{"report_id":"d714a20a-2879-484a-9811-8f018b67524c","version":6,"status":"done","tags":[],"date":"2026-03-18T15:50:47Z","url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"title":"$GROK DISTRIBUTION","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T15:50:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www-groks-rewards.xyz","ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-15","domain_rank":0,"first_seen":"2026-03-18T15:50:48.39204Z","last_seen":"2026-03-18T15:50:48.39204Z","alert_count":18,"request_count":18,"received_data":1574229,"sent_data":8559,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www-groks-rewards.xyz/snowflakes.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","size":2457,"data":"","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"68901382a907d096d9735743dd0b7a77","sha1":"01369302ed4ac728de3e7bdac9e7cb43004823f1","sha256":"4deb0e1c723fbc566f043ecb8c4b9227de7f4337bcd78b08f75dd687e0f3a344","sha512":"241fa15edacd0d6d49e29d2e74740da2e36bc231c681522ae527e2504332c663bc5a18c98fc4b9bc767d1df946a70e9b7eb7ade4e6a9bac93202e0f5add22679","ssdeep":"6144:POVbzsn7QOL0ZS/7t27Jv80JKrFg7zgIM/t8xFzTLYkwlRbcYk3gaGbYk3gttj3F:PO67QOL0ZS/7t27Jv80JKrOPgJF8xFzz","tlshash":"f9745f9a0caa66ccceddd0505938d8a8b9c01c468bbd5f75e88ef395f88047164ef2dd","size":364114,"data":"","first_seen":"2026-01-23T23:57:15.258715Z","last_seen":"2026-04-30T11:07:04.997693Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/index_1.html","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac4786192a3916566ee22c5fc6ad0a9e","sha1":"1ec501d88894554b12177a24ce0d2fabfd718d7a","sha256":"90c19ed8f3fde66963f3bbecab7a6aa3b587baf67e2cdddfd99642d615873e4e","sha512":"26f003352039e1794a65f64ce5a3c933abd3e371dade96d76d891e2babc125a0b562550542e36a5cf120c308b84093f4c5a8f977363c045f0b7233e556b0e8e1","ssdeep":"","tlshash":"13d02bae48a2892456c6004e21fec364351161c85967628055d9cc19d904d578551d56","size":263,"data":"","first_seen":"2025-08-07T19:45:13.889869Z","last_seen":"2026-05-01T15:06:22.86674Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/gridsome.plus.min.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b1070b961675253e6530490564d6e433","sha1":"2a003903ee23c703d9c18d0ef6acbf559ff2b9f3","sha256":"a8c3236a266a9972cbb3e5f34d9a99f3afd9eac142e48aca7b4802083b6bf98c","sha512":"dd3847fce922b4d068d2a7c3ef773154f8ec3013ad9c9289a4af61928d53e67a1c6cf5f34b97cbe5f9c04b7f84237cce5638cad3cadfb82e28f34a0fb3a34dfe","ssdeep":"6144:LW80XxuzZAOL0ZS/Rt27Jvm0lKT1iNdcU2RwHFzTLYkwlRbcYk3gaGbYk3gttj3Q:LGo1AOL0ZS/Rt27Jvm0lKTY3ctwHFzTy","tlshash":"2f744f9a0caa66cccedd90504538d89cb9c01c468bfd9f75e98ef39af48047154ef29e","size":370655,"data":"","first_seen":"2026-01-23T23:57:15.23163Z","last_seen":"2026-04-30T11:07:04.994304Z","times_seen":180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/particles.min.