\u0026key=web_footer_logo","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.109Z","timestamp":1781708580109,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getLogo?lang=en\u0026rtoken=Nl7Fk4eZnM\u0026key=web_footer_logo HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130,"size_decoded":482,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a281197152bffde173d34d94c2951633","sha1":"1c131f98b724867709f186690979ab5b0c29f7dd","sha256":"5b3c3afe6618fd09e4eabd54e08d087dfadb0729cf5f045df6abae2828651589","sha512":"2c281ff1215ccea184da8686a8cf8aa2708c41c5ab4c67e044f61ec041eec41e80f4ad795276b5d38aeb76a5bb4e40a46df327247cbde267ebc71f9ad7f219ec","ssdeep":"","tlshash":"6cc02b733b804c04270250c21d4e34c8950d11c38c021410cc4c9dd4c2130313307531","first_seen":"2026-06-17T15:03:31.947417Z","last_seen":"2026-06-17T15:03:31.947417Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2322,"timings":{"blocked":-1,"dns":104,"connect":276,"send":0,"wait":275,"receive":0,"ssl":1667},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getmarketList?lang=en\u0026rtoken=xlymGqLpwvCU1\u0026id=1\u0026type=1\u0026limit=200","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.117Z","timestamp":1781708580117,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getmarketList?lang=en\u0026rtoken=xlymGqLpwvCU1\u0026id=1\u0026type=1\u0026limit=200 HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11579,"size_decoded":11931,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4350ac29f199b940c0796ba4520987a0","sha1":"fa8a95d5709fc5771786dd6cd0387f8be22e0b59","sha256":"ff9600594fac3941e528022f09fcb2d9be6a20d10fe96502f519376cb632b2db","sha512":"03d7eb413e3e8c1260a76107efb49518e64225c2ad98c237606e733f4d54ffe9c0be2c1c025351f14c5520530fea0fbac6d317e7bf1cbbd78994dd920c24c42e","ssdeep":"192:mcLgUYe7n0cUM63Y0iID24wZWWmp0iikcPCUANw5e4XxL3a7Wvnb3iBT:mc0UYe7n0cUDYiaWWmp9cPCUANwzXx8Z","tlshash":"3a32c11627d84d70b2b28dc897c3d5a8657eb04abcc29f8353fd59a604d0a6b3716f03","first_seen":"2026-06-17T15:03:31.948911Z","last_seen":"2026-06-17T15:03:31.948911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1353,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/btc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.516Z","timestamp":1781708581516,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/btc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 4460\r\nlast-modified: Thu, 30 Jun 2022 09:13:03 GMT\r\netag: \"62bd691f-116c\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4460,"size_decoded":4802,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"9eb539141888680fff6af0fd28192cb6","sha1":"acb0616e046a9245bbbe5a103a7084aa84690143","sha256":"e1a52196ce78bb48c596194be187394057e3f8db03b2a314efbd358a9b1c0a46","sha512":"9a21f75879b30c9fb0adb138215d50e88cea6bad1fc7742ed866d21115330bed45a1a5d871e0918ab7c623f1cc309deb269bcb92cd4ead546dfad2bc509737db","ssdeep":"96:Wefn1ttzgLb0WBkw0JgfAsWEqgHcG5iU27QGmWCFCL:J1tZISnef4g8G5iU2N+s","tlshash":"bd911961ef9551fbabaa5a0e13fd0093e571ac7e5284da1528c7717f825afe10cf8d00","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T16:37:09.019484Z","times_seen":80,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/link.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.530Z","timestamp":1781708581530,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/link.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 4720\r\nlast-modified: Thu, 30 Jun 2022 09:13:07 GMT\r\netag: \"62bd6923-1270\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4720,"size_decoded":5062,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"daddfcd5b19144e686ba7f4048f9de63","sha1":"a1803333e242fd7ee0900da9f236a39f4cc2b802","sha256":"c707189076cf26f3b6c84b5c712f6f0e6b5de0279efbdb5d4d90d3698b8cd1ef","sha512":"646bbe55e2c6683959c978bd504fe71abcd8cc558129a42c9114593b70033c729a42469b919136a82e439d404518790a32ba8228e9c1245453c05cb2bb7addf9","ssdeep":"96:eqnGuMdVvZUGnDxNH6gJj0JOfJdq84MgqZIAWIJZhEHKPtZmOCGaZmPPPsj7:3mUEDxNH6gyJOhdZOqZLW7um8nPo7","tlshash":"aba16daef6781159e6d9744b030570699638d231240641a9c813c93b2a7f3aeaa426b3","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.018008Z","times_seen":92,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getBanner?lang=en\u0026rtoken=AESnHaim0f8","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.111Z","timestamp":1781708580111,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getBanner?lang=en\u0026rtoken=AESnHaim0f8 HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":457,"size_decoded":809,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"57b2d811d2fc9fa83c2a918633e1dc57","sha1":"73621ab6a667311a77dd820a405e08c86054e8e2","sha256":"047aab2fd71ef53f24eb6dcacca313a10398192cb7a112c7a47ce21b6e95440e","sha512":"16beec2c91bdd1caa78985160b624a052a541a05239502ac07deac23eca33fbf82a639f5bcc25e51b9dcebf881809ce163d599c2207a4d5ba73142acd74ebfdd","ssdeep":"","tlshash":"53f0e2261d6c6827b7c841ca04173068799e600bdd84409ac0ce8d5d40adbb0134b2da","first_seen":"2026-06-17T15:03:31.960649Z","last_seen":"2026-06-17T15:03:31.960649Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2216,"timings":{"blocked":-1,"dns":102,"connect":262,"send":0,"wait":275,"receive":0,"ssl":1577},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/dot.