{"report_id":"69d56915-d156-4fc0-9cbc-fad75f814148","version":6,"status":"done","tags":[],"date":"2026-03-28T06:26:10Z","url":{"schema":"https","addr":"wwb.talegrew.top/","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"172.67.175.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"wwb.talegrew.top/","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"title":"Telegram","dom":{"size":4043,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4043), with no line terminators","md5":"e091ebacaac8fec073b19228e3adfa9a","sha1":"8af7204651f27bbe27b86aa9ca964300f406e647","sha256":"8168c11ea18760e4950689f42bb592891277c166bf6b18965bfe459843310fd6","sha512":"64db64c6694df869fe5bee0b23e0715d334177adfbd43b07138f88ff1d3beeab5f53787780de6722d078afb067f055987e937969ba38ef49c5e0d5952fb52e46","ssdeep":"","tlshash":"b48175a35b18c81d2361813be5b7f1cc8626d00eae617c40f59d89ab49e4ff084b397a","dom_hash":"domhash5ccec09450db6443ef0dd1ad93ff8c4b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"wwb.talegrew.top/","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"172.67.175.130","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T06:26:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-28","alert":"Hunting_JS_WebAssembly","trigger":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"wwb.talegrew.top","ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-27","domain_rank":0,"first_seen":"2026-03-28T06:13:16.242491Z","last_seen":"2026-03-28T06:13:16.242491Z","alert_count":97,"request_count":31,"received_data":1604545,"sent_data":14196,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wwb.talegrew.top/redirect.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09b4442f7297c7760b8b8b6b8124d1e6","sha1":"e0fce210431683c481708133b33baa1e7bd686aa","sha256":"7faa91eb7ecfac042805251730c15d85c3c3d39e5997e44fe63d7ea8090356a1","sha512":"3a0dc312d7b177ed66a276d5a86ee74e1c3ab3086b6d43a0a32829c4ba29023b83642c783bf2c743c757da05c3e053a2c45b9bb24df8724215e4307fa7d6a6c8","ssdeep":"","tlshash":"0281114a17e3026056e321fb9b4b2120513be007741dde29ba6e92407f9a76d47f2bcb","size":4057,"data":"","first_seen":"2026-03-28T06:12:42.49264Z","last_seen":"2026-03-28T06:26:12.790603Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/compatTest.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe2a5f155253301a58567a83130cd505","sha1":"35b349178c9455b819e3714c481c594ed36ab5a3","sha256":"3ee5b1443f69c457135f99a191ee2d7decc463669d9a7834f81632fc8ebdac7a","sha512":"f33714e657e6b52df84d9271d3905b0f846d787013849d0bf4b4435f4c0a20dd4b25bee19db436c91de14d72ac52ed3751f3f8e17ae77f2d3346c9d2469a1c86","ssdeep":"","tlshash":"9d51051a0db1726150796167ab1bb14336298577060cfb68b120cf397eb185bc29fde9","size":2763,"data":"","first_seen":"2024-12-25T09:55:32.846851Z","last_seen":"2026-04-17T23:39:30.778894Z","times_seen":745,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/main.84a31bd5596aa2c17cea.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"112bb8905dd6814463ac1f08b981442c","sha1":"699b8e73c9c17fc607b60bd6aac522203bdcebaa","sha256":"676cfe1c6fedabadf5232df5ef6feb3e2a7fea3219a10094b0add6980a6bb795","sha512":"5e16976e0f7b076eca3fd95ac25c74871f3b389217eddc909e67bb801ade327e3f700eba29874dd23932269b0e294d8a9eb06faa31529ddafdf554c1db79a0ef","ssdeep":"12288:SFv3KnRBlVxZa0uRoSiTMYmvwYJ+DeYDeJ5ecOHUjfgJBt5LO:SFv3KnHlvSiO+Aekj7","tlshash":"68945cc57196b4e963d705f6a4ab0088b73859043809c460f1adfcea3e365aea373f5d","size":448481,"data":"","first_seen":"2025-06-08T13:04:14.586722Z","last_seen":"2026-03-28T06:26:12.791508Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/6708.62232e3759fa4a0c14aa.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eae3b19c7ec05efad2731e2578ab68ae","sha1":"da1b735aaae8a1795ac69cf3659935d947e1124f","sha256":"fbd595e42c85dcbc68ffe1b53aadc4ac4c285a9e8b87dea0e60d9a84581d1f18","sha512":"18da34437e90e3f493d7b22a7392323cf1dc9e245f886ee0e8f49da8fd4626091541f31b7e4472f6f500d4eb5c37dab57046c4da702007925cce4a4b69f52662","ssdeep":"192:5CUGseShD/DUWaDzmat0Kk/YsAoDc+EurYfzCUzmONT16dWQ5vZ1l8/X:5MS5/DUtfmamKkT7D/EurYfzNmONTAdq","tlshash":"da220b81b132743e62a7d4d6e6184a02aa3590593c1d92bdf77c78fb2c5580b34bcf7a","size":10376,"data":"","first_seen":"2025-01-28T04:51:38.139377Z","last_seen":"2026-03-28T06:26:12.79013Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:54.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9722.204bd3ee91908ea636fe.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-2f27\"\r\nexpires: Sat, 28 Mar 2026 18:13:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 772\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XH4UbeKblKq4FKT6C8Q5h5RRhwH2UzqdTjkQaas%2FfPsPoC%2BP6XcpmZgS0dzi5I70OvOGemCRanohWaukcQMjkaRATROh2Ark1oI5JqQN8lT5IAyn4Nz8jiGYjjCD1U8By7k6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f694b4723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12017)","md5":"d5984d818d4ea04353b545f40eb221d9","sha1":"2089b3823ec3f346f257b1f9cd1baeb96d9506ac","sha256":"dbfc80efe17666b15e63d2f367723f13c7fc0bd9771864bc94f325025de51429","sha512":"e712d413a97c47d76c07bbb7e0ac375a841485878d4467206eedfd05ae68ffa441047aa436b5832465a086835a63532b339856fd1c9aada0056742ad9dcc5e65","ssdeep":"192:JjOqrc38On35VfOCURWQeaGBSNLcrRdj4CqIbEoEhoCfRERCGfEmSpfigtot6Ejt:JJrc38O35VfOjWEwdMChwoEhbZACGfE0","tlshash":"1442d6c22702a43ee39798d8987a04537134da587819856c7b2daed77c2bdc6f0b1f72","first_seen":"2025-06-27T12:27:16.284565Z","last_seen":"2026-03-28T06:26:12.786667Z","times_seen":16,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:54.