{"report_id":"4ef2db08-2742-4a31-aa61-de48752253d0","version":6,"status":"done","tags":[],"date":"2026-03-03T17:27:36Z","url":{"schema":"http","addr":"tolegrom.club/","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":0,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"tolegrom.club/","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"title":"Telegram","dom":{"size":7855,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6559)","md5":"13d6f28ad403bf4168c1505642faa2a6","sha1":"03358af2050e8de7aa60c40d348ae28d0d7a587f","sha256":"e22baf8bf676c36de7a76fda580dc01036bbec59be3fea714e980c0eb679bc78","sha512":"9ad06ed531e15a9e161fe4776e7f140ae74a65b106f1e3c6dc5ce30eca312a2f50a69d4076df09983150a6c3efe136c30190579115910a7a5c145225eac91f01","ssdeep":"96:R27pUIO7ZUWsSh4c1gtJjIMfl6G+7KsUnSORus13poBTaoBX8occ2mHV:k7pU1ZUt7LtJjV0ZUSQus5CB2o58oZ1","tlshash":"eef17362e714e83a2313067d71a1f14d42e3e44bdbd1aa50b9e972e20f8fdb680f7651","dom_hash":"domhash9c30ad8943648d5e19ecd394f905cf1e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tolegrom.club/","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":0,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-07T17:27:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-03","alert":"Hunting_JS_WebAssembly","trigger":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tolegrom.club","ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"domain_registered":"2026-02-26","domain_rank":0,"first_seen":"2026-03-03T17:27:39.103316Z","last_seen":"2026-03-03T17:27:39.103316Z","alert_count":118,"request_count":38,"received_data":2513410,"sent_data":17478,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"api.tgacbew.club","ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"domain_registered":"2026-01-18","domain_rank":0,"first_seen":"2026-03-03T17:27:39.095683Z","last_seen":"2026-03-03T17:27:39.095683Z","alert_count":0,"request_count":1,"received_data":369,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"zws2.web.telegram.org","ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":491032,"first_seen":"2021-06-24T06:55:52Z","last_seen":"2026-03-03T17:22:18.119604Z","alert_count":0,"request_count":2,"received_data":440,"sent_data":1190,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tolegrom.club/compatTest.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b328e15f89116105372eddac365cb6f2","sha1":"da1979ab60b891ec53dd318be90a09a83124bd87","sha256":"22c6b05f0b138dddb5711fdb998be90abf8093e271085bda6448bd6bc72c95d2","sha512":"38e5c9e6cfdea39e896fe40c470587ff5e1da066e450bba57a435f9b96d539ff69adf1e0d222abcbdbecff5f2f709e222154712f4519a46938af0c2a06bfb96b","ssdeep":"","tlshash":"9441052a0cb173a1607960667b1ff1837a298172054ceb64e620cf357eb185bc25fdf9","size":2245,"data":"","first_seen":"2024-02-24T23:46:30Z","last_seen":"2026-03-03T17:27:46.655107Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/main.51bbcee8b15b80b8ee0c.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f97141a677d4ad39fcf9ce553b33e7ac","sha1":"7133b374cbddea6db70c0fb2365208352a5d755b","sha256":"95a6a5c1c0ac7e45f1ab2f30c1ee7762476c601681feada2f3b7a6866921e993","sha512":"821d0dc887ed581c43f76c3e543f4a3013b67fdc0e490ea834119aefc97b048ddcd4ae59a6b18b08aa7d58fc6dad3daf8f91120ec4e9ad71d6da7ac1145cedde","ssdeep":"6144:woOsWcbB5cbMTT1txolg68w1ppkUCi2D0yfotJ+i1v4dHgidJ2TZEd/p+4ih:woOshB5cbiT1txoe68w1pp9Ci2D0yfoD","tlshash":"a6844cc57182b8a962e705e6a4eb0198f634590038098464f1bdfcdd3e369dba3b3f5d","size":389176,"data":"","first_seen":"2026-03-03T17:27:46.694613Z","last_seen":"2026-03-03T17:27:46.694613Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/1915.44f46b9209d4c21e2dae.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fd4abffe4de6fa1955cb7c9df7c0a808","sha1":"860f583e5ef2f6ddcc0c464fb4a87d7e6eb955b8","sha256":"166b9c140da17864486aaa8e6d53ad4169ffaac1b2101c73680550f9331c926f","sha512":"1759e1f0e7fc28f649e69639ee2ef0656aa14e11e12b0d1ff2d9287bf2b13870deab9de427113a8eb729eb5a6b3678e944858fee7f2b89cf120a08b5f4a3827b","ssdeep":"192:R/kF3DWtg5I3cTKk/Q4yZOXG/lB0wKqwztTSuIdmPignIi7SdibRs1YpZNWBvYA9:RI3Dbac/TW30J/tBROZXyEW0NZub+","tlshash":"3682e76bee110c2e02d351a7f9ca3106b5b982a6d2505470d36dd06f03ed8de367fb69","size":18166,"data":"","first_seen":"2024-02-22T12:46:05Z","last_seen":"2026-03-03T17:27:46.669619Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telegram.me/_websync_?authed=0\u0026version=10.9.2+A","fqdn":"telegram.me","domain":"telegram.me","tld":"me"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-04-04T13:49:31.951693Z","times_seen":352957,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/3748.1a1c8ea27626019eca8b.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d996253fd164ddfef95dc195e2e9f330","sha1":"2de860fb22e91210a093fb7f03c56f4c82505665","sha256":"d8fd053642c68d01f1aa0068feb4fd919553b24923fe9c2012f96a590b65dfb4","sha512":"b20a8e73f2793f80fcde73a1e713e4494ed01ff186cb31f76f4435717eed785096163ecca93f9a0d2b41bd875e76357ecc2d2e4ef562b93691081f9a661e75fd","ssdeep":"192:2Vcn1feShD/DSPaDamkt0M/YPAoDc+EuGsVczzS8W6DWAVYBB382Q:2VIUS5/DSCGmkmMA7D/EuGsVgzSlkWMh","tlshash":"b212e881b232747e626794d6e6084a03aa3591587c0da1bdf77c78fb2c9580b34bcf79","size":9834,"data":"","first_seen":"2026-03-03T17:27:46.700575Z","last_seen":"2026-03-03T17:27:46.700575Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/redirect.