{"report_id":"a60c4cdd-83b4-4665-a062-59cf1b4a3d47","version":6,"status":"done","tags":[],"date":"2026-03-28T00:02:36Z","url":{"schema":"https","addr":"gro88k.icu/","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gro88k.icu/","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"title":"GRO88K Official Pre-Sale — Get Up to 100% Bonus!","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gro88k.icu/","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T00:02:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-28T00:02:14Z","timestamp":1774656134,"ip_dst":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49050,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-03-28T00:02:14.729268+0000\",\"flow_id\":1599158503211563,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.2\",\"src_port\":49050,\"dest_ip\":\"172.67.140.5\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"gro88k.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3425,\"start\":\"2026-03-28T00:02:14.721451+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gro88k.icu","ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-04","domain_rank":0,"first_seen":"2026-03-28T00:02:36.525814Z","last_seen":"2026-03-28T00:02:36.525814Z","alert_count":24,"request_count":12,"received_data":237970,"sent_data":5157,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-22T22:34:23.857339Z","alert_count":0,"request_count":1,"received_data":23806,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gro88k.icu/","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6918d960f928347f538286edbee80a91","sha1":"a28324894d4d58d98129ddcb4c14435f5c629257","sha256":"112fa07f0eed14a6d2de10109404b320de48e3378d8bb5d6a00376891731baac","sha512":"c1b88912da321a0e2ef370f9b79c7f3e7fdd1323a12a108476669cccbb29ae8f149135ec5a5f2cf5cd441240fe8b494b6256d2cede89a78fe94e432d3408285c","ssdeep":"","tlshash":"c1116d1a5ef17a33006731261ebbd205143251c75a687d78beacc1189f19b8ee5e8f98","size":1024,"data":"","first_seen":"2025-09-30T17:15:07.082301Z","last_seen":"2026-04-06T19:20:46.150673Z","times_seen":283,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","size":23016,"data":"","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-23T22:45:53.470528Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gro88k.icu/","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T00:02:14.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:14 GMT\r\ncontent-type: text/html\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IH8eAh20vfxWcGMD2fG7SVxWF5%2Bf6kR6Q6pei3U4GNryhwTWq9esSSB90kHEfgdAzMFczmGlUHXw8WaX94tC3NMQ3Jw8HJv7sOyUmeb0jaLsbCOdT2wQNEg9HH%2FX\"}]}\r\netag: W/\"c4b6d96ac1cd917c4fae29c4ce7eb2a0\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e325d6a2d783181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12846,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3f1ab965015793294f0121b9768d7e29","sha1":"9d9bc1265da6ee4a4c259d01aae6ba1f9bc13dc0","sha256":"fcf9bbd74e8a850fc21b75c6a680a0213cb881964280633d051c8500920abb1e","sha512":"95384a4276fb155ccd7f2966f0b76afb3bf96fddd7c50d200e4865fd9c760ce3f7f374634ffb969e92711fdc199adb9b0ff54b33d59e442e7db452ce28c1ab49","ssdeep":"192:IiTXEY1vS1Sy8cvJqXhGUoQSpjZKE7UHJ2wxMlZ1e:IiwYykDGDQ","tlshash":"27424023d9809c2722329350bff26388f759421b96050d66bbfd714e4ff6aa09953f9c","first_seen":"2026-03-27T21:48:27.89786Z","last_seen":"2026-03-28T00:02:38.961333Z","times_seen":2,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":73,"dns":54,"connect":1,"send":0,"wait":17,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/css2?family=Inter:wght@400;700\u0026display=swap","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 