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","size":23364,"data":"","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-13T15:22:40.998432Z","times_seen":5060,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"adb5accbf3eea1a9809fe2f31a17dc51","sha1":"b5dd2e8dd5de9825a940e9b3cac200a1a3b022ac","sha256":"74f41e9217fdfb6538bad20759a5185689b15ad82280de27abe2dfc2b3c034b0","sha512":"01774b850246e42054968343c0726b2f1d81c0542a03f7cf26952862207dc1517e01bd321ce411cbbb8342b1a41c6191076139e4d6ec8a058ae1753a4c36cbeb","ssdeep":"","tlshash":"dc71282ce9b41cb3104ab07908be5247b570955b0d2a3d35bd4c829c5f0ee6e61be7e9","size":3587,"data":"","first_seen":"2024-08-19T21:41:20.669609Z","last_seen":"2026-05-06T23:47:35.269243Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"591b5136b36781f44b21b0a07d269dff","sha1":"dd231a9ee51f841fed69e3c6ffe8782a203cf101","sha256":"3fe3ccda166afafbcd1ef108707a53334c3797f345e2eafffdc6f77d20277d56","sha512":"e4b7ed8a81dee1cf47d03a8d94b2e1c07c839db021f8ca5018e3525310344d2a5de187f5a678590464a92ee0b1385852e02a3fedf36b5a526526c367d21320d5","ssdeep":"768:/Juv7UTjBE0GZQ8t9TiRZEJtWOr4fqLI5hnC/g/:/Ju7Ui0m9TiRkYkKqL8I4/","tlshash":"58d284cb358b7135c2a577f51d3b31caa6bf7c892505940a8651acb4f9303b96872f28","size":28721,"data":"","first_seen":"2026-03-18T15:50:51.194889Z","last_seen":"2026-03-18T16:06:31.29966Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/main.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f216e5143a1d3a59abf6d0141053981","sha1":"260102aa3f4f88cd051e9d5ea84ffde2538fcc44","sha256":"2df1d83244ca5ef0c0e749d6854927d7317de9b4735ea08d2ba06e1c836dfdaf","sha512":"a8f43481669d4b6fc0deafca36801a539dca1f992f2d75a93f2cb59e6743051c8d9bc30283dce8039a6a4cd2e69a43b538e7c08ea898fe21ae75259e596d5ef8","ssdeep":"192:UjT5pwq3bv9M6b8/888vdB3uacRu7boDVvQPkfNVb:UjT5pT3bv9M6b8iFB7Mhv2cNVb","tlshash":"c4f1e8da7f82b54202726db7108f6ce3a09d9f6259204c5be160c4d8bb37344e0eeed6","size":7922,"data":"","first_seen":"2025-09-06T12:15:29.241549Z","last_seen":"2026-05-01T15:06:22.861257Z","times_seen":201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29564150%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-13T15:05:21.535419Z","times_seen":2568,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www-groks-rewards.xyz/css2.css","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: W/\"69b6bac7-756\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hyFYBPmpa2wAbH1Li0i8POrrwUj5gZ8oBu5MbLvndzVFpp5z4XFFDdN9C0qvHSVUg3WNIa0rbOkqwwwfh%2FGH79ZGGWxkhXsNFpFkGlHY8rRttrOKhg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de5649acb4eaa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1878,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9062a655afcc97c2d427b10f735a8aea","sha1":"b22103ec1665985589e0be5b9f5e9686461dc12f","sha256":"66489ff17cd8cbe69f7dc79d660975d2910614eda742803f69181a0ecf3bc4bd","sha512":"ab721d03c97484fcb5cef9844c74968d7bb643c1ebee2eea3a2e8129f9366306f24d0b42e6889213aa56bd28047ad42645cbc4457fc3dc681dd8e7df4d4265eb","ssdeep":"","tlshash":"89419b414c3a5104a3d32ce263ce7d31cd4ef244b045ca34bffe1859ac4ad6563a4b5c","first_seen":"2025-08-07T19:45:13.885497Z","last_seen":"2026-05-01T15:06:22.858559Z","times_seen":359,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/index_1.html","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:26.