{"report_id":"dd6ace35-9ebf-48c9-86f7-b575de5c94a5","version":6,"status":"done","tags":[],"date":"2025-09-30T17:15:02Z","url":{"schema":"http","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"104.21.60.100","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"title":"GROK70K Official Website Presale Get Up to 200% Bonus!"},"submit":{"url":{"schema":"http","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"104.21.60.100","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-04T17:15:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"grok70k.xyz","ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-27","domain_rank":0,"first_seen":"2025-09-30T17:15:02.185605Z","last_seen":"2025-09-30T17:15:02.185605Z","alert_count":22,"request_count":11,"received_data":238424,"sent_data":4726,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-28T22:11:46.369912Z","alert_count":0,"request_count":2,"received_data":98734,"sent_data":1102,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-09-28T22:13:25.036628Z","alert_count":0,"request_count":1,"received_data":24172,"sent_data":440,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-28T22:11:39.889585Z","alert_count":0,"request_count":1,"received_data":5740,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6918d960f928347f538286edbee80a91","sha1":"a28324894d4d58d98129ddcb4c14435f5c629257","sha256":"112fa07f0eed14a6d2de10109404b320de48e3378d8bb5d6a00376891731baac","sha512":"c1b88912da321a0e2ef370f9b79c7f3e7fdd1323a12a108476669cccbb29ae8f149135ec5a5f2cf5cd441240fe8b494b6256d2cede89a78fe94e432d3408285c","ssdeep":"","tlshash":"c1116d1a5ef17a33006731261ebbd205143251c75a687d78beacc1189f19b8ee5e8f98","size":1024,"data":"","first_seen":"2025-09-30T17:15:07.082301Z","last_seen":"2026-04-06T19:20:46.150673Z","times_seen":283,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","size":23016,"data":"","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-10T06:22:04.2041Z","times_seen":634,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-11T12:54:42.952939Z","times_seen":129517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"grok70k.xyz/1.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /1.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"3b8f8440b2d99a8f235833e594085e21-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSWZZNXK10J42GGCWQD01A\r\ncontent-length: 3444\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=idiOTMc%2BtVl2vMXmptDRZIcs2k9iNhq9ilCluR%2FydpmptiXgITjqewUYdPn9XudJmlj4HskuCdEOylSOgYFLRT17%2B04r3pr2uYdF\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e3d1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c4229ccfa2f7bd9aedbd7564a62271b3","sha1":"bc5ef0055ef56e8eb04c0b8ac041a61a94f6234b","sha256":"cde1dc1e302419749339a4070dd32b5f7009da9eef2810fe7f91887186893d0c","sha512":"08c14e435f89caf9cfe06d4a150f24e3f6a354c86e916415de3d75b29d19e246f34c7a1ed0e7d1f7db58213621b52e24101e11975c6fad7d55f3acaed580a75a","ssdeep":"","tlshash":"dd618e793682d8f9f4502be371e9b258c168b9a2ed654160e4c6d850bc8a76493ab940","first_seen":"2025-09-30T17:15:07.050786Z","last_seen":"2026-04-06T19:20:46.144703Z","times_seen":335,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/5.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /5.