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9722.204bd3ee91908ea636fe.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-2f27\"\r\nexpires: Sat, 28 Mar 2026 18:13:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 772\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jxarCHY9lA6mvMIjO87LeeAwBXaWlNu%2BedLIM9Pxa9hSsUALWqmLpBVUscxBK89iiwhtXVoRiQGaoTcfPNQMBMmBW6FILCZL1aoVggBFW%2FsU2AKD6zlSMOhT3hE%2BY3YuVx%2Bk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f694b4823eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12017)","md5":"d5984d818d4ea04353b545f40eb221d9","sha1":"2089b3823ec3f346f257b1f9cd1baeb96d9506ac","sha256":"dbfc80efe17666b15e63d2f367723f13c7fc0bd9771864bc94f325025de51429","sha512":"e712d413a97c47d76c07bbb7e0ac375a841485878d4467206eedfd05ae68ffa441047aa436b5832465a086835a63532b339856fd1c9aada0056742ad9dcc5e65","ssdeep":"192:JjOqrc38On35VfOCURWQeaGBSNLcrRdj4CqIbEoEhoCfRERCGfEmSpfigtot6Ejt:JJrc38O35VfOjWEwdMChwoEhbZACGfE0","tlshash":"1442d6c22702a43ee39798d8987a04537134da587819856c7b2daed77c2bdc6f0b1f72","first_seen":"2025-06-27T12:27:16.284565Z","last_seen":"2026-03-28T06:26:12.786667Z","times_seen":16,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/5905.efaeccc9ed0bc890f551.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /5905.efaeccc9ed0bc890f551.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-223ca\"\r\nexpires: Sat, 28 Mar 2026 18:13:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 770\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mElCSmJtVg4BTLlKYViQElNP%2FBTjHjrywLu4iujJ6w6AHg9godlWrkirlSz4IRPv2SloYibY1ExNujCvDy1lER73fhTdDeSkJI1QqobLHy70xcr2ORjs6pxX86Ith%2BIbl5pc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f699b5123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"64a6ce633fb3d0e45c76444320599966","sha1":"797ac0ce9a80a16667b4cb5e3ace93e066f0af67","sha256":"19029ef084d2b11071ef27c229253b68aee1da038eff08f5af99718a9d48ecbc","sha512":"1c8f178e73daab5a389a4276faeb9f608f3cd6e2616aa60f476e9fdcaf18181ab652f72bd58645597aacc9c5e237486ad2359dc8ba0e7fce4aec04f83074d61f","ssdeep":"1536:WW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rsz:JXxq8mwmJs9L","tlshash":"04d3c682f86424125382b1e654760709773af41ca9c940acfe6cfed569bcd8d32afb34","first_seen":"2024-05-27T01:56:11Z","last_seen":"2026-04-18T18:22:11.323852Z","times_seen":977,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-10037\"\r\nexpires: Sat, 28 Mar 2026 18:13:05 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 768\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IYcQSulaacvENPVHgVnFYucYyVUfrnW2Wi4OliFutDAka%2FbIbgsmuvNYvYxI2gj9rOCvfMl%2BY2zWrZF8xGsprQ3s7Fp85jFbP4jcxsxoC%2FMcxSvE8ZdNFaEpEy%2F0AJCtEfwe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69fb5f23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-19T23:35:33.634143Z","times_seen":14995,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-28","alert":"Hunting_JS_WebAssembly","trigger":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T06:25:49.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:25:50 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 09 Feb 2025 11:38:24 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BnD7E47w9WwzQ28HvY%2BNXb3Buj%2FDThuSF4deK5P58soYBGBB9gPL1eg%2BPpjS4C%2FXSBkQbvtXogZfVCqnMHonZyJld%2FcH2VAZpxgQRNaBeXXWc9ozMG0FIH8l1nHcI3Q6ktyd\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e348f4c6e51dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3996,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (3996), with no line terminators","md5":"0318f981fceebde8fc3256c4ee73180c","sha1":"40ed748a293949bc4b84775dbed4bff7ea57ad9a","sha256":"2471439ad8cc338c1ccbbd00376f2c9f09142a9462c3cb9576038b25e2113128","sha512":"9421f694d7b32c6a810782a0c27976a2583b04ce167b9926e6d421580f8e6f3e2c7b9a7f34d36ba69f742492dc087f17db19d8b91572ae5364a824a6c62176de","ssdeep":"","tlshash":"cc8165a35b18c81d2361813ae5b7f1cc8626d01ead617c40f59d89ab4de5ff084b3a79","first_seen":"2026-03-28T06:26:12.788133Z","last_seen":"2026-03-28T06:26:12.788133Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1646,"timings":{"blocked":336,"dns":324,"connect":1,"send":0,"wait":968,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/favicon.svg","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:51.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:51 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\nlast-modified: Fri, 07 Feb 2025 19:44:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 772\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"67a662b6-37c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f4%2FLq9552jnHO1p8phgfv0f7nJ3uwEAay1YUphX1Vj8zGJqpm%2FSdmu%2BkJEKjk%2BWWDd7wDo%2F6AYYy%2BNEUx2q4KS0V5YSlftd%2B2S92wtQtTF1D8GV5IsFyn6c6s4ULXl5y2MVt\"}]}\r\ncf-ray: 9e348f5669f323eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":892,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d9ee2d4b0edd9f8ba2fb7242162c2c47","sha1":"398522893cf2cdefb5176f11bc67eab31c2d7382","sha256":"a462f1c5333e16b48335054493cfd1d0a13a96847b4b9ffe2cf24403e6e86010","sha512":"e404678e96fe6f6d1fe6c1390e4a64d90844a2d8903f84f1a34b23137593da5ba04112d9504b8bf480b392b294830a363344c5767e3bb5b7a3cb6f5df2a3aa45","ssdeep":"","tlshash":"97114493d060e71ad4c9e16bef61fca0116720cee5b745d485d95a34500fcdbfc08668","first_seen":"2023-05-09T00:01:39Z","last_seen":"2026-04-22T03:26:06.234668Z","times_seen":13806,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:54.