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:26 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IHDWLmR%2BDhuOyGE8GSfmPkGZPGRIhLKHIpV4OATC7XycZZq0vKHwr8KHUpIrkroU2DAy3lUi1pa5XOZD%2FlVdZ8aUi9mvMV4Bk%2Fu1M1rgBuesDsgPuA%3D%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9de564a05c9aaa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (408), with no line terminators","md5":"8a8b7e62710d21e30e70634977369ada","sha1":"9a74072f39167533862cfaca554ff48e4f860203","sha256":"9aaad00c216a7686ef1ce601884c0b298a1ee6d96237c62e4bb38cb34ccda5a2","sha512":"03f99764a5ff6c7e3c70def3bf4b26fdec7be2426b3166465c49f935d533c4a6501c6b331c330e0beb627f97b5a422b0150dea1ea8f897a48937fff5773e5600","ssdeep":"","tlshash":"71e0f1bf8c62c82959c1098d33ffd38c2400e4987832e54064e9dc15cd08fa7c803d86","first_seen":"2025-08-07T19:45:13.865763Z","last_seen":"2026-03-18T15:57:30.946795Z","times_seen":210,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/index_1.html","date":"2026-03-18T15:50:26.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Wed, 18 Mar 2026 15:50:26 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9de564a25d08aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28721,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (28721), with no line terminators","md5":"591b5136b36781f44b21b0a07d269dff","sha1":"dd231a9ee51f841fed69e3c6ffe8782a203cf101","sha256":"3fe3ccda166afafbcd1ef108707a53334c3797f345e2eafffdc6f77d20277d56","sha512":"e4b7ed8a81dee1cf47d03a8d94b2e1c07c839db021f8ca5018e3525310344d2a5de187f5a678590464a92ee0b1385852e02a3fedf36b5a526526c367d21320d5","ssdeep":"768:/Juv7UTjBE0GZQ8t9TiRZEJtWOr4fqLI5hnC/g/:/Ju7Ui0m9TiRkYkKqL8I4/","tlshash":"58d284cb358b7135c2a577f51d3b31caa6bf7c892505940a8651acb4f9303b96872f28","first_seen":"2026-03-18T15:50:51.194889Z","last_seen":"2026-03-18T16:06:31.29966Z","times_seen":4,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/endless.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /endless.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=09myX7cfzyu%2F4Pr7TsZQqXXItli9%2FTdlvy1p%2BVSn8eTpw81EZZphSu%2FOEEeXsLWqM1egc%2BjV5NmxfI5AIWmQD4tBLXg7RLmcLnbCEVS%2FUaNRwzGl2A%3D%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9de5649acb4daa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T18:33:32.683565Z","times_seen":16393053,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/logo.jpg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20770\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: \"69b6bac7-5122\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YlwR9FFIskYktT%2BI3D47XEMU8KYNu%2FTf%2BfYYR33e%2BDSp4VOTbf88GFWu%2FuJioXzeBqZKNWA9MLRBaXg1Hp99ycARRSUksGSk54ES2jxM3ojyjtfMdg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9de5649adb4faa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20770,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"5b839221bfae23473e14c4ff76ad959a","sha1":"c3b4c6026e5b9fceae9ba03e51fe1d09e89f9b19","sha256":"0479cc414b354a7d6fc2da4ac9472fdcc7aa9046c0842f47fb51a942324434ad","sha512":"9bfe9b5790a78eeb4ff2b7c8b26d33dc5d10514c62624ebdd9bf669e64b7c54ea0d32b69f8c23519ea08772b2dcf7c24bdfde8601b6e3ad8340c69ac6744bbe2","ssdeep":"384:CkJC/bUL9jpAhkFKMtWJmeupUFaq52ueI1sw13o5CWodk6FAHhifHStFEA1eZ8xk:fRLFuhsKMt4yUFaqsNI1D+5NMFAhifys","tlshash":"1992e107cb99d262de5fe0b3c818b32581930e67c12d4b9a2e2d5c32ddd4087a77f586","first_seen":"2026-02-08T14:16:45.801763Z","last_seen":"2026-03-18T15:57:30.941103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/f9fa0444b908def7e2cacce9c162c39a60167a27.svg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /f9fa0444b908def7e2cacce9c162c39a60167a27.svg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69b6bac7-1a6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sk3qFINKRMDY8majM6e5j9PuEc6unQHC25wuxRxurpBDqgQdcM2eUuUXs7%2B8bjdZS96N3dFjOtKa7%2BJIjtRYEnazi5tErxtocvt3ySwulSx4GDpWLw%3D%3D\"}]}\r\ncf-ray: 