409\r\ncontent-type: application/octet-stream\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"f84c7e4a09c041fd6a8f5940eec68745\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xaSMhMq7BFM7MM0cgDl4DpmIYFlstXaSZdCAoEowXeP%2BqtFf94B2eQzgsW87h5FjnRbtaVbD3fTs6SGfhX5qgJuDHccOcMO0mEL2PgqFmhCnMH0Df3GQK8A1cRGb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9e325d6c2d06dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":409,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text","md5":"60b4e28606439c00e6d0e7364b2b091a","sha1":"23b47d11e7d32c39aea5b286e25a794a1f38b5be","sha256":"bd6b86f3bb8f3b4b9bd1cd2400be3689ce338224003060d3d02dba51a50f65b8","sha512":"cf068877c3058d3a4202777e5c763a814fc6cb0e7b6fefbb97a16ef61413563bafbca74071081ea342f9a3a9fed09c7b03920ff0e6401f7fdd46ad02098f56c1","ssdeep":"","tlshash":"46e02240002f1611c91a1e6d33cf3f2d2ecc29881042c1ac4b350c959dea06a8345fde","first_seen":"2026-02-12T22:26:06.450132Z","last_seen":"2026-04-04T21:42:22.119317Z","times_seen":58,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/8.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /8.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 57032\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"572a822e124dca5597c0a75dd7785d08\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5n7j%2FJsStKlTqifTfwKUBhHkXqUPorL9LYtBchQ4W6%2FF%2FVgm%2BkJGRjART49z%2FNqIcw8Utu5FaKUhYJh%2FYBVljeuSM7OAxSWtErQoh2Ey3sOFAOn1cNknyyuTatXy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c2d07dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"45a0973fd473f6545bf1268fe29f4dfc","sha1":"efe037eb2e30a3e350a8bad79f9d652928b10967","sha256":"9683ca52210bb0f7c37d8dd34495197d45c00579266a940489076754b375264d","sha512":"8b8f095fc485658dfe07a5c4124286d0537866434ec29e9842c1539799af1d1bd8173a6d554bdf5f045df9ec81e56bcc689974aef658d0865452284af4a355b3","ssdeep":"1536:GlzO4/HjqUYXe1SMUDc1nDHnZNBhlE5Xw4ff1v6ViMWO:azJHjqvAtecFnnf65gxi1O","tlshash":"934302b493f8bd725a0b4cad69fa4526008adc20629f3e75923b39d6086335f0157e3b","first_seen":"2025-09-30T17:15:07.063954Z","last_seen":"2026-04-22T13:51:28.985789Z","times_seen":337,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/11.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /11.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 16580\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"e68594d3e78848fe91e925e239366710\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HRWQIeB3IBcqIuNp3Bgo8XYj9KPaoGZwYxYkG1NvwAkxVqF7%2BWkPBBIj8352v4JhHlov3Bskj8wsXwHN2HS0apvOpEbRy62YWlRqipVt9wyaCOJAPOOkfCUqNrwk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c2d08dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"219accc7f77ce773b0a35c85aa007167","sha1":"2c24508f752f992c2bab45ee58ff1259a341552f","sha256":"13dfe760e11e584feca95e882c723ef5af5789f90910a57c1595cd26c6f96a56","sha512":"d2b71f61314026636194ca89dddff558870c50658f136fce1c32332f5b112d6d376e6c744ad572c172cbec63817723a75f880f497a02a6caf149d2439f59151a","ssdeep":"384:ov4fsUAqn2wMMKYYCrB4kfnhc5u0nbgdzM5B9ZB/L4LAc:64fsUAqyMKYYC17nh0u0bgdMn7RcN","tlshash":"fe72e1fda47173308c87823939c68c1d14b19acf9caa27565cdf27f1b19e27c6a74452","first_seen":"2025-09-30T17:15:07.077773Z","last_seen":"2026-04-06T19:20:46.130334Z","times_seen":326,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/3.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /3.