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"836f69b91995c0a2a7b3937b8b02ef28-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSWZZNDV08Z8TK2WDJAM1F\r\ncontent-length: 2984\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BU5WiYzXsC1ibRQRkRE%2FjLk6KDmDaL9m1zknN76ZZXAvxYBt0ahRJePeYtIXzCli2g6ktIRknaZuhTADABWE9WxnUShunMxD%2Bq4T\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e411525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":2984,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2d1617bdc152c6bbfe3cc95409655a35","sha1":"7c222b20182227583dd82c0bc31e3fbb5eeb4ddb","sha256":"d54d30af672b70a35c3ee6a34f0407abec8adc3dae40836109f2a309b2bfe594","sha512":"ac01a6d5576725ebc39e5ad40be604e168d91b8795f0cd03585b080ff88005599feb73804bae2bddaa406350f8180767f1824808ddd64e8a83267595d6fbd260","ssdeep":"","tlshash":"59512df9db30d56d478fe91ea83567b868df2843c05c95058da5d1ebd54c320d193b60","first_seen":"2025-09-30T17:15:07.055952Z","last_seen":"2026-04-06T19:20:46.147608Z","times_seen":346,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:40.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://grok70k.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Sep 2025 17:22:06 GMT\r\nexpires: Thu, 24 Sep 2026 17:22:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 517954\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-11T12:56:46.500903Z","times_seen":140140,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":108,"dns":0,"connect":17,"send":0,"wait":15,"receive":8,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:40.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://grok70k.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Sep 2025 17:22:06 GMT\r\nexpires: Thu, 24 Sep 2026 17:22:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 517954\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-11T12:56:46.500903Z","times_seen":140140,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":80,"dns":0,"connect":16,"send":0,"wait":16,"receive":21,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/particles.js@2.0.0/particles.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 17:14:39 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6168\r\ncf-ray: 98755b9fc88cb4fd-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2.0.0\r\nx-jsd-version-type: version\r\netag: W/\"59e8-UZOhrgIV5VxI3l3rU0rLB4Gjv70\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230027-FRA, cache-bma-essb1270053-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1827728\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ASpRgZh1TU0C5pX4TFSkV2xQ62pjdKwNsX2saxQX%2FT5C0MeuobXjke9VeuOx5Zqd1NuUFcZK%2FtrRTUW2L9Jwd8V%2F%2Bc1Rw9ngfGQecDJZpARyRm3jrs2vE4hvVh3Wp%2FhqKbU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23016,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22686)","md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-10T06:22:04.2041Z","times_seen":634,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":39,"dns":0,"connect":2,"send":0,"wait":19,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/8.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /8.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"39d14f0cebaa8cd15b4f9865d8a2f1df-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSWZZPD0RWA7AQQV9E9NJ9\r\ncontent-length: 57032\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EP8sxbKUDMLn57ZfMhKUv7dlVn76fIcUZ7k4vQaDA3B8tLQpo70kZTrpjPeVMyuxvDaEzdIShGMoVkb9R26JCYlKlmqcq4OZsUii\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e3b1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"45a0973fd473f6545bf1268fe29f4dfc","sha1":"efe037eb2e30a3e350a8bad79f9d652928b10967","sha256":"9683ca52210bb0f7c37d8dd34495197d45c00579266a940489076754b375264d","sha512":"8b8f095fc485658dfe07a5c4124286d0537866434ec29e9842c1539799af1d1bd8173a6d554bdf5f045df9ec81e56bcc689974aef658d0865452284af4a355b3","ssdeep":"1536:GlzO4/HjqUYXe1SMUDc1nDHnZNBhlE5Xw4ff1v6ViMWO:azJHjqvAtecFnnf65gxi1O","tlshash":"934302b493f8bd725a0b4cad69fa4526008adc20629f3e75923b39d6086335f0157e3b","first_seen":"2025-09-30T17:15:07.063954Z","last_seen":"2026-04-06T19:20:46.119503Z","times_seen":335,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/4.