9de5649adb53aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":422,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9e47aa80842b4d43a41898ac56baa984","sha1":"f9fa0444b908def7e2cacce9c162c39a60167a27","sha256":"e94f4ec3d5f854f7281c9c36eeff5313fe0b739a16c7f2b6336eea87f1c013d3","sha512":"be8707bd09706a2691cd3f855f1fdd9f5bc3c4b49c87c876b7da2dc97b611ef52ced2b5290afdc1bd9efd378e42d60daf38deca85f0c955a228dbb2f27daedd1","ssdeep":"","tlshash":"6ee02395523ed45d6403d94dfe2934d15856b1e9b3084ff9e354533c9cd09ff3441164","first_seen":"2023-06-14T18:42:25Z","last_seen":"2026-06-13T01:16:35.320108Z","times_seen":358,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/secureproxy?e=ping_proxy","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:26.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www-groks-rewards.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:26 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 4\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nlast-modified: Wed, 18 Mar 2026 15:50:26 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=svhPYVuT5%2Bmvq667cnKsJqziK9Ce3Jiw0vTmXPxocyyg0kB%2BgKQr6VJTsm6NZ4AV%2B9%2FQkNDae4BNn3OQbO4QOxu90C48a7VOMqaBcqv9k0WaFPl5yA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9de5649dfc0baa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-13T15:26:27.674345Z","times_seen":8815,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/gridsome.plus.min.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /gridsome.plus.min.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: W/\"69b6bac7-5a7df\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N4sQFVUQ6HTX7pepMWxmA5nWYa18mHHIgduGMJDF45oewAQY3kzvQGJqmYiKGYppyuuE0lDpuvGe%2FIsg58urWPeO37gXskSi6OOuM99k6PB8OcatdA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de5649acb49aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":370655,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65159)","md5":"b1070b961675253e6530490564d6e433","sha1":"2a003903ee23c703d9c18d0ef6acbf559ff2b9f3","sha256":"a8c3236a266a9972cbb3e5f34d9a99f3afd9eac142e48aca7b4802083b6bf98c","sha512":"dd3847fce922b4d068d2a7c3ef773154f8ec3013ad9c9289a4af61928d53e67a1c6cf5f34b97cbe5f9c04b7f84237cce5638cad3cadfb82e28f34a0fb3a34dfe","ssdeep":"6144:LW80XxuzZAOL0ZS/Rt27Jvm0lKT1iNdcU2RwHFzTLYkwlRbcYk3gaGbYk3gttj3Q:LGo1AOL0ZS/Rt27Jvm0lKTY3ctwHFzTy","tlshash":"2f744f9a0caa66cccedd90504538d89cb9c01c468bfd9f75e98ef39af48047154ef29e","first_seen":"2026-01-23T23:57:15.23163Z","last_seen":"2026-04-30T11:07:04.994304Z","times_seen":180,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/snowflakes.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /snowflakes.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: W/\"69b6bac7-999\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e0ezvoM34xB2MQBpbChWO%2Bm3mBbUkher%2FTzVQqBKqDlL4PHA8uRfAS0PoeEJxrJARB%2FA1%2BgvRtkFfkD8cLljqW0ZfhtHNMSaqgW3wReFeJ%2BN9LZ8qw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de5649acb4aaa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/particles.min.