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","size":325,"data":"","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-04-02T18:53:44.715114Z","times_seen":11409,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"9485bc588c5557e63430adbe9536997f","sha1":"f227d13c142b291aad69b6b70845d675ce49a4dc","sha256":"8bd8838c542a62b02742be4cba911fcaac326ee4a6d49c024c8885d4f3913a17","sha512":"ec76af35686da52150c44c52797022979e31cfd8948993074b3354001c90de348d20bccea2a74c22ed5517090315f8c2162e4c0ae6396f2ce74bf14f8b22f699","ssdeep":"","tlshash":"32d02b7b58f690559013341d4b2f412021b3892b2d45c665789dd3464f08134061b7d0","size":289,"data":"","first_seen":"2026-03-03T17:27:46.707767Z","last_seen":"2026-03-03T17:27:46.707767Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.me/_websync_?authed=0\u0026version=10.9.2+A","fqdn":"t.me","domain":"t.me","tld":"me"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b326b5062b2f0e69046810717534cb09","sha1":"5ffe533b830f08a0326348a9160afafc8ada44db","sha256":"b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b","sha512":"9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de","ssdeep":"","tlshash":"5430000000000000000000000000300c00000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2026-04-04T13:49:31.951693Z","times_seen":352957,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/6839.01a53cbedf5d86d252ec.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2075f46f0950d8614b73045505b7aafc","sha1":"34da1902bc42580deab249ac8ef5c4901d243a43","sha256":"f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1","sha512":"c86f9062cfe41a8cf4e7e2d3f5767c6b6ecb64aedabcca5e9dd67914bb914bc50d5cd93861f98817725b6309805c8598715e31eb3104978e40a0d9dfa734c88e","ssdeep":"768:Ee+ebTqPIHWzl/cIO4HI+ebv3djbql2cPg+bwTjhva4HASW:vb+PVzl/cIzdyw","tlshash":"8223e8a9b381a1b66a5695e3403b0447f138f6252816d06cf739c8de687cdc5b93bf38","size":45754,"data":"","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.683941Z","times_seen":645,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tolegrom.club/favicon.svg","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:17 GMT\r\netag: \"37c-64b93c9bac440-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 539\r\ncontent-type: image/svg+xml\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":892,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d9ee2d4b0edd9f8ba2fb7242162c2c47","sha1":"398522893cf2cdefb5176f11bc67eab31c2d7382","sha256":"a462f1c5333e16b48335054493cfd1d0a13a96847b4b9ffe2cf24403e6e86010","sha512":"e404678e96fe6f6d1fe6c1390e4a64d90844a2d8903f84f1a34b23137593da5ba04112d9504b8bf480b392b294830a363344c5767e3bb5b7a3cb6f5df2a3aa45","ssdeep":"","tlshash":"97114493d060e71ad4c9e16bef61fca0116720cee5b745d485d95a34500fcdbfc08668","first_seen":"2023-05-09T00:01:39Z","last_seen":"2026-04-04T11:04:06.165504Z","times_seen":13760,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/4680.84361a6f376ba09ecda3.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /4680.84361a6f376ba09ecda3.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2828-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4521\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10280,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10226)","md5":"d6a550adf85c47466544b511202402cb","sha1":"527abb3e562affd1bbe684d40c3a7f9a81941f67","sha256":"e47801df0f1551783a629ae44046aeea483eac5ced0e2a3c1f256697849a9604","sha512":"b58630f3735adb3c4f8824759a36a7b53acbe28fa264ea0990c3ef9d882f661919f778304a5f525fe8ba18476e2242f310439d57305186b57e613f708c6a97c9","ssdeep":"192:+dK5WVYG6G8UxYs1MlbKq2Y/WkFYmMWYW5zIf0hVetjFCfRCjkG6yScwLnhoK7RM:+nQUxYs1SdD/WkFYmMWYczTq5uCQGFSg","tlshash":"5d223bc03122783652936996a47f200374356b64784f9958721defea392be8b7173ff1","first_seen":"2026-03-03T17:27:46.643631Z","last_seen":"2026-03-03T17:27:46.643631Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/5802.36a9971f58c808c4a974.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /5802.36a9971f58c808c4a974.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"541b-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7600\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21531,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21394)","md5":"377d06c30eebd149e43e37a12f0bc3a6","sha1":"0bedfd302e5fc849518158b650612361fc160e99","sha256":"a6456f4285ecaf7f44d25cde45f56f6afefbb7fea2e36633e4bb4e0e5ebb8779","sha512":"d7a2c2a1f4be6213e9beee7784c0de04ee40c12986605940b27be9a1e6f2c31c0d15a61afa2c04ef67f7788cb09384f30a543973c70996c0d343d2676f596486","ssdeep":"384:yA3JV5i17HY+SWId88Q+0VL3oQ0LmVIkTzxr1mQ024BTQ2tp2BLRX8tRiWym:yA3JVMdHR8cVL3oQ0LeIkfT024BTQUYS","tlshash":"13a21bb766f915d652e848e808cb189951f4e0223d86293d5134fdd220f2cdbf2eb9bd","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.646651Z","times_seen":447,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/1649.23ef32650e96d33d6586.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4790.f820eec6b1e62a1da531.js","date":"2026-03-03T17:27:17.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /1649.23ef32650e96d33d6586.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4790.f820eec6b1e62a1da531.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"af5f-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 13868\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":44895,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (44841)","md5":"d185f3823bb419e0227eb45b85facdca","sha1":"b50068ba63e52fd9d71dbfa7cb42fe82a6f4af16","sha256":"fbcc1367611f1d387d2b7340f92b66b4a0a5311742ec3d806d848692b98e78c9","sha512":"5dc4f3d4b251332baa45149f234148e139b0a6952fcac3d875d50dc162d6f6bb59dfc442da67cdf95d2825e5aeff9bb704d4242bf211c959cf0dc58bd0505331","ssdeep":"768:+9P7jiBBMXQhxKk3FnFJFb/N6rWfbBaZMCnMc1Hx3f:4/iBBgyKYFnFbb/N6rWfbkeYMYR3f","tlshash":"8b136484f6e2b0b1439371e0443b504af33e6a6ca44d80f8e695d4e278b685d967bf39","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.650188Z","times_seen":587,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /rlottie-wasm.5e3833cedb8fb71c8d8e.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"1005e-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 19681\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65630,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3559b2b89d032ebe64593c61c4ce75a0","sha1":"0f6cb82095dfedfff7a1eb3d320e6c991ff5f479","sha256":"8524c2222885bf761b5f366d8e1d465a668f7061f8fcc2f01250d446b2dc554a","sha512":"ea3bce8c1fc2cc640dae469ba6f6f01f1708999f5a6c3dfece28571b7292b81b435073b62e5ea7169c00d00bb8c1eb1c83fa878c215d0455a6db0d0a53e16aae","ssdeep":"768:O6T4cchKQ6eO1P2Wgcdxazvs5X0gBBqfRna76Ae/FqsSwYTRrqhlr3NqR:oMQ6eO4+IU5XYxjvq1alrcR","tlshash":"e353e88535d9b0ab42833878946f314bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2023-09-16T03:06:02Z","last_seen":"2026-03-03T17:27:46.653061Z","times_seen":567,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-03","alert":"Hunting_JS_WebAssembly","trigger":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/compatTest.