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.544Z","timestamp":1781708581544,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/dot.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 7934\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-1efe\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7934,"size_decoded":8276,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"74ed062f033581755bd71e7005d22502","sha1":"4c7208a79fa9851a34a749e19835ef0925bdf272","sha256":"1748a91695619836aac60ea1bc9d38a4a6e7909a92d98f36c15651ccb05ebb90","sha512":"303c13483ca5c01fce0b6fa254c4fdb93740844b08ded84ca8a0bb4e5989669b9b8fd0116ab20c57d4c91b0b625b5936b1abef6dbab829031d7cf709aa114a43","ssdeep":"192:WSYkkn9099VHqYV04cZcGTtSN3DNjiuydjwElcU9GQtt:58nSKYV0fODxiZ1aU9JL","tlshash":"8cf1aee3fca9dd123b6ca4866cf542b7626b12248194d64aff4cd807c81e6fda61e481","first_seen":"2025-10-08T18:47:54.120882Z","last_seen":"2026-06-17T15:50:19.248311Z","times_seen":24,"resource_available":false,"data":null}},"time_used":725,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/etc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.546Z","timestamp":1781708581546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/etc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 4097\r\nlast-modified: Thu, 30 Jun 2022 09:13:05 GMT\r\netag: \"62bd6921-1001\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4097,"size_decoded":4439,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"25142b79a3de886616c73a68e453d984","sha1":"43299b672ed710ce0a0e1b9ccd2d552b5accb15e","sha256":"b5b056cda87836b811627fb320e1cdcbf98edbfc30c68a4a20013c0c37b43bbe","sha512":"62b866a53db06bf11581d30f68d6bf1f40881d03f8470052612978c595b96d194195fd4aa55600af07d3f6a380f413125c7a94446f253d24647e6a944a70db41","ssdeep":"96:iP9Sli9htPIcpQU+lU8L4qna1u7LvpSBafIn:iP9CitNpWS8xa1ufvpY","tlshash":"ac818fc3c812c295104682f94e8dd0b831d04e5f5b05fc67369d6dbd542ca07eda5ace","first_seen":"2023-05-28T01:03:43Z","last_seen":"2026-06-17T15:50:19.227439Z","times_seen":81,"resource_available":false,"data":null}},"time_used":723,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":478,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xmr.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.542Z","timestamp":1781708581542,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xmr.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 3356\r\nlast-modified: Thu, 30 Jun 2022 09:13:12 GMT\r\netag: \"62bd6928-d1c\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3356,"size_decoded":3697,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"1a427fee0bd67c531b69fd143c56405a","sha1":"a3985aba306276b834887763bdcbd291f123270c","sha256":"c60054e81964269ce55dbfc325e99e3d4d491952bb516e3f68097ba475cf65ba","sha512":"40106610c0056285dfe7a02b810b456e19d1f96049874853b3fe76572f02fd9a477d764eb08270309f7f05d47d7049322cb9a6e753af492bb53a5b1f6efa1658","ssdeep":"","tlshash":"18615ce3dd6f1d7637369351b717b80288603df1ad5e733d5515181225120bbce553a8","first_seen":"2023-05-26T11:52:40Z","last_seen":"2026-06-17T15:50:19.231585Z","times_seen":50,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":482,"receive":245,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/0.1a10cfe064474e2a49ee.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:58.924Z","timestamp":1781708578924,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/0.1a10cfe064474e2a49ee.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6982713a-3a8f3\"\r\nexpires: Thu, 18 Jun 2026 03:02:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TkqpIG%2Bv%2FkbW%2BecikjFkQ41SSaMFNNLKagzSbdi3mUHqdR%2FXK8%2BTWLRg%2FOWHiy5VcNcuJY8EMBOkxw%2Ftr2qC6wKXqk2%2BcmhPQadiD68KIC3eikudICO0c9V9oZJySQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f03a4ac12efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":239859,"size_decoded":98757,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65516), with no line terminators","md5":"ea4eeb07128cd32f11e29425f273fa37","sha1":"e2198e737ceec7f7187517a7f0d74d54965f4ef7","sha256":"554710308996608ad4e914a7cf9e84b00410a75b2f33be0ec4890fbb9cf11e2c","sha512":"da29a36a85f1e1ae6146da8d479304d52f5af501a2d8804989a1fb44fff04d4a208d079a7f85aeb2d469371fc2f0abb15cdc2a74427028bef690face12af398f","ssdeep":"3072:3WR3NFn5VHxkt7zVrWogaYmdNDRBv9+HK2kKK:30rn5jkt/rFdVRx99sK","tlshash":"2f345b19b043b679487a4061202f2129b0752fd9a809d0a6f778dcd5adf4eb9232ff7d","first_seen":"2026-06-11T00:02:03.985543Z","last_seen":"2026-06-17T15:50:19.209608Z","times_seen":5,"resource_available":true,"data":null}},"time_used":833,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/bg3.0733f40b.031e605.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.081Z","timestamp":1781708580081,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/bg3.0733f40b.031e605.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/static/css/app.cf90406cb43e901fd1f78ed7c40d01b9.