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /particles.min.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: W/\"69b6bac7-5b44\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IZJfbNSTzBQt3FjF0d%2FnQ4MLmIrfYvP8ei5NoWJD0r4DI9Oe3dt%2Fb%2B47FDhsEFWdIFf1s0f9TwqwxvbqUNLdKQcLAdzmcPgunQm6mQbuV5t1yHnZ%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de5649adb51aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23364,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (23002)","md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-13T15:22:40.998432Z","times_seen":5060,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/f0438febff768476c4bd646204034239a5fc20d9.svg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /f0438febff768476c4bd646204034239a5fc20d9.svg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69b6bac7-286\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TXjEIX0YKFo2Z2u2zNgB1S6nUNvJEeJFDFVhexqhgYzYmPo%2FEl0ikPY9udx6oG00BCoKmD0rLK7Vc%2FtjJ3FRWrHfa4a28MhXvnGGRdKkn89%2B5UMHwQ%3D%3D\"}]}\r\ncf-ray: 9de5649adb52aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":646,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bcb0acca5ca36852531960b5d63a86be","sha1":"f0438febff768476c4bd646204034239a5fc20d9","sha256":"3bd151eb77e3cc456935eb7decbc0984759fb4d00598088fef0e3632968140ff","sha512":"757a3b9e03791be66c6a21e54115ab9a1d29f41eb23809f8512ba13d899960b3eb91bbf4b2a4779329469199f4f0b5e3571aaa24bae2b1cbc3d03da540533d9a","ssdeep":"","tlshash":"7cf07bd366684368cd06c0cfb30fa810564770c9e25a5e9b924c0b2b958fbcf34425d8","first_seen":"2023-11-14T00:56:20Z","last_seen":"2026-06-13T01:16:35.309821Z","times_seen":359,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/main.js","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/index_1.html","date":"2026-03-18T15:50:26.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:27 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: W/\"69b6bac7-1ef2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B4CWQ3OHK%2BRsz8quy1zZ6rJ5wv9QLrd%2B%2BnLDY2Pbq2tHWGk%2FNJJa6WXyCuWeOcxOY3MgBQ500uOz4qICabX8rVzMK9q%2F4x3lccQ61AeaizkaehPYwA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de564a24d05aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7922,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7922), with no line terminators","md5":"1f216e5143a1d3a59abf6d0141053981","sha1":"260102aa3f4f88cd051e9d5ea84ffde2538fcc44","sha256":"2df1d83244ca5ef0c0e749d6854927d7317de9b4735ea08d2ba06e1c836dfdaf","sha512":"a8f43481669d4b6fc0deafca36801a539dca1f992f2d75a93f2cb59e6743051c8d9bc30283dce8039a6a4cd2e69a43b538e7c08ea898fe21ae75259e596d5ef8","ssdeep":"192:UjT5pwq3bv9M6b8/888vdB3uacRu7boDVvQPkfNVb:UjT5pT3bv9M6b8iFB7Mhv2cNVb","tlshash":"c4f1e8da7f82b54202726db7108f6ce3a09d9f6259204c5be160c4d8bb37344e0eeed6","first_seen":"2025-09-06T12:15:29.241549Z","last_seen":"2026-05-01T15:06:22.861257Z","times_seen":201,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz//secureproxy?s=%2Fjmpd%2F","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:29.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www-groks-rewards.xyz/\r\ncontent-type: application/json\r\nContent-Length: 2207\r\nOrigin: https://www-groks-rewards.