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 51152\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"ea59d6d1005b9edd76c418198ba0282a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Iyf1FRoQWWtxb6J1wLt9%2BJJihW8W9wbuY3CcLCOA5PpDP7Sw958QS7E%2BnUMp9WPFWMZOzH%2F6j4bmhuoF3RBj1lb3DkAJ%2BdGf9PxtNJfSAmH9Zuw4vBY9SaMyMYuJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c2d0cdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ed66d899203784adfe6c2c8dd1939343","sha1":"14b8169d424fcb4290f155981ff1d69ce094dce0","sha256":"fabd28e5a26acf947fbf7af38df17c5bb62f93d252903e86fdf47c6db9f9d9ef","sha512":"929c0f67bc57aa84f41a1d80e6271d6b7bc1e297aa0067dfa736eee56e641a58e15b7a4ba8b0048998147cfb9c38742f8ef232262d8bced3161564e92f6a8c4c","ssdeep":"768:DnDRMPhTcJDJGGS7dih7CpEILJcpxUWuaAE7Knw0eZOG3CuX0haabAnKnY:LDRMPhTsDJodjiBuaA9et7XIRJY","tlshash":"9933d06c75a8a5ecbdec22af1116d74ec802914f13f84d6eda48a60316c79aedb3f441","first_seen":"2025-09-30T17:15:07.08107Z","last_seen":"2026-04-22T13:51:28.995113Z","times_seen":348,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/4.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /4.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 2640\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"0b1a4defdbc0f3140aa8b7fa46a51f00\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ck6Rbpp5wrvlk7U9bKopDhmMfOy5s0Pyujkepo33TNo8T2cP%2BVdRGtXjIfmN%2B%2FMDW17TWs3KBizAPp3imt2NDRTQDU8TKED024LAoaHPYKircbjISGPcQlJTNM5N\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c3d0ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"068cfaccde163ad6416ccbd3e64cf73a","sha1":"c3ef4658642c3f268fa6567351324dc5ae202755","sha256":"b1ccadcb9c57c9a2990d487b6ad8eb7323993348d6020a28793643f56c5b9f95","sha512":"dc6f2deacc9405d5b31cac5efde90853ca958a3bbbb7da4586bb932db7fe9846b5c20502a282f2cf1535a3ab19acefcc9d89d9fc74fa3d3bbf3772937868dfdd","ssdeep":"","tlshash":"8d515c4372632a042710b1ae7a0f0a80b916e363a3d0d0f4de94af3527562cfdc720cd","first_seen":"2025-09-30T17:15:07.069315Z","last_seen":"2026-04-22T13:51:28.970562Z","times_seen":337,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/5.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /5.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 2984\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"b83250b75ad9fd7d310dcbe9ebd61d09\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X8jnsdvr%2B%2FmAJ5E%2BZRPW6nrQGRlq0kPPePGuCXNWXhWxTg89qLMk4XvQ%2FSXMMoQHpUoNBFkcdROnGTZTpTp0ym9mnT2ydDLz%2BI518g9PrJL2HSGKjHrxk1nHkaum\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c3d0fdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2984,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2d1617bdc152c6bbfe3cc95409655a35","sha1":"7c222b20182227583dd82c0bc31e3fbb5eeb4ddb","sha256":"d54d30af672b70a35c3ee6a34f0407abec8adc3dae40836109f2a309b2bfe594","sha512":"ac01a6d5576725ebc39e5ad40be604e168d91b8795f0cd03585b080ff88005599feb73804bae2bddaa406350f8180767f1824808ddd64e8a83267595d6fbd260","ssdeep":"","tlshash":"59512df9db30d56d478fe91ea83567b868df2843c05c95058da5d1ebd54c320d193b60","first_seen":"2025-09-30T17:15:07.055952Z","last_seen":"2026-04-22T13:51:28.995914Z","times_seen":348,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/6.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /6.