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:14.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /compatTest.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:17 GMT\r\netag: \"8c5-64b93c9bac440-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 908\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:14 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2245,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (413)","md5":"b328e15f89116105372eddac365cb6f2","sha1":"da1979ab60b891ec53dd318be90a09a83124bd87","sha256":"22c6b05f0b138dddb5711fdb998be90abf8093e271085bda6448bd6bc72c95d2","sha512":"38e5c9e6cfdea39e896fe40c470587ff5e1da066e450bba57a435f9b96d539ff69adf1e0d222abcbdbecff5f2f709e222154712f4519a46938af0c2a06bfb96b","ssdeep":"","tlshash":"9441052a0cb173a1607960667b1ff1837a298172054ceb64e620cf357eb185bc25fdf9","first_seen":"2024-02-24T23:46:30Z","last_seen":"2026-03-03T17:27:46.655107Z","times_seen":124,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/main.fc7a7499e679369f9119.css","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:14.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /main.fc7a7499e679369f9119.css HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"1ab88-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 22235\r\ncontent-type: text/css\r\ndate: Tue, 03 Mar 2026 17:27:14 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":109448,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11172)","md5":"d84749e2a7ded045e11e16c7e935a98d","sha1":"66274fc3a623da66e903f70be5d33863b9273705","sha256":"f37a3c8d4d7fc845391c3bd81e7adf3ee914ce15b2d6ba5e7006d1fe929f0662","sha512":"ce5e6c3d4a26928a1890941ffd151becbd50cb7bf4fe6bc92c68380cd57d4b021fdaf076ec2557cc05482c3a48ad818de927f8252eca1a88c72b5d027c1321fb","ssdeep":"768:jib30mlPrvvDrbYiQNP2IgG7Twnoo9mb6Ub0J1AnEBc0C1s6tfEEV+9orlKR:jiFbYn2IgGnZQ1Hn2f3y","tlshash":"acb3f998e94411f9ab23c23e97c4d76c9d38e481de210fafb247655c07ca3eb11d2b59","first_seen":"2024-04-13T19:56:13Z","last_seen":"2026-03-03T17:27:46.658416Z","times_seen":10,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/notification.mp3","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /notification.mp3 HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nlast-modified: Tue, 24 Feb 2026 15:46:17 GMT\r\netag: \"2a80-64b93c9bac440\"\r\naccept-ranges: bytes\r\ncontent-length: 10880\r\ncontent-range: bytes 0-10879/10880\r\ncontent-type: audio/mpeg\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10880,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"eba09b6a457792c52fc610b5f9f974b3","sha1":"95e6e0f7648e28ea21bc434054ea59aba3a35aea","sha256":"86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6","sha512":"9dfc5ff830c9ed75c9923528c31e1361fa36500d76a209cd475984e5585a644c8aff1600bf02a658ef363436a51988ff1e63aa7606e541dc4a7b3449c5be4852","ssdeep":"192:RuQQeX7rYX/WUUIk8DLh+2BHpZqlXCYP69tuORf6tVQRa/nwNQBv5JC:RRYeUUEDLk2VClyaV0aZ5g","tlshash":"37226b18af11056ef4866bf0b3939b8dc42d26c37a26d4cdd3a5d7e369430e2a7d500d","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-04-04T11:04:06.163873Z","times_seen":16533,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/5802.36a9971f58c808c4a974.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /5802.36a9971f58c808c4a974.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"541b-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7600\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21531,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21394)","md5":"377d06c30eebd149e43e37a12f0bc3a6","sha1":"0bedfd302e5fc849518158b650612361fc160e99","sha256":"a6456f4285ecaf7f44d25cde45f56f6afefbb7fea2e36633e4bb4e0e5ebb8779","sha512":"d7a2c2a1f4be6213e9beee7784c0de04ee40c12986605940b27be9a1e6f2c31c0d15a61afa2c04ef67f7788cb09384f30a543973c70996c0d343d2676f596486","ssdeep":"384:yA3JV5i17HY+SWId88Q+0VL3oQ0LmVIkTzxr1mQ024BTQ2tp2BLRX8tRiWym:yA3JVMdHR8cVL3oQ0LeIkfT024BTQUYS","tlshash":"13a21bb766f915d652e848e808cb189951f4e0223d86293d5134fdd220f2cdbf2eb9bd","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.646651Z","times_seen":447,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.tgacbew.club/api/index/addLog?_v=1772558835427","fqdn":"api.tgacbew.club","domain":"tgacbew.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:15.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"admin-t.tgacbew.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 26 Jan 2026 11:00:00 GMT","end":"Sun, 26 Apr 2026 10:59:59 GMT"},"fingerprint":{"sha1":"AD:DB:F6:CF:B0:72:FA:46:35:B7:AB:42:D3:AB:A7:16:0B:44:66:AB","sha256":"4A:88:B1:B5:FB:92:43:EF:46:CC:22:F7:1E:E8:23:AD:31:BC:3B:35:D6:B8:FA:3E:31:2F:21:F4:E2:EF:2D:ED"}}},"request":{"raw":"GET /api/index/addLog?_v=1772558835427 HTTP/1.1\r\nHost: api.tgacbew.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 65\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":1709,"timings":{"blocked":689,"dns":64,"connect":302,"send":0,"wait":331,"receive":0,"ssl":320},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2b30-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 11056\r\nvary: Accept-Encoding\r\ncontent-type: font/woff2\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11056,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11056, version 1.0","md5":"07db243db21ed0a6b4ff05ff429686b7","sha1":"5d62925fdd7ed8e80f206d095ed093994f13d276","sha256":"ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e","sha512":"d34d15e91ba706886f7b098b5a42b3e31d374fda47d6e873f10b40fbea78d848921d124fc17045e77c432bcf2b4d4adfe5aeca4c3122cec199ac92e3124541ec","ssdeep":"192:duC8R1LnQKFt7DX2XFEu+zjdNr/ucPDf/Teifn/m1t7w9vxUBpZRCo++TkXT0R97:dL8bQKFt32XF/+zhNr/uS6i+tU9v6RCM","tlshash":"9d32bf0731ed12a1f9e8b3b1b9adc3490ce275f00bbc52da8669787ed43660e95d0078","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-04-04T06:24:56.815993Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":411,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/4680.84361a6f376ba09ecda3.