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /4.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"23613bc934f0cbf322a3268e8d615dea-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSX03M55QF9211Z5GWGJX5\r\ncontent-length: 2640\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ut2Cg4tjPMyvOWBilAbZiPPcWp%2F3MsBFHHFq40J%2FWLKRz%2BU0wy5MlIvx4k3te4NF1fD1f8MVmO%2FksYLmw5wyg0I5Eg3xuFcwpT8p\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e401525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"068cfaccde163ad6416ccbd3e64cf73a","sha1":"c3ef4658642c3f268fa6567351324dc5ae202755","sha256":"b1ccadcb9c57c9a2990d487b6ad8eb7323993348d6020a28793643f56c5b9f95","sha512":"dc6f2deacc9405d5b31cac5efde90853ca958a3bbbb7da4586bb932db7fe9846b5c20502a282f2cf1535a3ab19acefcc9d89d9fc74fa3d3bbf3772937868dfdd","ssdeep":"","tlshash":"8d515c4372632a042710b1ae7a0f0a80b916e363a3d0d0f4de94af3527562cfdc720cd","first_seen":"2025-09-30T17:15:07.069315Z","last_seen":"2026-04-06T19:20:46.122491Z","times_seen":335,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/6.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /6.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"27770ce7e5c04f27370150f7bb294a30-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSX03965QWV5GXW4A3GWK9\r\ncontent-length: 9428\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YJiLjvhKhJ3h4tSEVt4UqPmk03f12Y0FEyG8XlSzrpwLfX%2Bw32x2mUqinGA4khEzUihYEHb3rHODFpIHbvl6sDG8aflK56gpHdVt\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e421525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":9428,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d19d5b8b0d337eecb20c486d19023741","sha1":"8d4c401716031406eeb2f541f1df07ce0df0cf0a","sha256":"aa28c4ce43bbd971e3febb155bd3d1fbb09ee0863bda48cd192a4c28877e0359","sha512":"0193b4b9a48db64b8a8f9bf67a6d1b15cbb804fed9561ed8020b373794f479cdbc426f3ed0fdff881ac1df39bf9009e2e7c76b5bc5ff030603bdd1e47470815c","ssdeep":"192:t5CyRlviNpkm3jaxZws9jj1WstykSOZIY4qRmwzO6HFq5Ch86hzQdRL667Fy4J:t5CYvi3kFxZfjjsoykSOSYfMluFqw8+0","tlshash":"a312ae980e3aee7b74108bb4ee29325ef63a1360f3fc9b597a4295901359d0727c9c49","first_seen":"2025-09-30T17:15:07.071237Z","last_seen":"2026-04-06T19:20:46.125045Z","times_seen":340,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/favicon.ico","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:40.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"ac4b4f9d4c72ac1313696f5f6809a3fb-ssl-df\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K6DSX0J3S5M0CWAFDVGTQRJQ\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A5DGlHBSjlFEQBtkxk1B%2BF1vFxa3fpCux5ogpkE5bo6u08QrMMJwFyzssmceUj5oK6Jp5sHWMPvUuKSiSvKW0Abn%2Fw1SN1N23EWa\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98755ba28e8e1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":54684,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a314da9f659a273c951c5a8b0ab4a46a","sha1":"efdf35fe9a86ade33e237b0df23ff6ff14b7cf7a","sha256":"951ed286ca1946f9c99768ef1736f052f93966d115889afa491ce309caf35f55","sha512":"e649b71989aa0df5b242946c0c385cb557ce4347a80577d55f93c6822a194d020353a900a6ba816858714828051e4f37972b0c0372762379250da2447dc69d65","ssdeep":"1536:Ulxox5vAnVJ09eeoZ2sYuJBTE/lPbxRPJxAgvcDCZuNs:Ulxox5v8eeJXBQ/lPbvxxjv2CZui","tlshash":"3633022c99d188ef73fb38995017eaa745a1688466dbef8cd7e305f07e72624035e843","first_seen":"2025-09-30T17:15:07.073613Z","last_seen":"2026-04-11T13:37:11.591165Z","times_seen":333,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":301,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T17:14:39.