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-2fa73\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dS%2BTQg2C%2FvRV1kJRzRH2llsj8U1%2FYMVJy9tszUCWDXT2jT9110jQ10sOo4d0TIW7BTC3G0GALzC9wzgEU4sKZzKc%2BEE%2FuN%2FdLTbGbthnxspCd3MGWlruhoPcpipz9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 195187\r\ncf-ray: a0d2f0418c532efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":195187,"size_decoded":195969,"mime_type":"image/png","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=861, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x861, components 3","md5":"031e605788311a288e4b78483092c05c","sha1":"c6fbb5beb0150a25be47654d9fa8b1fa9d7a431b","sha256":"8d4a6bf0b19742c7c79386bb6966c65248b5bae1a6ae9021bb7adbd80f0c0529","sha512":"951f0bc0cbedfb1610245b86aa764971a35f8cc7d103c880c0c5623b5849368028f7d93f9fb8abcf5533e5f789cfd32d73a8a2eba2f4885e069d61fa0e43ab7d","ssdeep":"3072:VSGExoSGDzM1+9tglqgEsW2nIIxjSWwavbX/nAdz8hh0aG8mC6AHEpp5cVpK+GTv:kGMGDU+9mfTnIIZSbaDvAdSXRyX5c2+4","tlshash":"3714127797c2ce60e6a4493c71d284873c0eebd8691700c97defa747bf586a0b978056","first_seen":"2026-05-06T11:01:26.041568Z","last_seen":"2026-06-17T15:50:19.237079Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1600,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1073,"receive":527,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/charting_library/charting_library.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.576Z","timestamp":1781708575576,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/tradeview/charting_library/charting_library.min.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: \"6982713a-296f\"\r\nexpires: Thu, 18 Jun 2026 03:02:57 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4BAbLpWH4fWLp8X6pUMvDqCPWSM2yIDNG5RosEYQicYlYn2TAPIWLv%2FxvYoW1QJ3wmm8UjX0kdR2Fil1yR6VUUhLb%2F5XgKUI9b2zmL%2Fop79EiDgGVNHoWVpbbJsW6w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0255f4f2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10607,"size_decoded":4180,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10605), with CRLF line terminators","md5":"5b40dcdd638760f8051c1beb4963fd0c","sha1":"e24b3841ff36373ce7366055eca40e479886dd4f","sha256":"283ed6337112f2cae0dcb51a26326dad7e09c03b8699dbad441cf7c5ba35965c","sha512":"43e207cc06b5b0d6e9a5fc24052822e16538feed91d07f06f70d8f546fbfeeb63687f707ff0f2d54b57a9d6286bc2fed211b6a83fb604dc86227c9914c7a6c37","ssdeep":"192:9faWSo7kjFU8oBelr6lw2rfnzKIQPlaF1iJ7K+Ei/ISJhvHIheu5Ph3Ffa5:0WS2kjFU8oIlD2rfn2I5iNK+5/ISJhvB","tlshash":"93224058ed247c720acb40f0427f190f8239e678d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.009561Z","times_seen":77,"resource_available":true,"data":null}},"time_used":1551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/jquery-3.4.1.min.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.580Z","timestamp":1781708575580,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-15851\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zrKrAS933s6eDqyxp4JefXM04cz7zcLgnNVEmilO4iY7iQgZeRgGRsMKP7s%2FWbM%2Bn7%2FmUjkVuB9IIpL7PdZI015hxe1RI1zXuOWief2GQ3OujK4BLbWF58SNNba1tA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f532efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88145,"size_decoded":35282,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"2f772fed444d5489079f275bd01e26cc","sha1":"a8927ac2830b2fdd4a729eb0eb7f80923539ceb9","sha256":"2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a","sha512":"81f3b4d35aaa98af19a4d31ee5399d49e0f70ce52aadefffbf42c6c4489d9d50a49450eec8e9139a009da82b57bf677665a926d5ae913dfc4c74baeec186c422","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmw:jgZm0H5HO5+gCKWZyPmHQ47GKc","tlshash":"8f8319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:42Z","last_seen":"2026-06-20T16:13:40.692234Z","times_seen":7062,"resource_available":true,"data":null}},"time_used":1109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/xaut.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.519Z","timestamp":1781708581519,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/xaut.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 7688\r\nlast-modified: Wed, 15 May 2024 02:03:33 GMT\r\netag: \"664417f5-1e08\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7688,"size_decoded":8030,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"2615bb8aeb247f2b56501d9b299ca398","sha1":"6f94dbc3a1df9b6a69ef9a9d3fcbe8bfb3665593","sha256":"6bdc89d90af3a27056a874c2906ae19ce5bcee9884334303031251e25a4a50f0","sha512":"71ab52b12c29407996836faf6d7eb0a1737ccc02665e11e3bb55e19517f58e646870830e0654dd6b83abe2b6af9b81ada71dcaf7a0b702ddcfcc41620db18b5d","ssdeep":"192:W/0Mq6bv4UW4Z+vp+3saH4xSznCf398CsN7aqOk:W/BTv4x4gvI3JYxSo3983N7aG","tlshash":"37f19f00c064231ac30246b6ab45ea87ecdcd27ce76b792f9479eb44a9d00afe983546","first_seen":"2025-03-05T16:19:54.140594Z","last_seen":"2026-06-17T16:37:09.024848Z","times_seen":48,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/bch.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.550Z","timestamp":1781708581550,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/bch.