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9722.204bd3ee91908ea636fe.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-2f27\"\r\nexpires: Sat, 28 Mar 2026 18:13:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 772\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NmXYnJpHBaHPeQdJ%2BfBUbauvmFFRgjE3A8pePwNZoUwxFj18SXFIDDpvpCe1KVjqHc10V201uuxZXRTww1R%2B7MhoyekWG7rBoeFGSUlEbZIHESZ4O8heoL6Tgn3bQwK9UhQq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f694b4623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12017)","md5":"d5984d818d4ea04353b545f40eb221d9","sha1":"2089b3823ec3f346f257b1f9cd1baeb96d9506ac","sha256":"dbfc80efe17666b15e63d2f367723f13c7fc0bd9771864bc94f325025de51429","sha512":"e712d413a97c47d76c07bbb7e0ac375a841485878d4467206eedfd05ae68ffa441047aa436b5832465a086835a63532b339856fd1c9aada0056742ad9dcc5e65","ssdeep":"192:JjOqrc38On35VfOCURWQeaGBSNLcrRdj4CqIbEoEhoCfRERCGfEmSpfigtot6Ejt:JJrc38O35VfOjWEwdMChwoEhbZACGfE0","tlshash":"1442d6c22702a43ee39798d8987a04537134da587819856c7b2daed77c2bdc6f0b1f72","first_seen":"2025-06-27T12:27:16.284565Z","last_seen":"2026-03-28T06:26:12.786667Z","times_seen":16,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/7784.4e167a928464165e6412.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /7784.4e167a928464165e6412.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-53e6\"\r\nexpires: Sat, 28 Mar 2026 18:13:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 771\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4K6sqGJywTD2qfOfQIP3fS9RWcJcdJ8kcDTiD19C2ZaKxF6a1kchjDahGEplbKU6gGMn2tSwPSldhWedBG%2Fgw8LNWImdzlPCRLSN1lY2NTMpnT8OJfSOToZ3ucRnJ%2FlR%2BBu6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f696b4c23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21341)","md5":"0c6c6d56524f9928ea4a925bbe46f2b9","sha1":"819d484673709289d0fb6907b752bff1f9f89940","sha256":"01a16ae644097aed32a219b9eb3f8a18d6f139ce663bd39c4e826f02005d2778","sha512":"af2e03e57860072ab55794fdc5b397e85f6ef240e50c5fa3ae1f36dc9b90cd0b0c9073375f87fedfbc136dc7604dc2850455dc4b8b678ae839b4f39e6b7275bd","ssdeep":"384:pAdJR5l17Hc+yWId88Q+0VL3oQ0LmVIkTzxr1QQ02NBTQ2tp2TLRX8tRiWyU:pAdJR7dHt8cVL3oQ0LeIkf502NBTQUYa","tlshash":"e0a21ab766f915d652e848e808cb189950f4e0223d86293d5134edd220f2cdbf2eb9bd","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-18T18:22:11.323314Z","times_seen":970,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-10037\"\r\nexpires: Sat, 28 Mar 2026 18:13:05 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 768\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A2XWHOGktim47XfWv6Izps%2BKQBLMKEDdNPtrhd9756kCgnSdNk57C0lfxNdtyvWmdXPwpwDw25OkhXG5xrImeXHTc4Ep9WW7cBMiNeA2166JaAhMOCKr9HraceeFUhyhycNr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69fb6023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-19T23:35:33.634143Z","times_seen":14995,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-28","alert":"Hunting_JS_WebAssembly","trigger":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/6708.62232e3759fa4a0c14aa.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:54.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /6708.62232e3759fa4a0c14aa.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-2888\"\r\nexpires: Sat, 28 Mar 2026 18:13:00 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 773\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zPZv5UL%2FHKKT7rxrgIOlexVQ2ZWbPpNXYvVkOqSQkYL4L9EUHNyxlvAyMfsIxbfZo4htz7qhcq153tqTuBwHQAeEAiCOv3kUe9FA8H9ZpjKzhfgvDJJINDQBkD1XskES3E8h\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f691b4523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10376,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10322)","md5":"eae3b19c7ec05efad2731e2578ab68ae","sha1":"da1b735aaae8a1795ac69cf3659935d947e1124f","sha256":"fbd595e42c85dcbc68ffe1b53aadc4ac4c285a9e8b87dea0e60d9a84581d1f18","sha512":"18da34437e90e3f493d7b22a7392323cf1dc9e245f886ee0e8f49da8fd4626091541f31b7e4472f6f500d4eb5c37dab57046c4da702007925cce4a4b69f52662","ssdeep":"192:5CUGseShD/DUWaDzmat0Kk/YsAoDc+EurYfzCUzmONT16dWQ5vZ1l8/X:5MS5/DUtfmamKkT7D/EurYfzNmONTAdq","tlshash":"da220b81b132743e62a7d4d6e6184a02aa3590593c1d92bdf77c78fb2c5580b34bcf7a","first_seen":"2025-01-28T04:51:38.139377Z","last_seen":"2026-03-28T06:26:12.79013Z","times_seen":151,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-10037\"\r\nexpires: Sat, 28 Mar 2026 18:13:05 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 768\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c4P9IuARt8PNRdoA5rD8RVryRriR0I8S9RJx1Za5qE2bJEQZLbU8UbfrlLaCnH5Ka5r0OjkCTUmjpbedq9gRo%2FcnnDK0cNz%2FCQ26mIEmoTpsk740huMaj6zrkQ7HUv95t9d2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69fb5d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-19T23:35:33.634143Z","times_seen":14995,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-28","alert":"Hunting_JS_WebAssembly","trigger":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/redirect.