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 9428\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"76b9ed5d245be80f660be3b0e19a89f7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9u%2F19PE4yTPpMcOdc%2FJqjRLerxq8dhJWVzfoWPfaqxNqmgk5JAA9PYNkzRXfyWMm%2BWwWKU5iygCQBMvakAwKKDMFzopjX1lXCkRrMq5ZTqPtbv0OG3Hij6Ei6ceE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c3d10dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9428,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d19d5b8b0d337eecb20c486d19023741","sha1":"8d4c401716031406eeb2f541f1df07ce0df0cf0a","sha256":"aa28c4ce43bbd971e3febb155bd3d1fbb09ee0863bda48cd192a4c28877e0359","sha512":"0193b4b9a48db64b8a8f9bf67a6d1b15cbb804fed9561ed8020b373794f479cdbc426f3ed0fdff881ac1df39bf9009e2e7c76b5bc5ff030603bdd1e47470815c","ssdeep":"192:t5CyRlviNpkm3jaxZws9jj1WstykSOZIY4qRmwzO6HFq5Ch86hzQdRL667Fy4J:t5CYvi3kFxZfjjsoykSOSYfMluFqw8+0","tlshash":"a312ae980e3aee7b74108bb4ee29325ef63a1360f3fc9b597a4295901359d0727c9c49","first_seen":"2025-09-30T17:15:07.071237Z","last_seen":"2026-04-06T19:20:46.125045Z","times_seen":340,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/1.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /1.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 3444\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"7e0a7feff4c386a17295697aba88a74f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z45y0AjY%2FhIk633AtFuFLX5KTF02p%2BPSIyvYG6ihmyVnj1KUb6Beer6gqAANg3IXGeCrFFacGtkCLtwdfyrpVF4Wx4p1BFIA%2BGtST5zaBU1Gmi3ml2UGVKaYsuJ3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c2d0adfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c4229ccfa2f7bd9aedbd7564a62271b3","sha1":"bc5ef0055ef56e8eb04c0b8ac041a61a94f6234b","sha256":"cde1dc1e302419749339a4070dd32b5f7009da9eef2810fe7f91887186893d0c","sha512":"08c14e435f89caf9cfe06d4a150f24e3f6a354c86e916415de3d75b29d19e246f34c7a1ed0e7d1f7db58213621b52e24101e11975c6fad7d55f3acaed580a75a","ssdeep":"","tlshash":"dd618e793682d8f9f4502be371e9b258c168b9a2ed654160e4c6d850bc8a76493ab940","first_seen":"2025-09-30T17:15:07.050786Z","last_seen":"2026-04-22T13:51:28.986756Z","times_seen":337,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/2.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /2.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 11646\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"5ca34bae95960fed994f3e85e8b212b6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I3I6RJKHTEdOkbBULgPX9eD3PZA8xdLAr50tUlWlMoKGG03xA2As4Rd7uuFg4u8mrOV9QuO%2BvebRLyOpbVkV6H7Mr3lP87%2BJxyZNTAC5PaIQS6g6mGcHM4e39O99\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c2d0bdfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c77454b0b212e4078cac85b3f1616f1","sha1":"924455b3b0dca72d5888cb0b7da65ab5a5352a99","sha256":"4839cefb1ead1139d03382d2cd43dfc0b43625eb99d81f3adbf63d37680a6d14","sha512":"d52cf67b6a3b68c70f2c1d8ee423b8c145f12347411e74677bd07c512397b18920cd7a1e12e1b3bf028a35d98426f92678f197300b2434ccbcc285b1e6ec87f1","ssdeep":"192:MtuEcsbpDqD5WwFZW8jON8Jp+VC9xaDUAJzkPUaAvHa22W+1rSBT6RFBCHNl:wujstqJFQUONIpwC9xCUAK3Ca2n+3BCf","tlshash":"5d329fcba38f79b085640231316f8513b56a7484f1f8d99758cf177b3ca5a39c8e14b2","first_seen":"2025-09-30T17:15:07.076567Z","last_seen":"2026-04-22T13:51:29.000943Z","times_seen":348,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/7.webp","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /7.webp HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\ncontent-length: 