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /4680.84361a6f376ba09ecda3.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2828-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4521\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10280,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10226)","md5":"d6a550adf85c47466544b511202402cb","sha1":"527abb3e562affd1bbe684d40c3a7f9a81941f67","sha256":"e47801df0f1551783a629ae44046aeea483eac5ced0e2a3c1f256697849a9604","sha512":"b58630f3735adb3c4f8824759a36a7b53acbe28fa264ea0990c3ef9d882f661919f778304a5f525fe8ba18476e2242f310439d57305186b57e613f708c6a97c9","ssdeep":"192:+dK5WVYG6G8UxYs1MlbKq2Y/WkFYmMWYW5zIf0hVetjFCfRCjkG6yScwLnhoK7RM:+nQUxYs1SdD/WkFYmMWYczTq5uCQGFSg","tlshash":"5d223bc03122783652936996a47f200374356b64784f9958721defea392be8b7173ff1","first_seen":"2026-03-03T17:27:46.643631Z","last_seen":"2026-03-03T17:27:46.643631Z","times_seen":1,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/5802.36a9971f58c808c4a974.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4790.f820eec6b1e62a1da531.js","date":"2026-03-03T17:27:16.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /5802.36a9971f58c808c4a974.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4790.f820eec6b1e62a1da531.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"541b-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7600\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21531,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21394)","md5":"377d06c30eebd149e43e37a12f0bc3a6","sha1":"0bedfd302e5fc849518158b650612361fc160e99","sha256":"a6456f4285ecaf7f44d25cde45f56f6afefbb7fea2e36633e4bb4e0e5ebb8779","sha512":"d7a2c2a1f4be6213e9beee7784c0de04ee40c12986605940b27be9a1e6f2c31c0d15a61afa2c04ef67f7788cb09384f30a543973c70996c0d343d2676f596486","ssdeep":"384:yA3JV5i17HY+SWId88Q+0VL3oQ0LmVIkTzxr1mQ024BTQ2tp2BLRX8tRiWym:yA3JVMdHR8cVL3oQ0LeIkfT024BTQUYS","tlshash":"13a21bb766f915d652e848e808cb189951f4e0223d86293d5134fdd220f2cdbf2eb9bd","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.646651Z","times_seen":447,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/2041.5fe028b52e13d7a937b4.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /2041.5fe028b52e13d7a937b4.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"223ca-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 30622\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"39c6ccbfd0be3bc43e412a138b4c9f89","sha1":"440310a69dfb81c245f3cfeb4014a001db4ca72a","sha256":"c16171043dbabab93f501b594c1a988e99b034cd39dc6c50b1809a47d64036a4","sha512":"162dbe8f7f7ea25168abb7f275f3c24ac85fdd9880b85cf4cb234afa1bd823360394fd98b7c65f84f2734b360f1ecb5ccff5d596a28abffd825b8069332b82a5","ssdeep":"1536:hW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rs1:IXxq8mwmJs9N","tlshash":"0bd3c682f86424125382b1e654760709773af41ca9c941acfe6cfed569bcd8d32afb34","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.66503Z","times_seen":492,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/2908.93906069a597a61d8a4f.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4790.f820eec6b1e62a1da531.js","date":"2026-03-03T17:27:17.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /2908.93906069a597a61d8a4f.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4790.f820eec6b1e62a1da531.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"4386a-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":276586,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65486), with no line terminators","md5":"c9382c909765b93300e2de59884374e3","sha1":"c0b5e7052f7618c23aae46a4176e8f39f5b9d3af","sha256":"a969bac6d91c7fba712eb8583ba13c0f3f3d6081697b0abcd67c81d711aecf80","sha512":"26bdfaf1ad83873c2d2dd6706c6c4f3a1fcd6fdf09b0e29f1ae2a1c2cb70933988991867189f8a748d0185c55a458671648a1d428e27cf1939ef8126df5b2cb6","ssdeep":"3072:kAh4Pj0hA+wDps7EdOLMxrOLKbuLWvluziHUAjAfRMKgBm3Vy:Cb0e+wDps7FLiA2m3Vy","tlshash":"66440a707ee1572a5d432cd3f8b1b18263f4c0096314716cfaad40eb86b99ca57b9b78","first_seen":"2026-03-03T17:27:46.665789Z","last_seen":"2026-03-03T17:27:46.665789Z","times_seen":1,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"zws2.web.telegram.org/apiws","fqdn":"zws2.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:22.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: zws2.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://tolegrom.club\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: R6PJ2F8nn8KDamJLHdu4bQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 03 Mar 2026 17:27:23 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Tk57M1rmshp0rZ99zaBFfBSngdw=\r\nSec-WebSocket-Protocol: binary\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":0,"dns":1,"connect":24,"send":0,"wait":24,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-03T17:27:13.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"d76-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1309\r\ncontent-type: text/html\r\ndate: Tue, 03 Mar 2026 17:27:14 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3446,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3147)","md5":"894b6dd84dbfe2de5d2c5f0e4b9bc37e","sha1":"91948b90d2d211dd7e17423c76058ef9a249cade","sha256":"698d0a840c447c101fdd135030eb2a6dc9919ad39c832882e1db004b8b73c1e0","sha512":"e65ef9100487218174c02658bd8e7d2ad0c819018a6c80fe5640e565f165ae8c16b1cd06c7d8f764c3e3c668d242b4d70367eecadcf3d41e3dd738ec5546a12f","ssdeep":"","tlshash":"7c6100e34b28c84e2221853ad9b7f0c8c216d40f9da4bc50f599529b4fe5ef095732a5","first_seen":"2026-03-03T17:27:46.667092Z","last_seen":"2026-03-03T17:27:46.667092Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1621,"timings":{"blocked":658,"dns":45,"connect":302,"send":0,"wait":305,"receive":0,"ssl":308},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/redirect.