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:50.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /redirect.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 24 Jan 2026 09:36:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69749298-fd9\"\r\nexpires: Sat, 28 Mar 2026 18:12:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 774\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dfHNz7NLF27nmYwpgMnyjiBaQZ6VnoxJW6Vrh85OSv%2BvZbYYtzQFjXd%2BRhJ6CtpCUKt0Vo%2F9qjzphc1AaVcm3t24gGYlsyKmXBusSgHPJYni9FeV%2FXakwTFZtvxwptIi%2F2QW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f5379af23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4057,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"09b4442f7297c7760b8b8b6b8124d1e6","sha1":"e0fce210431683c481708133b33baa1e7bd686aa","sha256":"7faa91eb7ecfac042805251730c15d85c3c3d39e5997e44fe63d7ea8090356a1","sha512":"3a0dc312d7b177ed66a276d5a86ee74e1c3ab3086b6d43a0a32829c4ba29023b83642c783bf2c743c757da05c3e053a2c45b9bb24df8724215e4307fa7d6a6c8","ssdeep":"","tlshash":"0281114a17e3026056e321fb9b4b2120513be007741dde29ba6e92407f9a76d47f2bcb","first_seen":"2026-03-28T06:12:42.49264Z","last_seen":"2026-03-28T06:26:12.790603Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:51.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/main.85a1f87fda9c5c10536b.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:51 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 11016\r\nlast-modified: Fri, 07 Feb 2025 16:13:12 GMT\r\netag: \"67a63118-2b08\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 773\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=39nnEf6%2FK523vjPG3H3lk3jKUS76cn%2Bjl9a8O7rxvAq%2F%2BQJcHhbCOL2EGgE9L0RHu%2Fl9OZD65D6t6romNu%2BGnXYjC7qlGFv04BlQMv%2FKk%2BZraU8O%2FIyYRxvB34K3wl5zPGvJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e348f5639ec23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11016,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11016, version 1.0","md5":"15fa3062f8929bd3b05fdca5259db412","sha1":"6ff06a34f68ad0324ddec1bbe4d453c959178b36","sha256":"5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479","sha512":"07e96d7520b4ede158e77bef10a01a33cd8be7d263fe6900f89c023e65e4a63570e8a442dec2e96030fb563b25610005a748d48f9330fd31eb91b37d1003d376","ssdeep":"192:Tysuo7z1NVoTUYAKVOO7YVxRwHQUXFI5xoBwH9f4d9QFmOfiS:TvdvVoTSjOYR4QUVIgBwpFLaS","tlshash":"6e32af8071ff1c50ff85c2f69be68efa2c2b1895c619016f5240b476397525e9c294bb","first_seen":"2023-04-05T09:25:54Z","last_seen":"2026-04-22T07:03:23.852482Z","times_seen":33234,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:54.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9722.204bd3ee91908ea636fe.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-2f27\"\r\nexpires: Sat, 28 Mar 2026 18:13:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 772\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ApzQ4TlyQfbyWwrGvlS9hNQ7GQQcT5%2F7gbt4O%2BtmQCPbTbX1WNAYdPIr4hCNrGrqW%2FlPmng3mydI%2FYKpk%2FOz35bZyk1cC7QeRJXHPUcHzOarBGxfyomVTlmKq9A211y7leLQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f694b4923eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12017)","md5":"d5984d818d4ea04353b545f40eb221d9","sha1":"2089b3823ec3f346f257b1f9cd1baeb96d9506ac","sha256":"dbfc80efe17666b15e63d2f367723f13c7fc0bd9771864bc94f325025de51429","sha512":"e712d413a97c47d76c07bbb7e0ac375a841485878d4467206eedfd05ae68ffa441047aa436b5832465a086835a63532b339856fd1c9aada0056742ad9dcc5e65","ssdeep":"192:JjOqrc38On35VfOCURWQeaGBSNLcrRdj4CqIbEoEhoCfRERCGfEmSpfigtot6Ejt:JJrc38O35VfOjWEwdMChwoEhbZACGfE0","tlshash":"1442d6c22702a43ee39798d8987a04537134da587819856c7b2daed77c2bdc6f0b1f72","first_seen":"2025-06-27T12:27:16.284565Z","last_seen":"2026-03-28T06:26:12.786667Z","times_seen":16,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/main.84a31bd5596aa2c17cea.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:50.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /main.84a31bd5596aa2c17cea.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 14:54:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a8c18e-6d7e1\"\r\nexpires: Sat, 28 Mar 2026 18:12:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 774\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TfFlNhsBYYJuZshOXVMgw1t5Xnzhes7Du7d63pZU%2FiQB99ohzaaSS2qsZlAoOHsrWht7bOOJaRUZTBnuydvYKWpGbHZkW25PNR%2FdR6bOvf3du4bPeMbpBh47Cq6A4RtMxzO6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f5379ae23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":448481,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65531), with no line terminators","md5":"112bb8905dd6814463ac1f08b981442c","sha1":"699b8e73c9c17fc607b60bd6aac522203bdcebaa","sha256":"676cfe1c6fedabadf5232df5ef6feb3e2a7fea3219a10094b0add6980a6bb795","sha512":"5e16976e0f7b076eca3fd95ac25c74871f3b389217eddc909e67bb801ade327e3f700eba29874dd23932269b0e294d8a9eb06faa31529ddafdf554c1db79a0ef","ssdeep":"12288:SFv3KnRBlVxZa0uRoSiTMYmvwYJ+DeYDeJ5ecOHUjfgJBt5LO:SFv3KnHlvSiO+Aekj7","tlshash":"68945cc57196b4e963d705f6a4ab0088b73859043809c460f1adfcea3e365aea373f5d","first_seen":"2025-06-08T13:04:14.586722Z","last_seen":"2026-03-28T06:26:12.791508Z","times_seen":17,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/main.85a1f87fda9c5c10536b.css","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:50.