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2207,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"6czAAiLUvK9dP1wGJA7JPA3MY3TcfWnQfHu1TM6LCXBxfSsNraFMMxjXLFtPL2paQMMZB5wyiuy8Qisr3GNGRaHE3EMAPrjn8YeeyHPePrmLSgDkaPj4QR1FV4M9DrZugPRk9CULAL8r4tENNhnndGfQtcWSFJHdDFoijwNzhi2xu6MjUwrDAyEngcqPnCTBKKAZzWRDupqp6yXnZbD4RxdQq3jUf1aUo1C3AfruWCt7nBfLiAE9gmMuQReKykeywFf5bxJ2H81u1w2MsCDRBpcd97fbZPC6j2rs1xbEJWN5pwpDzFe3v5JxgdKtzJoY4uPhworWWmLKR2Dj1uutL4JpEA98cZygJMFMnW3ACWFNBh8xaAa7i8JVJchQRBUpEi8wR2Bfc5nJKAXMNgZeWcph9ByV4oNoTkqt7TKrzrJT6MxSqr7bMS3MyohHqsKBYLZq65S5DK2NoDP5QsmnRH692ftTXxr1C57So5kE16d1dwbPYL6DspHBXdVH7EoevF2gw96gTCmF5B2ChH5nfi6TPE6QSq3X8zct5rbCDtDK2PSLPyDNRcLhXdfhngnzsGSDo7iYczhFst3UzwdvgYy58ASZAtC1DiFDU3UhCocWDzfHqo6YsYUze7B99niLCmMh9m8xzTx1qh8MVComRfqEhb6araPP7Ppp1Q9uNZn3YBEegy57JSzXuHce7j6mxQsJP738sBuFNcxsxfb5xTJHbKHTV5TfWtoXAJVvfjhZPovzWMMvbrPqXTcdmfihaAEXQVmvvKd6wSaYpHNrp8zoyiFvtLJmNCoA97kYmndSS8P3UFe6xQew87gS2pQus1JKvuPHineF6RSXMUkSsjSEnvTGdvTMroEuAryFeZLoFiQDw8DPobbRXksgAqUa6SizqipcdUhopZnWTC7BtvmJrV4BVvG17XeFAqNPHsAr29WHaFnd83KmV7afHEkUcWZUNDtcSksmSy8upNKHYzhJpXT8eSJWVEnGpn3U5GGmxokXKuF1yc2o7RuRMmcti9oJmLPvMjAEmgRF6gZKGimnKBc4wimw6z4xWEwwS8K7MYdsoan1n9TGuUtx5HT8LYurJi8qw8Fd3EDDaEXF1Eu7Jv29gDcPrJiAVRdLphfHicLvNt12K8ydCbgtBAU2Y5EGguZM4AhrQw8AzYTN9XMS77HGg3zERcCcjJiJQYKsmZMfpdruYah5MBQdJUmfHMfcVderFFE8XG2reYBWKTA32R4xqritVAC5zsfhZ1VWMCTkvt8pSs9RUJmZ5K4znE6CJeHaMLQLKXJAbvAg2pxxz1E5S64REjkSD2xKSudXbxucbEJWX6s6G7ALyVBzHeJXoqP1SgD2F3LRR8sM7jeLQzE8sZMdAUH9u3xrRrCtCKbH1J6XrKJ1Q4DqFP5LMpAYfjQjtYR3GuS53mSAy24sHeSkoMhq6X8GGuRydQ3vqJ7AoqDR6YFJ1QHkB87AJdN8niecqsbp5bPSEdGx46SfRSZT6qYJJYzpLm8m6JS1qu7NustoUr6dnEjUftvaHQkCBWUa1rTaNoTzvpmnPJKnLUWVYUJqedvUMNrqqX6e1gMaUGJmXY72QhdaUdXdpS3uz6hjeMvtZ41ufYkoEzyhikqsRD5oozTcnihPi5LUdMXDrWJPHcDDreKPK6r7oetX5cS6WZdGiX9mSKXCvip1cAFDbDvmkJ8DEWLQ9WsAJBSZALYwEFffCyduMmwgyCM5RDPLdhytKuRzLAkAFGNvBcCFvyZtvv4aMLDDmXLKtzw9ia6ABHFhWzgbrp2jwXL2krMNnShWHWanwFKuyyY9MnKJtkm8JFvK8x6mg75zBpAdp6rKuQYZX5Nd2PQ2SfAMwnY9nRhJHBQswMSEL7ZsM1nRyc8oNjZCmQqzbaLvhZKe5tizebyZbC7TaiM8LuNWcXhKMN8exmZF5cwUPqKeSgUQHw3GcpMG769uXs87eoqoaoBp5TPGsrmhq3q1DBPK7xDqMX2NsxdfeZ4g5rHvdVmvD4r59hucA5hDTwuSJXrSCue23ogHHBXAqEnT45frmPuR5JU9KFCm8zKgegHNPwr54QGyyj3HWqDCNmzPcjbdJDg7RAz3P8SaDJgcgsKwfE53R1SRQTCsoqyKboctgp551jyykRW7gc\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:29 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"cb-YSrjoUMCo7nf3yiGDd0ehTLfs7o\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9996\r\nx-ratelimit-reset: 1773849089583\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/18/2026 15:50:29\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 528630cc0ce1ce6fc06ce6706adc8a62\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0DjqwKyZztP84wfy718z7Bzx7d7oiLF4p%2FwuUhOZ9NSI8jSDWLr%2BsqASvAwae2BvFhjxuyLR30fvMGt3UX01930RJdgJV2fO7fhhaBGQXvxTgQdV9Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9de564b198e1aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":203,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"baa44567ca19af7425daf0ace68a0b79","sha1":"612ae3a14302a3b9dfdf28860ddd1e8532dfb3ba","sha256":"1fb291ef1bc31f79faf711ffa613d0d44304312a7deb2777311394d2cd8db138","sha512":"181087d146ca012a214685dbff72ad5186701ea500de7a0b9f6396eb38046db98003fda4a7b983ecce7cd695296fce5641d50779061f95d2a287f572ee36fac0","ssdeep":"","tlshash":"e7d022adc20a5f5d52008ba4b460d12a86826bde72f8f00234fa93054183f68182380b","first_seen":"2026-03-18T15:50:51.201888Z","last_seen":"2026-03-18T15:50:51.201888Z","times_seen":1,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":531,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T15:50:25.