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 17:14:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RW2sTb%2B%2ByLnx1dWBLbm3%2Fdx9iCdWlE5I4VMCUumn8%2FYFRPkLMwF50lQSSdljG8gwEf%2B922UuTMiz2yqCqthJLJ9HfALJUPIK%2Bjhp\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01K6DSWZQYHYT9YYHFFCM5P2C0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98755b9d4cee5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13050,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"0318b06d09d95dcfd20dc59c0a4d741a","sha1":"75b50c7bd7fedbc921d8f0c03802e99c83e93978","sha256":"c9530404c9ca4bdb572416ca509924588f0325d6ee00a0ae91be8ce2345a2a77","sha512":"d962b54227de56ab666017608644b7325c404c4eac48872ad6235243f39ef6565021db30cd6228e0d5f3657e931a022045a86f0ae67785f597fabe5274794010","ssdeep":"192:6i2/1rzW81X/9C1yVsJesJZckctJeNhGUoWSbpjZKE7UHJ2wxhlZ1e:6i2/VzWsCwOJ3JWj0NrDQ","tlshash":"35425223d9845c13223643a4aef37349f765428f9a154c62bafc614e4ff7aa09853f5c","first_seen":"2025-09-30T17:15:07.075258Z","last_seen":"2025-10-04T17:56:36.402863Z","times_seen":2,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":17,"dns":0,"connect":2,"send":0,"wait":307,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/2.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /2.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"1dc2e1ed06e3c99b449e67a2c90602a7-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSX03PVF1504V1SXY87JQA\r\ncontent-length: 11646\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LIqHrKZ8xaq0MinC7eowBq9zXtm2ZCs%2F2qr9h92azwmMIpzWZDAoRhadX7U8qUjB6JjtzKUJzDQuEYkrb9SvhoJg0xVxZ0k69XkF\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e3e1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c77454b0b212e4078cac85b3f1616f1","sha1":"924455b3b0dca72d5888cb0b7da65ab5a5352a99","sha256":"4839cefb1ead1139d03382d2cd43dfc0b43625eb99d81f3adbf63d37680a6d14","sha512":"d52cf67b6a3b68c70f2c1d8ee423b8c145f12347411e74677bd07c512397b18920cd7a1e12e1b3bf028a35d98426f92678f197300b2434ccbcc285b1e6ec87f1","ssdeep":"192:MtuEcsbpDqD5WwFZW8jON8Jp+VC9xaDUAJzkPUaAvHa22W+1rSBT6RFBCHNl:wujstqJFQUONIpwC9xCUAK3Ca2n+3BCf","tlshash":"5d329fcba38f79b085640231316f8513b56a7484f1f8d99758cf177b3ca5a39c8e14b2","first_seen":"2025-09-30T17:15:07.076567Z","last_seen":"2026-04-06T19:20:46.136063Z","times_seen":346,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":327,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/11.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /11.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 3763\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"60ccbc2ca61709623b6242afebfb6731-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSX035M639VKTNEH3VZR90\r\ncontent-length: 16580\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FJH5Xiv11HKm2RcVNKHgk6KbU7HQYHAi9SP5SGuWN6uMpd1WCRnjhVZK3E%2FW4gkJamU4MSO0ZBanOT5l7viEiVIXhyCsrNJ8gBtm\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e3c1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"219accc7f77ce773b0a35c85aa007167","sha1":"2c24508f752f992c2bab45ee58ff1259a341552f","sha256":"13dfe760e11e584feca95e882c723ef5af5789f90910a57c1595cd26c6f96a56","sha512":"d2b71f61314026636194ca89dddff558870c50658f136fce1c32332f5b112d6d376e6c744ad572c172cbec63817723a75f880f497a02a6caf149d2439f59151a","ssdeep":"384:ov4fsUAqn2wMMKYYCrB4kfnhc5u0nbgdzM5B9ZB/L4LAc:64fsUAqyMKYYC17nh0u0bgdMn7RcN","tlshash":"fe72e1fda47173308c87823939c68c1d14b19acf9caa27565cdf27f1b19e27c6a74452","first_seen":"2025-09-30T17:15:07.077773Z","last_seen":"2026-04-06T19:20:46.130334Z","times_seen":326,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/7.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /7.