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /main.85a1f87fda9c5c10536b.css HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-1bec6\"\r\nexpires: Sat, 28 Mar 2026 18:12:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 774\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m4vOxZAJMp7X0tEclDHGMtUha%2B9IYtkEt9XJ8mRFr6f0rgS5pXW6kOjyxQxRR6dOKu%2BLMqApub54t9bGfLKyDjpHuutmzGxhH0frXKKLnYDaKxlaFnYIoJrP%2FlXj6%2FH2Qlj%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f5379b023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":114374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11469)","md5":"18ab7bcca0d7a7015dd07deb232add67","sha1":"d4eaee7d50411a3250cce3e8fbca7d58e52e9f9a","sha256":"d1dac81a1f2b2541f549e813e619a0b78f40d4e75c8575449d36c1b7db2d7d6c","sha512":"2610869eb5ad5cda6328cc4cfbdc631ec86c1772cd51cab096a6d09c06ab5fe8ac137ba3dec70ce1a81353d61b395f3854490855d3c0844bb5a681f24db6caba","ssdeep":"768:ZetKiaflPrQhnvSkRUUbHoeu2Igy1HOhzoo9eb6Ub0v5ArcIRxMqa56tfEEV+FI9:gki7UUbI2IgyROOm5KkIfBJ","tlshash":"3bb3e794e94411f9ab33c23e97c4e76c9938e481de210fafb247615c07ca7ea11e2b59","first_seen":"2025-04-09T11:24:09.076709Z","last_seen":"2026-03-28T06:26:12.791982Z","times_seen":147,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/7784.4e167a928464165e6412.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /7784.4e167a928464165e6412.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-53e6\"\r\nexpires: Sat, 28 Mar 2026 18:13:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 771\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f%2BswQDC%2BQvyXZlUHiOPozyXVRakAOfHGgirJGc4Pm4rO0Yne5lB1xKKco9j7Ana810WQlPyQ%2FU3RE1npgyHf20uqDnCVoA9a%2BEtVaOX%2FA20YnNZsgLybw2XYzovb6NS1X%2Bl6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f696b4a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21341)","md5":"0c6c6d56524f9928ea4a925bbe46f2b9","sha1":"819d484673709289d0fb6907b752bff1f9f89940","sha256":"01a16ae644097aed32a219b9eb3f8a18d6f139ce663bd39c4e826f02005d2778","sha512":"af2e03e57860072ab55794fdc5b397e85f6ef240e50c5fa3ae1f36dc9b90cd0b0c9073375f87fedfbc136dc7604dc2850455dc4b8b678ae839b4f39e6b7275bd","ssdeep":"384:pAdJR5l17Hc+yWId88Q+0VL3oQ0LmVIkTzxr1QQ02NBTQ2tp2TLRX8tRiWyU:pAdJR7dHt8cVL3oQ0LeIkf502NBTQUYa","tlshash":"e0a21ab766f915d652e848e808cb189950f4e0223d86293d5134edd220f2cdbf2eb9bd","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-18T18:22:11.323314Z","times_seen":970,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/5905.efaeccc9ed0bc890f551.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /5905.efaeccc9ed0bc890f551.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-223ca\"\r\nexpires: Sat, 28 Mar 2026 18:13:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 770\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IhF8GYD6MrvIHjCLvSFjSc%2BOs%2FOtyu6Jm3NdDAR2RTNSCEZL2YM1wYyi6ZUeRV8L9ohxDc%2BTQM1DjBUqKJVrjQ0rpeGYbreNlOjyffA0YfKrVhs0WxLC1%2B01o9rfX6G%2Bxny9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f699b4e23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"64a6ce633fb3d0e45c76444320599966","sha1":"797ac0ce9a80a16667b4cb5e3ace93e066f0af67","sha256":"19029ef084d2b11071ef27c229253b68aee1da038eff08f5af99718a9d48ecbc","sha512":"1c8f178e73daab5a389a4276faeb9f608f3cd6e2616aa60f476e9fdcaf18181ab652f72bd58645597aacc9c5e237486ad2359dc8ba0e7fce4aec04f83074d61f","ssdeep":"1536:WW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rsz:JXxq8mwmJs9L","tlshash":"04d3c682f86424125382b1e654760709773af41ca9c940acfe6cfed569bcd8d32afb34","first_seen":"2024-05-27T01:56:11Z","last_seen":"2026-04-18T18:22:11.323852Z","times_seen":977,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9357.6eac77a0486f9581bdbb.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9357.6eac77a0486f9581bdbb.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-a48\"\r\nexpires: Sat, 28 Mar 2026 18:13:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 769\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D1mdxra7FfwTGsBTb68DRFumNOBn4VPyEaM5yTUlq5IwYMuBWIWp09KwbMb7%2FdQf9ZuqRGEi7UH8yrvu3VMNg5bRvheLL3xDjGFSJ1j4aPviHNC68MpJGKBOBeiz%2Bs07JMPh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69db5a23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2632,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2578)","md5":"9a88be9c44d21f0f968af34753d94f74","sha1":"36bbcaf30dece168c8c91d17759ed5d961920e8d","sha256":"571db221ba8701ecb6f1ca5f39ff4cc593b116e510809566494f82aed62f451e","sha512":"4dae56ea2ea0b8f8d824076a2ec3ef95421b64924b4cb6c4d9b9ce3bf6760a494cba48f819c5c7354c79701ea9aefd5908222ee3394ac9d1f5f290e4dbe6efa2","ssdeep":"","tlshash":"c551a7441a7338791de347a6b05b3b120c2513b27819f59216099eeb87b624f5b07f8a","first_seen":"2025-06-27T12:27:16.286459Z","last_seen":"2026-03-28T06:26:12.792475Z","times_seen":16,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/7784.4e167a928464165e6412.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /7784.4e167a928464165e6412.