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BM%2BIvhiUQIcZQn1QvbWaWDUAg%2BuyLifGQvXoD9GxyKRjR7%2BqXPNj1NhtAGE%2BlFf0hRUR3AOsmeRlYygOfI5eOaeIdufLGm89ibe0WXhRJeHfGWFTMg%3D%3D\"}]}\r\nage: 263527\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9de56498ac9fe07c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":169016,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (26105)","md5":"aec58b346944691c51e244bdffb40b62","sha1":"1008397c126800c134f9358e6fdece034a257436","sha256":"07f11b294ea9efef3295094f63e7f2195e0ad13775bd3ebe2212011231c53ab3","sha512":"815f5c8a2bae7154b648044fa20ff18092dd6fe48df3882d642511915fe73d342a67a488e94835b63aee827e7566e6545cbe3a88cbf224d397114e2bf53f4442","ssdeep":"1536:nYmd2naB97jBRvb7zj9VchyxvxE4Z8hMcR239kPJdM9Nt3ZrPLaseUOdzuDO2:bqaf/Pd/eMT39kBMt35PLOg","tlshash":"9ef3c6155c1ca72f3333086febc2a43d6a8160ceea2295cf75deb0d8cb8756a5671d90","first_seen":"2026-02-08T14:16:45.794245Z","last_seen":"2026-03-18T15:57:30.943563Z","times_seen":4,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":111,"dns":85,"connect":8,"send":0,"wait":127,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/e56b52e48bc2824b9833e6b5e5470e1c6e04451f.svg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:25.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /e56b52e48bc2824b9833e6b5e5470e1c6e04451f.svg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:25 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69b6bac7-3dc51\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4cs%2Fl07TQK4yF5yHqQXL9j7S642O9ptjLbGq8pUdyoOWYEBgTk%2Fdv3DREXf01XKUYqmwsGJS73oE1tMSomZIE8dLEXPh%2FYLTX2li12b3N3fwU35rzw%3D%3D\"}]}\r\ncf-ray: 9de5649adb54aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":253009,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6af765d49f03a1d726a49e72ab2df3e1","sha1":"e56b52e48bc2824b9833e6b5e5470e1c6e04451f","sha256":"5785e2a1df6aee7333aed78b1c3163b915a6c88a26f9cdd42329c5082df4e79c","sha512":"b39a46f586125452b17d1289c554e73f746f5762b0e65fdc1a94420142da058d424a427246452088782f7dbcd5f8cb876f4606d9c741cbba0694b4db722365af","ssdeep":"768:pf+qNBs8IWBD9WW1m/ztiNEtoTdacD7WGZAdfFuulqGW3R4HjWmoN7CI1g8xOME5:u8IWBD9WGm/ztiNS","tlshash":"e1346c38c068f4d85229563da3a4dedb2403a75b6728ea4d4748a127fe0bc705a3d77f","first_seen":"2025-08-07T19:45:13.876916Z","last_seen":"2026-05-01T15:06:22.8605Z","times_seen":213,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/119246100adcd76322fde730b9f8859e.txt","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:26.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /119246100adcd76322fde730b9f8859e.txt HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:26 GMT\r\ncontent-type: text/plain\r\ncontent-length: 0\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: \"69b6bac7-0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N6VTmwr%2BmxJH8K87WQGT7FxsoCt%2F9YT1E46yB%2B274TkhyQi5dySzJZlOHDa%2B7pltuwA8AvEC%2B3fpKq9R7XYgkAj0yU3q69QgBT8V36IMdjJURholQw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9de564a05c9caa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T18:33:32.683565Z","times_seen":16393053,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/logo.jpg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:26.