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:14.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /redirect.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:17 GMT\r\netag: \"145-64b93c9bac440-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 204\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:14 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":325,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"17773b57b87a678c98e26a7cac72df6c","sha1":"7422857aa75ee81cabcec2eed6c4a6168f363ee1","sha256":"375141f2d3f04c733276dbff5d9208ff36b2db6a64abcee723179ac24797974f","sha512":"28d9e1c2af08154e653e2291db46f4110edbf9f5591192f8d695c8852f9c3c755d69dfb5a032a45f51e0a3fc9417f16c20d0772b1225ca9b85e5531e12fa8bfc","ssdeep":"","tlshash":"e8e07dda0279030417e013f36d82b4709137c2fb604c5d028d984321a1b9b4f5b7b84f","first_seen":"2023-07-27T09:32:34Z","last_seen":"2026-04-02T18:53:44.715114Z","times_seen":11409,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/1915.44f46b9209d4c21e2dae.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /1915.44f46b9209d4c21e2dae.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"46f6-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6282\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18166,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18106)","md5":"fd4abffe4de6fa1955cb7c9df7c0a808","sha1":"860f583e5ef2f6ddcc0c464fb4a87d7e6eb955b8","sha256":"166b9c140da17864486aaa8e6d53ad4169ffaac1b2101c73680550f9331c926f","sha512":"1759e1f0e7fc28f649e69639ee2ef0656aa14e11e12b0d1ff2d9287bf2b13870deab9de427113a8eb729eb5a6b3678e944858fee7f2b89cf120a08b5f4a3827b","ssdeep":"192:R/kF3DWtg5I3cTKk/Q4yZOXG/lB0wKqwztTSuIdmPignIi7SdibRs1YpZNWBvYA9:RI3Dbac/TW30J/tBROZXyEW0NZub+","tlshash":"3682e76bee110c2e02d351a7f9ca3106b5b982a6d2505470d36dd06f03ed8de367fb69","first_seen":"2024-02-22T12:46:05Z","last_seen":"2026-03-03T17:27:46.669619Z","times_seen":59,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":305,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/chat-bg-pattern-light.ee148af944f6580293ae.png","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /chat-bg-pattern-light.ee148af944f6580293ae.png HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"429eb-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 272875\r\ncontent-type: image/png\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":272875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1123 x 2307, 4-bit colormap, non-interlaced","md5":"3d558d8de7082a2b2355076c8988c3fd","sha1":"d74980e29b0ec2f102b0dcd614503fd42a255b85","sha256":"00745db819d91c37bf0f59bee00ab2efe9766fddcb726ff1bcb6847748b2bbc7","sha512":"5f6f62eba34a80efd63ec237536a288dacb799b1270d07f82b82f0ee280923349105acfab71333361ff3efdf64708cd682f89ac2831dc02d0d7357bb5c4c3926","ssdeep":"6144:rNYvpliapP4LNqNMaT3SU4+hRT2ieSaVTrewN69j+YOnZmDXxGjuC1:rNCpb+L7aum2Bt6hr/C","tlshash":"49442315c47c54964f1c08af035b679cb1939b8bfc16b33d67aadc0d32278d8a74baa4","first_seen":"2023-05-16T22:57:54Z","last_seen":"2026-03-06T17:54:32.157495Z","times_seen":811,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":305,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/5802.36a9971f58c808c4a974.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /5802.36a9971f58c808c4a974.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"541b-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7600\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21531,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21394)","md5":"377d06c30eebd149e43e37a12f0bc3a6","sha1":"0bedfd302e5fc849518158b650612361fc160e99","sha256":"a6456f4285ecaf7f44d25cde45f56f6afefbb7fea2e36633e4bb4e0e5ebb8779","sha512":"d7a2c2a1f4be6213e9beee7784c0de04ee40c12986605940b27be9a1e6f2c31c0d15a61afa2c04ef67f7788cb09384f30a543973c70996c0d343d2676f596486","ssdeep":"384:yA3JV5i17HY+SWId88Q+0VL3oQ0LmVIkTzxr1mQ024BTQ2tp2BLRX8tRiWym:yA3JVMdHR8cVL3oQ0LeIkfT024BTQUYS","tlshash":"13a21bb766f915d652e848e808cb189951f4e0223d86293d5134fdd220f2cdbf2eb9bd","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.646651Z","times_seen":447,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/8764.58763b7a689318950e51.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4790.f820eec6b1e62a1da531.js","date":"2026-03-03T17:27:17.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /8764.58763b7a689318950e51.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4790.f820eec6b1e62a1da531.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"6b32-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 8204\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":27442,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (27305)","md5":"0198d988a3400c6f4abdcd15352e954d","sha1":"27b573f135096fc85ce78ddd2dae6071de71bcd5","sha256":"b38c94050169465563c915a3ca347af2cbf5cb981995a5bc3bc88b5cfe017ba9","sha512":"03d1248feba8fa2d7f3031b184a4ee025685d698a923efcd70bcd7ed58ff244306b4ac36d09cd319a13ad2aca9c6613f1a54cf2185f6dd79fb41b012f6c89492","ssdeep":"768:owtqo27ZC/rMqRvxFsqfmdSwTRvzBobGsT3ZT3GiYl2T3yT3TJVcUWA7h5D1fRyj:JHVeLBoCEl/KrdfO","tlshash":"50c28584b7a5b07603636691046b541bf279ee28b44c58acf250e4f328b78da94fff74","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.679383Z","times_seen":593,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /rlottie-wasm.5e3833cedb8fb71c8d8e.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"1005e-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 19681\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65630,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3559b2b89d032ebe64593c61c4ce75a0","sha1":"0f6cb82095dfedfff7a1eb3d320e6c991ff5f479","sha256":"8524c2222885bf761b5f366d8e1d465a668f7061f8fcc2f01250d446b2dc554a","sha512":"ea3bce8c1fc2cc640dae469ba6f6f01f1708999f5a6c3dfece28571b7292b81b435073b62e5ea7169c00d00bb8c1eb1c83fa878c215d0455a6db0d0a53e16aae","ssdeep":"768:O6T4cchKQ6eO1P2Wgcdxazvs5X0gBBqfRna76Ae/FqsSwYTRrqhlr3NqR:oMQ6eO4+IU5XYxjvq1alrcR","tlshash":"e353e88535d9b0ab42833878946f314bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2023-09-16T03:06:02Z","last_seen":"2026-03-03T17:27:46.653061Z","times_seen":567,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-03","alert":"Hunting_JS_WebAssembly","trigger":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /rlottie-wasm.5e3833cedb8fb71c8d8e.