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-53e6\"\r\nexpires: Sat, 28 Mar 2026 18:13:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 771\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=coLoozaWh4e7qFVcb5fBLZBchGIg3pq%2BohexhjBc7cGSx9WNTP1wb7OAAyg%2B%2ByEkSvPaTyU4PVnMlpbnfxvCPzpYO5wLP8DATZxIm2dnSElHwTmC0wchIuzCaf0ZDIdHRZgI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f696b4b23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21341)","md5":"0c6c6d56524f9928ea4a925bbe46f2b9","sha1":"819d484673709289d0fb6907b752bff1f9f89940","sha256":"01a16ae644097aed32a219b9eb3f8a18d6f139ce663bd39c4e826f02005d2778","sha512":"af2e03e57860072ab55794fdc5b397e85f6ef240e50c5fa3ae1f36dc9b90cd0b0c9073375f87fedfbc136dc7604dc2850455dc4b8b678ae839b4f39e6b7275bd","ssdeep":"384:pAdJR5l17Hc+yWId88Q+0VL3oQ0LmVIkTzxr1QQ02NBTQ2tp2TLRX8tRiWyU:pAdJR7dHt8cVL3oQ0LeIkf502NBTQUYa","tlshash":"e0a21ab766f915d652e848e808cb189950f4e0223d86293d5134edd220f2cdbf2eb9bd","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-18T18:22:11.323314Z","times_seen":970,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/7784.4e167a928464165e6412.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /7784.4e167a928464165e6412.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-53e6\"\r\nexpires: Sat, 28 Mar 2026 18:13:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 771\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XgW24NvmDXiA2O5IvGtUruVICsuGhCMCdenjakQMsfEdPGxjX9%2BK6hHuLpYBVkUoTysfONsnMdlspKH5Fbf10hzhX4KAZZcdyaJU6e6cE1NLMtSi0X3uKAMa8iG7vGpaxs3d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f697b4d23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21478,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21341)","md5":"0c6c6d56524f9928ea4a925bbe46f2b9","sha1":"819d484673709289d0fb6907b752bff1f9f89940","sha256":"01a16ae644097aed32a219b9eb3f8a18d6f139ce663bd39c4e826f02005d2778","sha512":"af2e03e57860072ab55794fdc5b397e85f6ef240e50c5fa3ae1f36dc9b90cd0b0c9073375f87fedfbc136dc7604dc2850455dc4b8b678ae839b4f39e6b7275bd","ssdeep":"384:pAdJR5l17Hc+yWId88Q+0VL3oQ0LmVIkTzxr1QQ02NBTQ2tp2TLRX8tRiWyU:pAdJR7dHt8cVL3oQ0LeIkf502NBTQUYa","tlshash":"e0a21ab766f915d652e848e808cb189950f4e0223d86293d5134edd220f2cdbf2eb9bd","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-18T18:22:11.323314Z","times_seen":970,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9357.6eac77a0486f9581bdbb.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9357.6eac77a0486f9581bdbb.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-a48\"\r\nexpires: Sat, 28 Mar 2026 18:13:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 769\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NCMVzZYPnNbxzzSlRcaUcNwQxYkcE1w4hdtgBXy6BsaQAx8l%2BQAk1JOBzpUzuMiWgdAyFS62HedyQHR6%2FP1Et%2F7mhJf49r2fzw%2BTzAY%2F%2FTQBB6f63E5%2B1tDVln2%2BwzQg0sRP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69cb5623eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2632,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2578)","md5":"9a88be9c44d21f0f968af34753d94f74","sha1":"36bbcaf30dece168c8c91d17759ed5d961920e8d","sha256":"571db221ba8701ecb6f1ca5f39ff4cc593b116e510809566494f82aed62f451e","sha512":"4dae56ea2ea0b8f8d824076a2ec3ef95421b64924b4cb6c4d9b9ce3bf6760a494cba48f819c5c7354c79701ea9aefd5908222ee3394ac9d1f5f290e4dbe6efa2","ssdeep":"","tlshash":"c551a7441a7338791de347a6b05b3b120c2513b27819f59216099eeb87b624f5b07f8a","first_seen":"2025-06-27T12:27:16.286459Z","last_seen":"2026-03-28T06:26:12.792475Z","times_seen":16,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/compatTest.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:50.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /compatTest.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:50 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 19:44:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a662b6-acb\"\r\nexpires: Sat, 28 Mar 2026 18:12:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 774\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6v6Kxp9lue4gL82dMW85YyprniFn8GHg9l63wWWKdJ%2Fw6j9YCEbWOvrydUFvUM6yZtCyHTR2FvhXdJ2wy%2BVqWhNLcQuQaPN9qju2GmYMQmr6HDvblxyMp11zIqm%2BIqJTqTCb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f5379b123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2763,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (413)","md5":"fe2a5f155253301a58567a83130cd505","sha1":"35b349178c9455b819e3714c481c594ed36ab5a3","sha256":"3ee5b1443f69c457135f99a191ee2d7decc463669d9a7834f81632fc8ebdac7a","sha512":"f33714e657e6b52df84d9271d3905b0f846d787013849d0bf4b4435f4c0a20dd4b25bee19db436c91de14d72ac52ed3751f3f8e17ae77f2d3346c9d2469a1c86","ssdeep":"","tlshash":"9d51051a0db1726150796167ab1bb14336298577060cfb68b120cf397eb185bc29fde9","first_seen":"2024-12-25T09:55:32.846851Z","last_seen":"2026-04-17T23:39:30.778894Z","times_seen":745,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/getConfig/147591","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:50.