7266\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"d17823a6835e6245ca9b29d8bdf1fd76\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bXaOYWgRERCxgHEQPXfroFqXFgooB2pyTkIQHl7YmcCaQ%2FS219lyBmXPiTRo9b%2Bq%2FrddIt3JgAPg8hiOxgfWVk4lLkQe0cab6KKQOZU7lj7J2rCP32c%2BPTfHb8e2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e325d6c3d11dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7266,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b193335cb4bb7c6c0b15cca932c55f2","sha1":"bc0124752cebe2e87a26cb9bad3872084dffa98d","sha256":"de5cd14e02a35aefca76af5dbc1205b8f8df7c0b0892baca18102dc16880e6a0","sha512":"c127957415e21fa8f705d0504a9d574d12428e722316ffaf0533bc2e290ff5314fe9986c0ad79575bd7efd44e78ca680948b43a3e98482b3ce0212460d436bd6","ssdeep":"192:X4cQiL7swHNgx+TBYHQXFE59PfxXMSYqTk:XD4wtK+Tqou9Hx8SYqTk","tlshash":"cee1ae5b97c72e60974dbceffeca33536470143d0d11a3938a2b12db107668a1b91ac0","first_seen":"2025-09-30T17:15:07.079612Z","last_seen":"2026-04-22T13:51:28.990674Z","times_seen":348,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro88k.icu/favicon.ico","fqdn":"gro88k.icu","domain":"gro88k.icu","tld":"icu"},"ip":{"addr":"172.67.140.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro88k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 07:50:49 GMT","end":"Tue, 02 Jun 2026 08:50:45 GMT"},"fingerprint":{"sha1":"F2:C0:03:A8:12:3F:82:F0:87:07:8E:2F:EB:60:1D:26:64:FE:02:F0","sha256":"8B:38:50:DD:04:F3:33:24:71:42:C0:86:AA:85:ED:86:6E:49:5D:50:55:AD:44:91:91:16:E4:51:60:BD:CE:25"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gro88k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\netag: W/\"18d3cfcb0e36fb154917d5fce37c36ea\"\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=svCQVJo8HXWndfsNt3GL1heB8yTRhrQNInpzWwpREhEVxFYi7CyDNYS52a%2B%2BLLZ5mh8QOoUPMlTVJJekEYuZmUZfwkfBy%2Bv1jFgkqVLjBW62vGPYt4lk8SBvQhpg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e325d6c9d12dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54684,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a314da9f659a273c951c5a8b0ab4a46a","sha1":"efdf35fe9a86ade33e237b0df23ff6ff14b7cf7a","sha256":"951ed286ca1946f9c99768ef1736f052f93966d115889afa491ce309caf35f55","sha512":"e649b71989aa0df5b242946c0c385cb557ce4347a80577d55f93c6822a194d020353a900a6ba816858714828051e4f37972b0c0372762379250da2447dc69d65","ssdeep":"1536:Ulxox5vAnVJ09eeoZ2sYuJBTE/lPbxRPJxAgvcDCZuNs:Ulxox5v8eeJXBQ/lPbvxxjv2CZui","tlshash":"3633022c99d188ef73fb38995017eaa745a1688466dbef8cd7e305f07e72624035e843","first_seen":"2025-09-30T17:15:07.073613Z","last_seen":"2026-04-11T13:37:11.591165Z","times_seen":333,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-27","alert":"Phishing Block","trigger":"gro88k.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"gro88k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gro88k.icu/","date":"2026-03-28T00:02:15.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/particles.js@2.0.0/particles.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro88k.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.0.0\r\nx-jsd-version-type: version\r\netag: W/\"59e8-UZOhrgIV5VxI3l3rU0rLB4Gjv70\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 2562672\r\ndate: Sat, 28 Mar 2026 00:02:15 GMT\r\nx-served-by: cache-fra-eddf8230027-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 6168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23016,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22686)","md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-23T22:45:53.470528Z","times_seen":699,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":40,"dns":2,"connect":14,"send":0,"wait":14,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}