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"1005e-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 19681\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65630,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3559b2b89d032ebe64593c61c4ce75a0","sha1":"0f6cb82095dfedfff7a1eb3d320e6c991ff5f479","sha256":"8524c2222885bf761b5f366d8e1d465a668f7061f8fcc2f01250d446b2dc554a","sha512":"ea3bce8c1fc2cc640dae469ba6f6f01f1708999f5a6c3dfece28571b7292b81b435073b62e5ea7169c00d00bb8c1eb1c83fa878c215d0455a6db0d0a53e16aae","ssdeep":"768:O6T4cchKQ6eO1P2Wgcdxazvs5X0gBBqfRna76Ae/FqsSwYTRrqhlr3NqR:oMQ6eO4+IU5XYxjvq1alrcR","tlshash":"e353e88535d9b0ab42833878946f314bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2023-09-16T03:06:02Z","last_seen":"2026-03-03T17:27:46.653061Z","times_seen":567,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-03","alert":"Hunting_JS_WebAssembly","trigger":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2b08-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 11016\r\nvary: Accept-Encoding\r\ncontent-type: font/woff2\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-04-04T11:04:06.178485Z","times_seen":32999,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/chat-bg-br.f34cc96fbfb048812820.png","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /chat-bg-br.f34cc96fbfb048812820.png HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"780-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 1920\r\ncontent-type: image/png\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1920,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGB, non-interlaced","md5":"ff2989744d4813c906047582226abd28","sha1":"41b973276f7a99af05115b89b401aceb02f573c8","sha256":"3151f7930d821bccf4a76cbbe4a3533e2b56bdff696f260c864ab639ac7526ea","sha512":"add07f186c255e361094878a71eb4257c4e60a6e4908be168fbfac30f768b18e0e292f59e80d75d78eb79fb62c820c03c512f07bda6d8d1c323506e5d173bda2","ssdeep":"","tlshash":"f0413b8a645965a9ee6a1c2733c9314727d0c2911b46399284eb5d71ccce602d2d330e","first_seen":"2023-05-16T22:57:54Z","last_seen":"2026-03-06T17:54:32.202058Z","times_seen":817,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/icon-192x192.png","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /icon-192x192.png HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:17 GMT\r\netag: \"bf3-64b93c9bac440\"\r\naccept-ranges: bytes\r\ncontent-length: 3059\r\ncontent-type: image/png\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3059,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"1a1650d2c76bfc1ac484646c19e495b9","sha1":"fe58d66042ce9241226f5da9370230285ff604fc","sha256":"6e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8","sha512":"79c5c9278959bc94f66434779bebc1b46c055655f0bc58aa375f179c227e7ac0e52dea196764719d42aadcf98e4fd3b5a4488f2db977edde430aa3df733c03bc","ssdeep":"","tlshash":"bd514cd3253318e8e2dbfd7ace62041f656691ce5638ec120568de720c8985dc070caa","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-04-04T11:04:06.155087Z","times_seen":16179,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/5802.36a9971f58c808c4a974.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /5802.36a9971f58c808c4a974.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"541b-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7600\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21531,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21394)","md5":"377d06c30eebd149e43e37a12f0bc3a6","sha1":"0bedfd302e5fc849518158b650612361fc160e99","sha256":"a6456f4285ecaf7f44d25cde45f56f6afefbb7fea2e36633e4bb4e0e5ebb8779","sha512":"d7a2c2a1f4be6213e9beee7784c0de04ee40c12986605940b27be9a1e6f2c31c0d15a61afa2c04ef67f7788cb09384f30a543973c70996c0d343d2676f596486","ssdeep":"384:yA3JV5i17HY+SWId88Q+0VL3oQ0LmVIkTzxr1mQ024BTQ2tp2BLRX8tRiWym:yA3JVMdHR8cVL3oQ0LeIkfT024BTQUYS","tlshash":"13a21bb766f915d652e848e808cb189951f4e0223d86293d5134fdd220f2cdbf2eb9bd","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.646651Z","times_seen":447,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/2041.5fe028b52e13d7a937b4.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /2041.5fe028b52e13d7a937b4.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"223ca-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 30622\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"39c6ccbfd0be3bc43e412a138b4c9f89","sha1":"440310a69dfb81c245f3cfeb4014a001db4ca72a","sha256":"c16171043dbabab93f501b594c1a988e99b034cd39dc6c50b1809a47d64036a4","sha512":"162dbe8f7f7ea25168abb7f275f3c24ac85fdd9880b85cf4cb234afa1bd823360394fd98b7c65f84f2734b360f1ecb5ccff5d596a28abffd825b8069332b82a5","ssdeep":"1536:hW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rs1:IXxq8mwmJs9N","tlshash":"0bd3c682f86424125382b1e654760709773af41ca9c941acfe6cfed569bcd8d32afb34","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.66503Z","times_seen":492,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"zws2.web.telegram.org/apiws","fqdn":"zws2.web.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.167.99","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:18.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.web.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Fri, 29 Aug 2025 16:48:47 GMT","end":"Wed, 30 Sep 2026 16:48:47 GMT"},"fingerprint":{"sha1":"AC:C6:BB:E5:EE:C9:DE:30:05:3E:F8:7A:06:97:90:26:97:A9:15:B3","sha256":"22:D2:01:7E:95:F5:70:BF:86:00:C5:9D:06:06:05:A1:5A:9C:96:BE:6B:EB:A6:1F:F2:A4:C3:A1:BC:5D:3D:E6"}}},"request":{"raw":"GET /apiws HTTP/1.1\r\nHost: zws2.web.