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /getConfig/147591 HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:51 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=heJcS7SnuiRgUrsmZv53%2BHK7B8FSSodoWi4aZNrZersyRaUBAoS1IO0RkLur6cngPxYBszLyZrQdQklDWPFKu%2BWI%2BtLR79Uh%2FXxDn1grpr1L9W390keR29jmaZ7WWj3JmMXD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f53b9b423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2031,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8f2c393ca66cddb78db4d10c6bf170be","sha1":"d3e91c495c856f4264eac9a5b147699985cc60ea","sha256":"1e6f01dc82b6b7433eb2bfc4b022da79a144ec07c4ca689c9d505719acdbd76e","sha512":"68c285c6b79994f19472bbb5f221e1c072370a7a11410c8caaa5410380ab64956990f3df7288f4d60e937db1b8f16bd5018f4cd634ac82a9a91afbf852f78b62","ssdeep":"","tlshash":"5d411108d704c398cd492c8f5af11c1e2839e1693e05fc2d2e4ac157dbdba7f64ea594","first_seen":"2026-03-28T06:12:42.497557Z","last_seen":"2026-03-28T06:26:12.793412Z","times_seen":4,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/5905.efaeccc9ed0bc890f551.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /5905.efaeccc9ed0bc890f551.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-223ca\"\r\nexpires: Sat, 28 Mar 2026 18:13:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 770\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gw9jtAXlW0tPIXMGjkd0zv1b17CFJ1bXGg0uxQvbHBmduB%2FTscy5SvTv6MlzB7jyTWXTIGrtPfjukuw5muwum1dNNaY4a6KguFiZM8bxgYBtyCdlZfSIaToYDJjJ8hvFul9r\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f699b5023eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"64a6ce633fb3d0e45c76444320599966","sha1":"797ac0ce9a80a16667b4cb5e3ace93e066f0af67","sha256":"19029ef084d2b11071ef27c229253b68aee1da038eff08f5af99718a9d48ecbc","sha512":"1c8f178e73daab5a389a4276faeb9f608f3cd6e2616aa60f476e9fdcaf18181ab652f72bd58645597aacc9c5e237486ad2359dc8ba0e7fce4aec04f83074d61f","ssdeep":"1536:WW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rsz:JXxq8mwmJs9L","tlshash":"04d3c682f86424125382b1e654760709773af41ca9c940acfe6cfed569bcd8d32afb34","first_seen":"2024-05-27T01:56:11Z","last_seen":"2026-04-18T18:22:11.323852Z","times_seen":977,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9357.6eac77a0486f9581bdbb.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9357.6eac77a0486f9581bdbb.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-a48\"\r\nexpires: Sat, 28 Mar 2026 18:13:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 769\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s6Q87d6shljgmZ3SkO14XWkR%2Fpjy8eLmQGSjI7EToskv63Oa0w7cttkXQevUE2hkfAfnqhv48KFkBIPw7%2BiyLvPJm%2B7PsnEZeVIs3WVoJrnWzH%2BJrQVtS3YUQhZXLoZ5uySb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69cb5523eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2632,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2578)","md5":"9a88be9c44d21f0f968af34753d94f74","sha1":"36bbcaf30dece168c8c91d17759ed5d961920e8d","sha256":"571db221ba8701ecb6f1ca5f39ff4cc593b116e510809566494f82aed62f451e","sha512":"4dae56ea2ea0b8f8d824076a2ec3ef95421b64924b4cb6c4d9b9ce3bf6760a494cba48f819c5c7354c79701ea9aefd5908222ee3394ac9d1f5f290e4dbe6efa2","ssdeep":"","tlshash":"c551a7441a7338791de347a6b05b3b120c2513b27819f59216099eeb87b624f5b07f8a","first_seen":"2025-06-27T12:27:16.286459Z","last_seen":"2026-03-28T06:26:12.792475Z","times_seen":16,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-10037\"\r\nexpires: Sat, 28 Mar 2026 18:13:05 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 768\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ENas2Oezf%2By0I2we%2B9VoQ%2FE4OPbpNnkWxJcyYXREUfmjXv%2BCLlhXKxTHU%2FejdAGfktzfhH18o27lyRen%2Fz8qZMLdkLgJdPbUVxwpNUF7hUNAc9dDzigcpuOXeD%2Bpu8p6JcCq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69fb5c23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":65591,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4441938ee433d3657c20d454d352a336","sha1":"dd67121d7fda7c17be196f60c72dfa06bcb5bc6f","sha256":"659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679","sha512":"f90da6f2003442e547813d62f44e22e688f637616dd7f7f33c81e73d05a3a3de39947c0a8f580002cc96a716caecc4bcd988644ad78b01ae2e9a9792c726604e","ssdeep":"768:O6T4cK2yQ6eO1P2WgcdxazvszXIgBB1ARna76Ae/FqsSwYxRrqhlr3NqR:m1Q6eO4+IUzXXsjvi1alrcR","tlshash":"6153e88535d9b0ab42837878946f310bf2ab6d52641c8410db1dd4dabcb4e49e63ffe8","first_seen":"2024-05-16T20:37:02Z","last_seen":"2026-04-19T23:35:33.634143Z","times_seen":14995,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-28","alert":"Hunting_JS_WebAssembly","trigger":"wwb.talegrew.top/rlottie-wasm.f013598f1b2ba719f25e.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/icon-192x192.png","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:51.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /icon-192x192.png HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 07 Feb 2025 19:44:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a662b6-bf3\"\r\nexpires: Mon, 27 Apr 2026 06:12:58 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 772\r\npriority: u=6,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UmZ3RtgCP8HZ9XnCnX6UmA5aeAdv5VCWLAwFkQdeGhYHsyknPexbGUWSXwEbcwnDmB5UT11X076HS6u7ZG4aCTfAcpfPElwX%2FK1Gcj8rnUPnMra93cTDSwNhDq6IArROo%2FYG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f5669f223eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3059,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"1a1650d2c76bfc1ac484646c19e495b9","sha1":"fe58d66042ce9241226f5da9370230285ff604fc","sha256":"6e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8","sha512":"79c5c9278959bc94f66434779bebc1b46c055655f0bc58aa375f179c227e7ac0e52dea196764719d42aadcf98e4fd3b5a4488f2db977edde430aa3df733c03bc","ssdeep":"","tlshash":"bd514cd3253318e8e2dbfd7ace62041f656691ce5638ec120568de720c8985dc070caa","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-04-22T03:26:06.233964Z","times_seen":16225,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/notification.mp3","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://wwb.talegrew.top/","date":"2026-03-28T06:25:51.