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"21445621a7fdf084537f55b16c7056fa-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSX039832NWK97Q44DR73J\r\ncontent-length: 7266\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=03D9igBWzAekKHaqpk1LhZFs87FWuv5pWnybnmrX3kMd16R1sVOaDL1gz229bT09XSFXFF3qIlZljh1uAqETUeiJ8ZRq16r88Z6G\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e431525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7266,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b193335cb4bb7c6c0b15cca932c55f2","sha1":"bc0124752cebe2e87a26cb9bad3872084dffa98d","sha256":"de5cd14e02a35aefca76af5dbc1205b8f8df7c0b0892baca18102dc16880e6a0","sha512":"c127957415e21fa8f705d0504a9d574d12428e722316ffaf0533bc2e290ff5314fe9986c0ad79575bd7efd44e78ca680948b43a3e98482b3ce0212460d436bd6","ssdeep":"192:X4cQiL7swHNgx+TBYHQXFE59PfxXMSYqTk:XD4wtK+Tqou9Hx8SYqTk","tlshash":"cee1ae5b97c72e60974dbceffeca33536470143d0d11a3938a2b12db107668a1b91ac0","first_seen":"2025-09-30T17:15:07.079612Z","last_seen":"2026-04-06T19:20:46.140487Z","times_seen":346,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 30 Sep 2025 17:14:40 GMT\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5054,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"43e6cb63df7a11f872c857e328961e21","sha1":"a4bfa6231dc6e8c8d84296736c60b763c14a4133","sha256":"209f55c7b05c3c78d7bceaa91c937923e79159198173138460e45aaac2fa9db5","sha512":"1b90cfec5e53b8740152240fa6c3b9b367aa9d751dfb3a69387d4e2aea6b140214af96a2ec0372fb9ea992f73a380b51328b080ed44a9ebe74fe2fc7fd522bfe","ssdeep":"96:aOEaNqOEaXFZHOEamOEaO3vOEaBOEaBJc+uTOEaNcNDOpaNqOpaXFZHOpamOpaOI:9NNIxO34OxDONEhYO3RrxGx","tlshash":"afa18992002ba400ab971dc233cf7f3aaece10896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T21:34:59.082547Z","last_seen":"2026-04-11T12:18:13.931304Z","times_seen":1390,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":101,"dns":0,"connect":16,"send":0,"wait":32,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grok70k.xyz/3.webp","fqdn":"grok70k.xyz","domain":"grok70k.xyz","tld":"xyz"},"ip":{"addr":"172.67.195.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grok70k.xyz/","date":"2025-09-30T17:14:39.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grok70k.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Sep 2025 15:10:22 GMT","end":"Fri, 26 Dec 2025 16:08:56 GMT"},"fingerprint":{"sha1":"8C:1F:7D:FD:E2:53:11:C0:6E:B6:E1:B4:F2:DD:7D:7B:0C:6E:96:D0","sha256":"7E:09:78:C7:65:D6:47:BE:42:54:A4:92:FB:A1:E6:4F:48:16:1B:EE:BF:79:F5:F8:8E:4F:36:85:C4:F0:6E:BC"}}},"request":{"raw":"GET /3.webp HTTP/1.1\r\nHost: grok70k.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grok70k.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: public, max-age=14400, must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Tue, 30 Sep 2025 17:14:40 GMT\r\netag: \"9c98b7ceb602cbc11958f9753b83b387-ssl\"\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01K6DSWZZQQR22H3EGDNKPDJAG\r\ncontent-length: 51152\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2dkm0oe1pxWps5xVML0%2FYqeFsRtDhUYz6LAqvqvCMBCNBpCjiiTEH1sdB5nwpk7T34XRz1zzCh7LuuF1tq0h3cvbLAZO8m3zJJTN\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98755b9f7e3f1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ed66d899203784adfe6c2c8dd1939343","sha1":"14b8169d424fcb4290f155981ff1d69ce094dce0","sha256":"fabd28e5a26acf947fbf7af38df17c5bb62f93d252903e86fdf47c6db9f9d9ef","sha512":"929c0f67bc57aa84f41a1d80e6271d6b7bc1e297aa0067dfa736eee56e641a58e15b7a4ba8b0048998147cfb9c38742f8ef232262d8bced3161564e92f6a8c4c","ssdeep":"768:DnDRMPhTcJDJGGS7dih7CpEILJcpxUWuaAE7Knw0eZOG3CuX0haabAnKnY:LDRMPhTsDJodjiBuaA9et7XIRJY","tlshash":"9933d06c75a8a5ecbdec22af1116d74ec802914f13f84d6eda48a60316c79aedb3f441","first_seen":"2025-09-30T17:15:07.08107Z","last_seen":"2026-04-06T19:20:46.13845Z","times_seen":346,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"grok70k.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}