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://tolegrom.club\r\nSec-WebSocket-Protocol: binary\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: poavK4vwiTfCvOsLUB7uEQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.18.0\r\nDate: Tue, 03 Mar 2026 17:27:18 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 7hb5yWn9iL07xXercVkpLmAX8yE=\r\nSec-WebSocket-Protocol: binary\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":335,"timings":{"blocked":0,"dns":130,"connect":153,"send":0,"wait":24,"receive":0,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/6839.01a53cbedf5d86d252ec.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /6839.01a53cbedf5d86d252ec.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"b2ba-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 13410\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":45754,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (45662)","md5":"2075f46f0950d8614b73045505b7aafc","sha1":"34da1902bc42580deab249ac8ef5c4901d243a43","sha256":"f693fccbb0f64594079d492db05d3bced69a6c6cab7514d4b78733570fd592a1","sha512":"c86f9062cfe41a8cf4e7e2d3f5767c6b6ecb64aedabcca5e9dd67914bb914bc50d5cd93861f98817725b6309805c8598715e31eb3104978e40a0d9dfa734c88e","ssdeep":"768:Ee+ebTqPIHWzl/cIO4HI+ebv3djbql2cPg+bwTjhva4HASW:vb+PVzl/cIzdyw","tlshash":"8223e8a9b381a1b66a5695e3403b0447f138f6252816d06cf739c8de687cdc5b93bf38","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.683941Z","times_seen":645,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/4790.f820eec6b1e62a1da531.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /4790.f820eec6b1e62a1da531.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"41c63-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":269411,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"356dcd2cd7f85aef1461efdc98d83442","sha1":"13059721f01b0a46c576a6c4a78a11f19602f578","sha256":"29aa387fd455241b930a99e441a923f34c553246ea7703de7e1f51c8ee7256d3","sha512":"2d22d8a87143b8cc83da4a737b2849ed865b9f539eeae945645194aa66ca0265b347c7b7739de19d89c4074fcc72d3af4cde54ac023a21fbec8df897aa01b70f","ssdeep":"6144:HvyltdaOaprfU5SjJ0D6zPyiP/VJValoW:PyltdaH0D6zPyS/VJAb","tlshash":"6a440b9b63f1756d946b24d178923305662ec10aa4469030f1ede0be1f7e0cf62abf5e","first_seen":"2026-03-03T17:27:46.687343Z","last_seen":"2026-03-03T17:27:46.687343Z","times_seen":1,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":503,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2b08-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 11016\r\nvary: Accept-Encoding\r\ncontent-type: font/woff2\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-04-04T11:04:06.178485Z","times_seen":32999,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":411,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/2041.5fe028b52e13d7a937b4.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /2041.5fe028b52e13d7a937b4.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"223ca-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 30622\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"39c6ccbfd0be3bc43e412a138b4c9f89","sha1":"440310a69dfb81c245f3cfeb4014a001db4ca72a","sha256":"c16171043dbabab93f501b594c1a988e99b034cd39dc6c50b1809a47d64036a4","sha512":"162dbe8f7f7ea25168abb7f275f3c24ac85fdd9880b85cf4cb234afa1bd823360394fd98b7c65f84f2734b360f1ecb5ccff5d596a28abffd825b8069332b82a5","ssdeep":"1536:hW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rs1:IXxq8mwmJs9N","tlshash":"0bd3c682f86424125382b1e654760709773af41ca9c941acfe6cfed569bcd8d32afb34","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.66503Z","times_seen":492,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":307,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /rlottie-wasm.5e3833cedb8fb71c8d8e.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"1005e-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 19681\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":65630,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3559b2b89d032ebe64593c61c4ce75a0","sha1":"0f6cb82095dfedfff7a1eb3d320e6c991ff5f479","sha256":"8524c2222885bf761b5f366d8e1d465a668f7061f8fcc2f01250d446b2dc554a","sha512":"ea3bce8c1fc2cc640dae469ba6f6f01f1708999f5a6c3dfece28571b7292b81b435073b62e5ea7169c00d00bb8c1eb1c83fa878c215d0455a6db0d0a53e16aae","ssdeep":"768:O6T4cchKQ6eO1P2Wgcdxazvs5X0gBBqfRna76Ae/FqsSwYTRrqhlr3NqR:oMQ6eO4+IU5XYxjvq1alrcR","tlshash":"e353e88535d9b0ab42833878946f314bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2023-09-16T03:06:02Z","last_seen":"2026-03-03T17:27:46.653061Z","times_seen":567,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":305,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-03","alert":"Hunting_JS_WebAssembly","trigger":"tolegrom.club/rlottie-wasm.5e3833cedb8fb71c8d8e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/main.51bbcee8b15b80b8ee0c.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:14.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /main.51bbcee8b15b80b8ee0c.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"5f038-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:14 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":389176,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65527), with no line terminators","md5":"f97141a677d4ad39fcf9ce553b33e7ac","sha1":"7133b374cbddea6db70c0fb2365208352a5d755b","sha256":"95a6a5c1c0ac7e45f1ab2f30c1ee7762476c601681feada2f3b7a6866921e993","sha512":"821d0dc887ed581c43f76c3e543f4a3013b67fdc0e490ea834119aefc97b048ddcd4ae59a6b18b08aa7d58fc6dad3daf8f91120ec4e9ad71d6da7ac1145cedde","ssdeep":"6144:woOsWcbB5cbMTT1txolg68w1ppkUCi2D0yfotJ+i1v4dHgidJ2TZEd/p+4ih:woOshB5cbiT1txoe68w1pp9Ci2D0yfoD","tlshash":"a6844cc57182b8a962e705e6a4eb0198f634590038098464f1bdfcdd3e369dba3b3f5d","first_seen":"2026-03-03T17:27:46.694613Z","last_seen":"2026-03-03T17:27:46.694613Z","times_seen":1,"resource_available":true,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.324b1e6d0f5ae7c6ab42.woff2 HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/main.fc7a7499e679369f9119.