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 16801\r\nlast-modified: Thu, 23 May 2024 14:06:05 GMT\r\netag: \"664f4d4d-41a1\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16801,"size_decoded":17144,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"2bd4379737af182cf6b374660ad7109b","sha1":"a0b1196695abbf8f226436f418d59d5e063f21bc","sha256":"f1af00d76c161758b8516a1744561a53d56cf64f531e069daee8707a483e995e","sha512":"358bd403fd26907aed06b9e3eb3f0b0d830e0302559d321ad3f5561b7316d14c47fff6ecef97708e69a397c6aa3bf966e7ef399327b19fe8d3f38b899340dd62","ssdeep":"384:5mnidTfSuu0nTbEaiXIpCg5uxNRiv5jq2a9NLTt7aeXgbA:g+usUa+Tg2iv5DSZ7xQ0","tlshash":"ee72d1c99f085c93730aaa4465b5f51337363fa9c99249e638f3142abff05b0442abc2","first_seen":"2025-10-08T18:47:54.181689Z","last_seen":"2026-06-17T15:50:19.214683Z","times_seen":34,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":474,"receive":235,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/doge.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.554Z","timestamp":1781708581554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/doge.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 22442\r\nlast-modified: Thu, 23 May 2024 14:06:06 GMT\r\netag: \"664f4d4e-57aa\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22442,"size_decoded":22785,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"0c569ef88ad83d698e3ae278f59132fd","sha1":"b82eb090eaf49dd1580af9a66dd224eec7a54d49","sha256":"ffb0c803df2aab477ba5e0d882010316e1fcea34405c8d74bd3d9fdfcc9e1649","sha512":"f2b59960c791b606903a09a59a8a19836a80c83389f335d59ed01df748c95578937ca2665e2fd3411cc0ca00bddb8d0899e12bfab94fada70900939534026258","ssdeep":"384:5mn2pcQ1upNUsOosNpbVoT22ZV+eGzt4HexSk83+n0rNlugJbb5DJB27y:g3Gsv+yT2CQG+bh0bdbb7J","tlshash":"5fa2d155de6199819c9fb40802e93bf67ea6cb400bdf755257f28e01c8323da2d4d85f","first_seen":"2025-10-08T18:47:54.22222Z","last_seen":"2026-06-17T15:50:19.245115Z","times_seen":34,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":471,"receive":239,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://mfccfx.org:3000/","fqdn":"mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":3000,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.189Z","timestamp":1781708580189,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 May 2026 16:45:37 GMT","end":"Sun, 02 Aug 2026 16:45:36 GMT"},"fingerprint":{"sha1":"5E:31:61:CC:72:37:18:84:84:8B:E7:D9:D9:50:74:C5:A8:3F:40:B2","sha256":"70:54:E7:35:44:0E:EB:D1:4B:93:CA:BB:30:E5:F4:2D:5A:36:87:A4:B6:83:FF:01:79:51:7C:9B:D4:BD:6E:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mfccfx.org:3000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://ctpfund.vip\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: /2Li3w62a8Qci0UapVuHHQ==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: yEhkzwecXVXYIHTAH+miniJ1dfg=\r\nServer: workerman/4.0.18\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":182,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":2930,"timings":{"blocked":0,"dns":5,"connect":265,"send":0,"wait":797,"receive":0,"ssl":1862},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/iconfont/iconfont.css","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.572Z","timestamp":1781708575572,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/iconfont/iconfont.css HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-acb\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JSFjYhEMGW9IPqWUY65B7WZ1iakyJyzCaqpDJTmXFGiW2aitgBgIPuOuSXsirWBzg7SGTQ9NxohI9Mc%2BlKJYbe%2FiJOQBHCK5RzC72Ncbs7ncNV2ww%2FZaV8uqQ3EIaQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0255f4e2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2763,"size_decoded":2657,"mime_type":"text/css","magic":"ASCII text, with very long lines (1881), with CRLF line terminators","md5":"33d9b388cc148e6dddd6a6a4a14c12d3","sha1":"913f02bd13b862ac68800eadaf1a484c3b20aaa4","sha256":"ae4df143a2ee5a22c936892413a619a5afb57d04f5dbac72c60e23994c804937","sha512":"ce1b4187dc69531155ec5db9fd5a2451d967cccd8b42367dd8b7f48f467c247a4317af37377dcfaf2da00a4800fc8c0c274ee2dc82f0796795aef6a802eefc91","ssdeep":"","tlshash":"ca51f8ba584d30804bb16c7073e739249e5418bf9f5a28c2b52a246d45f7e20e2d2bdc","first_seen":"2026-03-06T10:13:01.542912Z","last_seen":"2026-06-17T17:08:22.017048Z","times_seen":46,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/reg_checkcode?lang=en\u0026rtoken=qg1iLjf","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.108Z","timestamp":1781708580108,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/reg_checkcode?lang=en\u0026rtoken=qg1iLjf HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74,"size_decoded":439,"mime_type":"text/html; charset=utf-8","magic":"JSON text