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /notification.mp3 HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:51 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 10880\r\nlast-modified: Fri, 07 Feb 2025 19:44:54 GMT\r\netag: \"67a662b6-2a80\"\r\nstrict-transport-security: max-age=31536000\r\nage: 773\r\ncontent-range: bytes 0-10879/10880\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oN3iUfXywWtEEx1N2kLZh8%2FySYGRTlhXo0lXZPJwmdiYAJfPesabwTguWbnmib6VYxJCHGmIZ7CNRWSKsZf4O7o23ICWFNi%2Biu4yTmtJHAjWQk6W9luTtVLs1NRYFFo1SZRG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e348f5689f423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10880,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"eba09b6a457792c52fc610b5f9f974b3","sha1":"95e6e0f7648e28ea21bc434054ea59aba3a35aea","sha256":"86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6","sha512":"9dfc5ff830c9ed75c9923528c31e1361fa36500d76a209cd475984e5585a644c8aff1600bf02a658ef363436a51988ff1e63aa7606e541dc4a7b3449c5be4852","ssdeep":"192:RuQQeX7rYX/WUUIk8DLh+2BHpZqlXCYP69tuORf6tVQRa/nwNQBv5JC:RRYeUUEDLk2VClyaV0aZ5g","tlshash":"37226b18af11056ef4866bf0b3939b8dc42d26c37a26d4cdd3a5d7e369430e2a7d500d","first_seen":"2023-05-16T22:57:55Z","last_seen":"2026-04-22T03:26:06.216739Z","times_seen":16581,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/5905.efaeccc9ed0bc890f551.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /5905.efaeccc9ed0bc890f551.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 07 Feb 2025 17:35:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a6447e-223ca\"\r\nexpires: Sat, 28 Mar 2026 18:13:03 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 770\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kPnurrVSUPHpl4pxtV763%2F2vf5CO66TxTrTKi1tLr2QjIPqG3SIi90rMkRN2MKRW8k%2BJaah9Wbl1vpHiIOLF3s9tqKYr2foeBv%2F56SoSBAW41yqH1lOpdL0lnT13g%2B7TL2dZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f699b4f23eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140234,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"64a6ce633fb3d0e45c76444320599966","sha1":"797ac0ce9a80a16667b4cb5e3ace93e066f0af67","sha256":"19029ef084d2b11071ef27c229253b68aee1da038eff08f5af99718a9d48ecbc","sha512":"1c8f178e73daab5a389a4276faeb9f608f3cd6e2616aa60f476e9fdcaf18181ab652f72bd58645597aacc9c5e237486ad2359dc8ba0e7fce4aec04f83074d61f","ssdeep":"1536:WW3M14X1jDx480MHyQL3YLZHZp+snJhcssuovxz2Rsz:JXxq8mwmJs9L","tlshash":"04d3c682f86424125382b1e654760709773af41ca9c940acfe6cfed569bcd8d32afb34","first_seen":"2024-05-27T01:56:11Z","last_seen":"2026-04-18T18:22:11.323852Z","times_seen":977,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wwb.talegrew.top/9357.6eac77a0486f9581bdbb.js","fqdn":"wwb.talegrew.top","domain":"talegrew.top","tld":"top"},"ip":{"addr":"104.21.96.82","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js","date":"2026-03-28T06:25:54.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"talegrew.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 11:41:52 GMT","end":"Thu, 25 Jun 2026 11:41:51 GMT"},"fingerprint":{"sha1":"D1:CD:42:09:FF:62:FF:A9:65:85:2B:E6:E1:B9:89:A6:A7:BD:DA:EF","sha256":"00:0F:A2:F3:C4:38:E0:42:0C:50:C5:57:ED:0D:81:6B:29:C3:51:12:DB:CD:2F:56:EF:C8:E0:82:51:DB:B6:6D"}}},"request":{"raw":"GET /9357.6eac77a0486f9581bdbb.js HTTP/1.1\r\nHost: wwb.talegrew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wwb.talegrew.top/9722.204bd3ee91908ea636fe.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:25:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 09 Feb 2025 11:38:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67a893aa-a48\"\r\nexpires: Sat, 28 Mar 2026 18:13:04 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 769\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FXKU5jQGl03I0uMb8KgnFlF5MmegDv1j95vdaOAjIPazPJO50CefzsWG%2BEK%2BqBlecLWvc6gHOoKyAfpPO2VMFDPHimspwHgHjYPnf3ZHEsagdJfSrllIWGzSToUz6ZVX4Oge\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e348f69cb5423eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2632,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2578)","md5":"9a88be9c44d21f0f968af34753d94f74","sha1":"36bbcaf30dece168c8c91d17759ed5d961920e8d","sha256":"571db221ba8701ecb6f1ca5f39ff4cc593b116e510809566494f82aed62f451e","sha512":"4dae56ea2ea0b8f8d824076a2ec3ef95421b64924b4cb6c4d9b9ce3bf6760a494cba48f819c5c7354c79701ea9aefd5908222ee3394ac9d1f5f290e4dbe6efa2","ssdeep":"","tlshash":"c551a7441a7338791de347a6b05b3b120c2513b27819f59216099eeb87b624f5b07f8a","first_seen":"2025-06-27T12:27:16.286459Z","last_seen":"2026-03-28T06:26:12.792475Z","times_seen":16,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-28","alert":"Phishing Block","trigger":"wwb.talegrew.top","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"wwb.talegrew.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}