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2b30-64b93c903a940\"\r\naccept-ranges: bytes\r\ncontent-length: 11056\r\nvary: Accept-Encoding\r\ncontent-type: font/woff2\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11056,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11056, version 1.0","md5":"07db243db21ed0a6b4ff05ff429686b7","sha1":"5d62925fdd7ed8e80f206d095ed093994f13d276","sha256":"ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e","sha512":"d34d15e91ba706886f7b098b5a42b3e31d374fda47d6e873f10b40fbea78d848921d124fc17045e77c432bcf2b4d4adfe5aeca4c3122cec199ac92e3124541ec","ssdeep":"192:duC8R1LnQKFt7DX2XFEu+zjdNr/ucPDf/Teifn/m1t7w9vxUBpZRCo++TkXT0R97:dL8bQKFt32XF/+zhNr/uS6i+tU9v6RCM","tlshash":"9d32bf0731ed12a1f9e8b3b1b9adc3490ce275f00bbc52da8669787ed43660e95d0078","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-04-04T06:24:56.815993Z","times_seen":7265,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":610,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/3748.1a1c8ea27626019eca8b.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /3748.1a1c8ea27626019eca8b.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"266a-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3450\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":9834,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (9780)","md5":"d996253fd164ddfef95dc195e2e9f330","sha1":"2de860fb22e91210a093fb7f03c56f4c82505665","sha256":"d8fd053642c68d01f1aa0068feb4fd919553b24923fe9c2012f96a590b65dfb4","sha512":"b20a8e73f2793f80fcde73a1e713e4494ed01ff186cb31f76f4435717eed785096163ecca93f9a0d2b41bd875e76357ecc2d2e4ef562b93691081f9a661e75fd","ssdeep":"192:2Vcn1feShD/DSPaDamkt0M/YPAoDc+EuGsVczzS8W6DWAVYBB382Q:2VIUS5/DSCGmkmMA7D/EuGsVgzSlkWMh","tlshash":"b212e881b232747e626794d6e6084a03aa3591587c0da1bdf77c78fb2c9580b34bcf79","first_seen":"2026-03-03T17:27:46.700575Z","last_seen":"2026-03-03T17:27:46.700575Z","times_seen":1,"resource_available":true,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/4680.84361a6f376ba09ecda3.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /4680.84361a6f376ba09ecda3.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2828-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4521\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10280,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10226)","md5":"d6a550adf85c47466544b511202402cb","sha1":"527abb3e562affd1bbe684d40c3a7f9a81941f67","sha256":"e47801df0f1551783a629ae44046aeea483eac5ced0e2a3c1f256697849a9604","sha512":"b58630f3735adb3c4f8824759a36a7b53acbe28fa264ea0990c3ef9d882f661919f778304a5f525fe8ba18476e2242f310439d57305186b57e613f708c6a97c9","ssdeep":"192:+dK5WVYG6G8UxYs1MlbKq2Y/WkFYmMWYW5zIf0hVetjFCfRCjkG6yScwLnhoK7RM:+nQUxYs1SdD/WkFYmMWYczTq5uCQGFSg","tlshash":"5d223bc03122783652936996a47f200374356b64784f9958721defea392be8b7173ff1","first_seen":"2026-03-03T17:27:46.643631Z","last_seen":"2026-03-03T17:27:46.643631Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/4680.84361a6f376ba09ecda3.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/","date":"2026-03-03T17:27:16.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /4680.84361a6f376ba09ecda3.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"2828-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4521\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:16 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10280,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10226)","md5":"d6a550adf85c47466544b511202402cb","sha1":"527abb3e562affd1bbe684d40c3a7f9a81941f67","sha256":"e47801df0f1551783a629ae44046aeea483eac5ced0e2a3c1f256697849a9604","sha512":"b58630f3735adb3c4f8824759a36a7b53acbe28fa264ea0990c3ef9d882f661919f778304a5f525fe8ba18476e2242f310439d57305186b57e613f708c6a97c9","ssdeep":"192:+dK5WVYG6G8UxYs1MlbKq2Y/WkFYmMWYW5zIf0hVetjFCfRCjkG6yScwLnhoK7RM:+nQUxYs1SdD/WkFYmMWYczTq5uCQGFSg","tlshash":"5d223bc03122783652936996a47f200374356b64784f9958721defea392be8b7173ff1","first_seen":"2026-03-03T17:27:46.643631Z","last_seen":"2026-03-03T17:27:46.643631Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tolegrom.club/2041.5fe028b52e13d7a937b4.js","fqdn":"tolegrom.club","domain":"tolegrom.club","tld":"club"},"ip":{"addr":"206.238.221.103","port":443,"asn":399077,"as":"TERAEXCH","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tolegrom.club/4680.84361a6f376ba09ecda3.js","date":"2026-03-03T17:27:17.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tolegrom.club","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 01:00:00 GMT","end":"Sat, 30 May 2026 00:59:59 GMT"},"fingerprint":{"sha1":"EC:87:68:40:57:2D:E8:73:2E:B4:81:31:F0:19:D2:88:22:EC:4B:4E","sha256":"F8:21:53:CD:8E:90:42:1A:27:1B:A2:ED:00:12:65:7A:81:04:77:C2:CA:6F:2E:55:59:71:AE:F2:7B:A7:74:11"}}},"request":{"raw":"GET /2041.5fe028b52e13d7a937b4.js HTTP/1.1\r\nHost: tolegrom.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tolegrom.club/4680.84361a6f376ba09ecda3.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 24 Feb 2026 15:46:05 GMT\r\netag: \"223ca-64b93c903a940-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 30622\r\ncontent-type: text/javascript\r\ndate: Tue, 03 Mar 2026 17:27:17 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"39c6ccbfd0be3bc43e412a138b4c9f89","sha1":"440310a69dfb81c245f3cfeb4014a001db4ca72a","sha256":"c16171043dbabab93f501b594c1a988e99b034cd39dc6c50b1809a47d64036a4","sha512":"162dbe8f7f7ea25168abb7f275f3c24ac85fdd9880b85cf4cb234afa1bd823360394fd98b7c65f84f2734b360f1ecb5ccff5d596a28abffd825b8069332b82a5","ssdeep":"1536:hW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rs1:IXxq8mwmJs9N","tlshash":"0bd3c682f86424125382b1e654760709773af41ca9c941acfe6cfed569bcd8d32afb34","first_seen":"2023-10-19T01:38:58Z","last_seen":"2026-03-03T17:27:46.66503Z","times_seen":492,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-03","alert":"Sinkholed","trigger":"tolegrom.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-03","alert":"Phishing Block","trigger":"tolegrom.club","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}