data","md5":"6d8cdb6ae446fd3b6842c627dae2a9f3","sha1":"f840365184c67ccb105db95cc0742674504611e5","sha256":"013c8075dd5198b118e390c7f2454c5ede8892e56b998309b24e83dafa646480","sha512":"efce6f351378d2a0a7abf51a9f4ab5435f61cd5eb86b3489cd27a7a6a6d507a623f5ed6c65a6ebf681e85501f17ec63988d7114db063e9f353871f96376fe738","ssdeep":"","tlshash":"8fa0244314dd303345034013cd0d1f014f3c10311d00100cdc4d534457730343131017","first_seen":"2025-10-08T18:47:54.152661Z","last_seen":"2026-06-17T16:37:09.020988Z","times_seen":46,"resource_available":false,"data":null}},"time_used":2161,"timings":{"blocked":-1,"dns":105,"connect":250,"send":0,"wait":307,"receive":0,"ssl":1498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getGG?lang=en\u0026rtoken=HGgGWw","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.112Z","timestamp":1781708580112,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getGG?lang=en\u0026rtoken=HGgGWw HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76,"size_decoded":428,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9bcaa42e82f386ca39a1ac1214c527a3","sha1":"498302cacdfd15b391c3ac0f5c637558fc896b05","sha256":"e37b131391db0feae71b864fa4d22cf4d2dff893a7fc7aef869b35a64840eb89","sha512":"411e52190f55ab84f3e209a77fd7944955abbb845e7f1c9669be8754cb6d13c3ef01d8105f085f9fd68f401152ff7d1a9d591ee56a875c9e7675d33784c40ae6","ssdeep":"","tlshash":"55a024103d041d041f0570075c0c7cc0715c10d74c410440dc451f3cc3130313703030","first_seen":"2026-06-17T15:03:31.975271Z","last_seen":"2026-06-17T15:03:31.975271Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2192,"timings":{"blocked":-1,"dns":101,"connect":259,"send":0,"wait":275,"receive":0,"ssl":1557},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/web/getParam?lang=en\u0026rtoken=cXTJSYQ7VCIvyDp","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.110Z","timestamp":1781708580110,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /web/getParam?lang=en\u0026rtoken=cXTJSYQ7VCIvyDp HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://ctpfund.vip\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nset-cookie: think_var=en; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1263,"size_decoded":1615,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5546a1a5770655ea944ebd2dfed5f808","sha1":"743294c0343362c520a67cc491d0529653439926","sha256":"8c7ba2b15dd31dbcf844bf783b9056cd090b26d15ebbcd32c744766f07049a05","sha512":"95ccef34d410f9e9d9bda789b49e4025191f04836beb1e56e497903837c3f9343e8ed8d3e4121cb373a0913d738275735fd89298e54378ce863e8e40826dfa55","ssdeep":"","tlshash":"f721054d31e80c7fe7c34449ad4b1255bbd969db14ee0cc546acddb438c68d3840a963","first_seen":"2026-06-17T15:03:31.976615Z","last_seen":"2026-06-17T15:03:31.976615Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2159,"timings":{"blocked":-1,"dns":103,"connect":249,"send":0,"wait":308,"receive":0,"ssl":1498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/sol.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.528Z","timestamp":1781708581528,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/sol.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 15133\r\nlast-modified: Sat, 11 May 2024 09:15:11 GMT\r\netag: \"663f371f-3b1d\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15133,"size_decoded":15476,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"367f1436ee9b3610228944bd3fff5688","sha1":"53a3635989c5d1ef5f3e5c4fbf38c61c9dd9484c","sha256":"bdb5738b9fc51dc6c2fa4abf481cf26c772c1cdaf1db2501f7f8723afd7ef5f6","sha512":"4f189650a7c61be87eea1dac761a5d0065fe7c6f356f4b949ad4b22de9ce77aa09a0bef6a844d7df4c7eeb43ebd72f8a571d42290f52cd3d3785e744ea647b71","ssdeep":"192:WSlJknydbmXHNX8ELXgjuy263TxjpRXs6qaVlbgAg1wB6pDqcwtuWSnQYT+asefE:5InlB3LSo6qelUAg1OVBtuWSndTIeSNl","tlshash":"b062cf6a9c707e4c075479448e7c769ab31b028163d3dc8eecdee00ba8a25b48d9dcc7","first_seen":"2025-10-08T18:47:54.131475Z","last_seen":"2026-06-17T16:37:09.027557Z","times_seen":50,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/logo/favicon.ico","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:59.149Z","timestamp":1781708579149,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/logo/favicon.ico HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:59 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B8F7kDl4r77WcQY0qV%2F6SfaZo%2BCGPKx0irTqtpid1M76TDF%2BPSvC6sLE%2F5eLVRDhgc99Z9MTAWiZcnyS7AzU8toHW1bbRTcg8yGAGz%2Bjwi1jXWnEJ9wAopgW6fIh6w%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6982713a-26c\"\r\ncf-ray: a0d2f03bbb062efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":620,"size_decoded":1351,"mime_type":"image/x-icon","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"e71901f4a1906296ef6d5a12656798f5","sha1":"2e92cbfa78fbe82cc6e57228509e8c5757377f39","sha256":"d5ac55aba77970de1708346460bf6c9f295d2da45ce7ed58897ba2b2d06e9330","sha512":"7560549f1707fbf0fffcf46b3c1ef3909c53f7f4a1ce59828dc31fab47b63ba9d7bc569912b1091a638fb65f126eee9461c4db319ba4ff0b512c0b2a866a417a","ssdeep":"","tlshash":"1af002faa290dd41826587643081e525e9a2f123af9323fcba09499626799c1f25092e","first_seen":"2026-06-11T00:02:03.989472Z","last_seen":"2026-06-17T15:50:19.218923Z","times_seen":5,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/app.c5e43283136f9036e96f.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.593Z","timestamp":1781708575593,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/app.c5e43283136f9036e96f.