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:26 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20770\r\ncast-mode: default\r\nlast-modified: Sun, 15 Mar 2026 13:57:27 GMT\r\netag: \"69b6bac7-5122\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Z9bKaePWueCA3YhppRHo36jSVRLrGqezrXXl9D2hPoMemJw9sIxwNn4An3LdWjeBgHM7kyqG8QDl8cl1wpwCzm7EL%2B1EWWjfI9f6fwcYR5ropQlvw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9de564a0aca9aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20770,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"5b839221bfae23473e14c4ff76ad959a","sha1":"c3b4c6026e5b9fceae9ba03e51fe1d09e89f9b19","sha256":"0479cc414b354a7d6fc2da4ac9472fdcc7aa9046c0842f47fb51a942324434ad","sha512":"9bfe9b5790a78eeb4ff2b7c8b26d33dc5d10514c62624ebdd9bf669e64b7c54ea0d32b69f8c23519ea08772b2dcf7c24bdfde8601b6e3ad8340c69ac6744bbe2","ssdeep":"384:CkJC/bUL9jpAhkFKMtWJmeupUFaq52ueI1sw13o5CWodk6FAHhifHStFEA1eZ8xk:fRLFuhsKMt4yUFaqsNI1D+5NMFAhifys","tlshash":"1992e107cb99d262de5fe0b3c818b32581930e67c12d4b9a2e2d5c32ddd4087a77f586","first_seen":"2026-02-08T14:16:45.801763Z","last_seen":"2026-03-18T15:57:30.941103Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-groks-rewards.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29564150%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg","fqdn":"www-groks-rewards.xyz","domain":"www-groks-rewards.xyz","tld":"xyz"},"ip":{"addr":"104.21.17.59","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-groks-rewards.xyz/","date":"2026-03-18T15:50:27.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-groks-rewards.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:37:59 GMT","end":"Sat, 13 Jun 2026 13:37:58 GMT"},"fingerprint":{"sha1":"D3:E7:AF:65:B4:AE:DE:15:26:DA:CA:91:46:36:15:85:FB:29:2F:82","sha256":"7A:D7:37:6E:76:F7:9F:E8:DA:02:C2:D0:32:A2:61:18:14:37:DD:D1:18:A1:F5:5E:5B:FE:28:11:E1:18:11:6A"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29564150%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg HTTP/1.1\r\nHost: www-groks-rewards.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-groks-rewards.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 15:50:28 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: max-age=2592000, must-revalidate\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=deeplab.desktop.umd.js\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/18/2026 15:50:28\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 1b36cdc9974fdff2981eb50233cbe94e\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=58%2B%2FpqgKE3eAcCwuOCLPL94WXW12rlQaUaApraVBZAWs1r10Y8J57WJ%2FYZb3w71%2BmrcEVqEhI5OQUx9imwR18idJ6lt2lY%2FpEB9350Nvn2KDvMGANw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9de564a39d55aa08-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-13T15:05:21.535419Z","times_seen":2568,"resource_available":true,"data":null}},"time_used":1141,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1042,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"www-groks-rewards.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}