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-9a0da\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R%2Fc3KTkKbS0iYm%2FwgmLoW0w9hbl5SBDXQmK7gKtzBHAGWP1Zx8OzMK7MAkrLephCqYSVHTknhU2RTA8v9WPt5w%2FR1fgvNTgEARRILKwaNvFjq3kH6gJfzgj5No52yw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0257f5f2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":631002,"size_decoded":234318,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65130), with no line terminators","md5":"e4f8f34aaed53a2602f9785d44bacc3e","sha1":"28e78ae9fd576091f61e5e5f2476887378ecc24c","sha256":"b552b7ca732193d4242146efea4d57aa57706e817aa5c456130b59597168bb60","sha512":"a360a391ac603e7bd190c84b16bfe77a698b033c21b9a02588e9202a23744ba6526fd6b78dee01385b4f4d03300d9d1bfe24fb0c274b7a7b838aebbbeca55a95","ssdeep":"12288:JNrGrZCSofYWWoRh+NDJReynMlRPGNpiEj7ay0fDxEMo3wD6UcV9FY0ZconS//CH:JwrIYWy6imO","tlshash":"33d46d7b11ce59a819428a06728b7644f5a99c83fb53f8f044ddc62932f0759c53aff2","first_seen":"2026-06-11T00:02:03.977372Z","last_seen":"2026-06-17T15:50:19.228729Z","times_seen":5,"resource_available":true,"data":null}},"time_used":1874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1080,"receive":794,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/Practical-functions1.c0da3ff.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.102Z","timestamp":1781708580102,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/Practical-functions1.c0da3ff.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-5372\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TmjdaEOgrAzJTabBu2GJxR2Fj4ndsc5deRqkoLfyE29vgKcSaaGxIHtEpdlt7dqTxbLtqW8EN25ieNH08nUlz0J79bAUGh6jDtuQvgg12JyqcBpVNkFYb45mYcmZVQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 21362\r\ncf-ray: a0d2f041ac5d2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21362,"size_decoded":22130,"mime_type":"image/png","magic":"PNG image data, 177 x 184, 8-bit/color RGBA, non-interlaced","md5":"c0da3ff65a7ac5ad30efe0d4189f6bf7","sha1":"da0a6e5f35d7817c72fec31be4b42e650b220251","sha256":"7d1b05513ade90fb51b327e04ff5ed8d89512fd28061a445335521f7a2583937","sha512":"ca8ac12cad7e72353af544409e5a3288b2096839604e066f7665e93ada571ea9174519371c2cd55985d6df7f1442df822b409c122a39abb37d0b3acb458234e1","ssdeep":"384:MorgqrZ+NnAk5gUgAnd2vci1EfJoBGYsiPEkrCZxTB5ITXfnmRT:M1q1oAk5pgAQUqEfE/siPvIx95ITvmRT","tlshash":"97a2e101fd855a30ca98aee7128b6887e63dda81adc4129360d6fdbff254c3d274db40","first_seen":"2025-10-08T18:47:54.205989Z","last_seen":"2026-06-17T16:37:09.016877Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1094,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1094,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:02:53.624Z","timestamp":1781708573624,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:54 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1WVN2uKwjMwrVE03FfAtf1wyWiEF2UihiWAa6sP%2Bapdv1FaScpASgkRvdq2iDQJPA2cf9lL%2BCqzVF3tOJwfBP1YuW3p9ICxmMvTDBIFP5%2FXKPGtWoyTMH%2BgJLUvX6g%3D%3D\"}]}\r\nlast-modified: Mon, 15 Sep 2025 09:03:32 GMT\r\npriority: u=0,i\r\nstrict-transport-security: max-age=31536000\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0d2f0196c862efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T16:29:48.02362Z","times_seen":16584092,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/aave.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.524Z","timestamp":1781708581524,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/aave.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 7463\r\nlast-modified: Thu, 30 Jun 2022 09:13:01 GMT\r\netag: \"62bd691d-1d27\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7463,"size_decoded":7805,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"5cdd0aee69e8122fd5c09e5cdcd98624","sha1":"68ebafd85948ed3aaac87fb683aa655fdfaff4d3","sha256":"9ef23fac5df6aa17c2df63f9a9bd75116a079378ff33e407f6c17ff044738c23","sha512":"125f42ad5b32cafa0859d96226838798c7c5ed8fbb193bf0a698132415220ecbadca205521d858abbf31c56efa7e9681fe9b0ddefbb57021090ca32213f0dc06","ssdeep":"192:UP03OA6fWgKMO01wvKfgHwK+41cWvoRtjNPxrwo9hoWlA:80+A6f1NqvB31Ct1xrxhTW","tlshash":"27f19edd4fb240cefcbfe649c87720e67a04d211b78afa408bae7c96a990405c1a1d31","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.024304Z","times_seen":51,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/eos.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.553Z","timestamp":1781708581553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/eos.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 14068\r\nlast-modified: Sat, 11 May 2024 09:15:09 GMT\r\netag: \"663f371d-36f4\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14068,"size_decoded":14411,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"da9ba5e4a0300c76b10d5ae5169c5240","sha1":"9979b71310904ba882a05f526bfd81d9ffa8c155","sha256":"cf10f279b4d4d76e376495bc25361df686073d54c0fc35fd12679a8932c99199","sha512":"37645c70e3c862e21a52a3d5f7424a6fb4a70f6112c1d5566b684039d1616942e07ab907e681c08e1982d04b6d0f7af0d9e8ad625e9114c8eff5e03187147c14","ssdeep":"384:5enmj5rmwyZNMTHdD8NIkmEfJ99paN+FZ1YW5NNekk1wA6:MM9mwyZWFLdSGDgNlzA6","tlshash":"dd52cf075e460893ad08bed24dba466f7d76e7ecf402792db47b4d394ca0ae14217346","first_seen":"2025-10-08T18:47:54.191908Z","last_seen":"2026-06-17T15:50:19.248897Z","times_seen":36,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":238,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/eth.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.555Z","timestamp":1781708581555,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/eth.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 3516\r\nlast-modified: Thu, 30 Jun 2022 09:13:06 GMT\r\netag: \"62bd6922-dbc\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3516,"size_decoded":3857,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"e1bc34d227baeb59b92475d8f7642b9c","sha1":"6f0c77064b9409b0a033281f1fc61479c90944b8","sha256":"44dc496a6f8f3214e47a8ac45adf6b81792de84f5f33f5257a0759865514c8e8","sha512":"f8f0069a89d9c9b957329b574485cbe5103c5af096ea10b1289e909c35de8d5cf14ac8b418366622bda20a887d49658d792772d090179efccd4aecc6c98a45ca","ssdeep":"","tlshash":"24716df2d915033083fab0719b0492dbeb64f74519c4a0698d9c8d2924b9e34b2d22bb","first_seen":"2023-10-28T09:52:36Z","last_seen":"2026-06-17T16:37:09.007499Z","times_seen":60,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":470,"receive":239,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/img/Practical-functions3.3ff97dc.png","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:00.104Z","timestamp":1781708580104,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/img/Practical-functions3.3ff97dc.png HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:03:00 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\netag: \"6982713a-6999\"\r\nexpires: Fri, 17 Jul 2026 15:03:00 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6fenKkkUMoRuCQoSCj2%2FSovikWTQsvqfLWxIdYSaNXfNg%2BexMPlSKy9cfH%2BJwK2zYzkC4ik3ty5Lp8yMHmjpeav7qv5NXyIvE9uHqmh5uR8PcxfQI6M425pDYZ2Cw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 27033\r\ncf-ray: a0d2f041ac5f2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27033,"size_decoded":27807,"mime_type":"image/png","magic":"PNG image data, 169 x 191, 8-bit/color RGBA, non-interlaced","md5":"3ff97dce9558ea7021ca410a2e730de8","sha1":"3d803d7eb5a242b5c035e0ed7d5ece557bb7270c","sha256":"4b8993833834ff23568d9fdd40d103942568b53a3ed0704fb3c678fa9fd74d1b","sha512":"43608f5e99af7dde42bd05abdf77df4b62670631c4650a66d40c7b0b9c81a9fc0f0226200b988bf3e5badf5fd27da158d1286f1eec1074b1a1291fd04f62336e","ssdeep":"768:dZ+x9Nc9X5WnhV3dSH/x8daijhvFT5thhL:dCIWnhV3dSH/OaeBjL","tlshash":"25c2e1dd8743af06c8399d6319faeb3608d09108564aa947cacf4fdb462f2b274605d1","first_seen":"2025-10-08T18:47:54.17253Z","last_seen":"2026-06-17T16:37:09.027031Z","times_seen":20,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/ltc.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.552Z","timestamp":1781708581552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/ltc.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 3000\r\nlast-modified: Thu, 30 Jun 2022 09:13:08 GMT\r\netag: \"62bd6924-bb8\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3000,"size_decoded":3341,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"d2aac3e0950db13ab4de39f9b3fb3250","sha1":"7874f43168bd616b0dfc1b1dc0f80690325a6504","sha256":"8763ad8af5caefedb4b1a20bb07625cc896c037cb9b0ccf735b9f29f4b51710c","sha512":"22f9c75684a6635b92cb83e637494c0b6f0b47c22c062596b42186e8aa063bc2b2461b3ded4b4b85387ff25e8dd53e900c757ecd289182e30be2e20389b38a2b","ssdeep":"","tlshash":"be512bc2f3ee59bbdfa08d01990d4737e22894a320915ce716355e3d1a12d9dda00ead","first_seen":"2023-05-06T18:37:16Z","last_seen":"2026-06-17T15:50:19.216652Z","times_seen":94,"resource_available":false,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":473,"receive":235,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/country.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.585Z","timestamp":1781708575585,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/country.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-ace1\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wcYNt3%2BBfpCcPREyS%2FKXWYD3%2B0jaFC%2Fz2DRn6yHGVj7N%2Fkl9%2FzJELgJizdWZg32pfRk4Nf%2Bc3PFmWfqYlhQIWOuhR6eE00rSCq35gdWXFRasCGkruBIUQRSaiqdGTw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0256f582efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44257,"size_decoded":12406,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"934ce1bc63cc0b533f1730f24ec99f60","sha1":"8baa171118f159aeb9262682c4ff7fc0beaa4e27","sha256":"0b8e59036da400724f03ac13e3e64733c41dbb8d5255331cae85f5642694154f","sha512":"ba86b99d3c5759bc1398a25c1425b0eb38fcacef2ae5dcec0c83cebf765a48609a0604b358a44713da9a43d3c20d7ee9d1b126be795c8ba6e88291da20fd6ed2","ssdeep":"768:MOede5L4arkPlqiTnrdkwYwUdQPdGp/P6zRlPLQ:SFDduB6zU","tlshash":"04130f1bd1aa8cb7a9bcc51af0b5b264f4445b2fc35116c738f8730d5fb2629011e6ba","first_seen":"2025-08-04T11:59:40.026527Z","last_seen":"2026-06-17T17:08:22.006666Z","times_seen":49,"resource_available":true,"data":null}},"time_used":1212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/js/manifest.d75d13c50ca7633588cd.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.591Z","timestamp":1781708575591,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/js/manifest.d75d13c50ca7633588cd.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-c2f\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gDMTQdvi4PrIwisFm%2BwBaROYzdreA5C7fb1dp8Fy1RYZHT3YEwtwY3efi8zYf%2BMwLMyUzVvi7vwtbPwBmQQnZ9N8jtTyAXu52hxVzap%2B%2Bb%2BIVJdae%2BiYI3mRZL2q4Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0257f5d2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3119,"size_decoded":2677,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3061)","md5":"b42ec6b041111b0885f237891e79de83","sha1":"d7a17483253efd0415a530d5200da3eb492b4d4f","sha256":"2a018e563c5e316c7b5375d0b0189d7a71171944e65d009e705d585cf3f88891","sha512":"06d9e8d57fb1a73ecb5c24ecaa1ad91a1b6e54e152bf540bba02c95f207d50bd1a4e042558cace35015e3eb7d42642843e13952f0cbe71cc1f9b0aaa56d9f7ad","ssdeep":"","tlshash":"c451d89e7a7df9d667b10c94123bb6a9b13c3e205d2cdc50e3cde6a83825c5093126a7","first_seen":"2026-06-11T00:02:03.915568Z","last_seen":"2026-06-17T15:50:19.217945Z","times_seen":5,"resource_available":true,"data":null}},"time_used":796,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":796,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.mfccfx.org/wzpic/trx.png","fqdn":"api.mfccfx.org","domain":"mfccfx.org","tld":"org"},"ip":{"addr":"47.236.224.27","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:03:01.535Z","timestamp":1781708581535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mfccfx.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 00:31:19 GMT","end":"Wed, 08 Jul 2026 00:31:18 GMT"},"fingerprint":{"sha1":"18:DF:E0:A4:D7:DA:F6:DC:EE:29:43:6F:95:A5:50:7E:B4:FC:84:44","sha256":"B1:97:19:F5:01:C8:7D:8D:80:92:C8:C7:1E:17:55:94:1F:D4:1F:F2:E3:A8:75:D3:4C:74:B6:DD:E0:6A:F7:3E"}}},"request":{"raw":"GET /wzpic/trx.png HTTP/1.1\r\nHost: api.mfccfx.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 15:03:01 GMT\r\ncontent-type: image/png\r\ncontent-length: 6495\r\nlast-modified: Thu, 30 Jun 2022 09:13:10 GMT\r\netag: \"62bd6926-195f\"\r\nexpires: Fri, 17 Jul 2026 15:03:01 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6495,"size_decoded":6837,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"53d1c2f9fe08b9e1876cfe48d8515b9a","sha1":"cdcf316d85014fa6ff4e3734abbb423d1059dd8c","sha256":"5a64c819fd826d8183b1eae37b023fe72fd41d0c0c38e0311131d934fd0840bd","sha512":"4690750a0d8bd06649658f8fd84eb75409177aca8ba881aed166a370c4c7a2bd2ab6d28473a4df334e218d24830c3bddadedb48a7846907c14859c64279eb713","ssdeep":"192:G8+yL4eaVKn8cDxhgtcnwDnAJ6NjKdsVTLMLasKPQ:R9dDn/DUDAJcTAOst","tlshash":"27d19eb96367e69aa9c6f5b99b39e6225f62ddd0dcca15f20e98820041f3040b5814ee","first_seen":"2023-05-06T07:16:23Z","last_seen":"2026-06-17T16:37:09.011843Z","times_seen":116,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ctpfund.vip/pc/static/tradeview/datafeeds/udf/dist/bundle.js","fqdn":"ctpfund.vip","domain":"ctpfund.vip","tld":"vip"},"ip":{"addr":"172.67.186.84","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ctpfund.vip/pc/","date":"2026-06-17T15:02:55.579Z","timestamp":1781708575579,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ctpfund.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 14:12:15 GMT","end":"Sun, 19 Jul 2026 15:09:57 GMT"},"fingerprint":{"sha1":"03:36:02:A5:BA:69:61:67:CA:2D:18:46:BD:9C:A9:42:59:CD:7C:88","sha256":"D6:44:6C:CB:70:61:8B:20:E1:F8:BF:F2:5C:FD:FE:52:2E:24:F4:41:4A:36:77:35:2F:34:CB:F9:BA:2A:9F:5D"}}},"request":{"raw":"GET /pc/static/tradeview/datafeeds/udf/dist/bundle.js HTTP/1.1\r\nHost: ctpfund.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ctpfund.vip/pc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 15:02:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 03 Feb 2026 22:05:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6982713a-346a\"\r\nexpires: Thu, 18 Jun 2026 03:02:56 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EL%2F7fvI6uo4ssZaU28zzfwrb9oW1XvRyRltIqDrI3WPItLKkEMFA4aaje0YyBRFlaTzm%2B8YFU0pfYi90ZoPWBPPtArfV0Lau3TC1llzUSQd16l4HxhseaPUd%2F9%2FegA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d2f0255f522efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13418,"size_decoded":5375,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13416), with CRLF line terminators","md5":"c356bdc37296546bfde0acb3327ce305","sha1":"e5073d9fcd7820ee78cad1dbec5ecb5943bbb349","sha256":"bac505309e80d1ba3bf808a88e92ff2352bca9414e499ac8c68534d5dd276d33","sha512":"ad67bbf55927bc36b37f161724ef1a164b06711b5b2e86ee18add9bd7e613c73606fa62823635253587640de1915a236c226b0008361dec7fd426e57285ee52e","ssdeep":"192:Nge0jAoNzmAHSq7KhHcA1rQ1S2ZOAZXR0zA1GCL1G9U4jUs+f1gmUiC+xUv+4R5T:Nge0jAoNzmAHZWNASZNVziC924HAAVMY","tlshash":"c252a5da7611302142936032e87f2407913aba16688a903c71c9edde5efdb1deb17f39","first_seen":"2023-03-26T07:29:42Z","last_seen":"2026-06-17T16:37:09.010621Z","times_seen":64,"resource_available":true,"data":null}},"time_used":824,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":824,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ctpfund.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}