{"report_id":"ea6dfce1-5522-4d10-92db-da71f8f20085","version":6,"status":"done","tags":[],"date":"2026-02-14T03:25:36Z","url":{"schema":"https","addr":"gro15k.icu/","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"172.67.180.136","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gro15k.icu/","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"title":"GRO15K Official Pre-Sale — Get Up to 200% Bonus!","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gro15k.icu/","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"172.67.180.136","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T03:25:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-14T03:25:14Z","timestamp":1771039514,"ip_dst":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40726,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-02-14T03:25:14.668557+0000\",\"flow_id\":278077306967091,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.10\",\"src_port\":40726,\"dest_ip\":\"104.21.75.188\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"gro15k.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":912,\"bytes_toclient\":1654,\"start\":\"2026-02-14T03:25:14.660531+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-08T22:32:21.331091Z","alert_count":0,"request_count":1,"received_data":24132,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"gro15k.icu","ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-27","domain_rank":0,"first_seen":"2026-02-12T22:28:47.985605Z","last_seen":"2026-02-12T22:28:47.985605Z","alert_count":12,"request_count":12,"received_data":237732,"sent_data":5157,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gro15k.icu/","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6918d960f928347f538286edbee80a91","sha1":"a28324894d4d58d98129ddcb4c14435f5c629257","sha256":"112fa07f0eed14a6d2de10109404b320de48e3378d8bb5d6a00376891731baac","sha512":"c1b88912da321a0e2ef370f9b79c7f3e7fdd1323a12a108476669cccbb29ae8f149135ec5a5f2cf5cd441240fe8b494b6256d2cede89a78fe94e432d3408285c","ssdeep":"","tlshash":"c1116d1a5ef17a33006731261ebbd205143251c75a687d78beacc1189f19b8ee5e8f98","size":1024,"data":"","first_seen":"2025-09-30T17:15:07.082301Z","last_seen":"2026-06-03T12:36:21.616005Z","times_seen":290,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","size":23016,"data":"","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-06-06T12:52:19.867069Z","times_seen":1017,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gro15k.icu/","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T03:25:14.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:14 GMT\r\ncontent-type: text/html\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FqmPSv0IehJzoGrXH4Esq51QO45CTydeMVyL%2B7b%2BBGODbRX6%2B%2Fz1iG4HmOVEPB3m9dkrg07Sl0rk7Z2KFUREp%2BNxY280IFXz2Rw%3D\"}]}\r\netag: W/\"269f30251c78f378546b787b6009f851\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cd97506baf5120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12846,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"91ad49eef1b94b69aa06bd908f7a4648","sha1":"3255b2b18889ad44c21779229850f733ef707d0f","sha256":"90cdc7d3968db1477f75f5ecc5dda501a606998778ba59e6a66da40cff3bbb05","sha512":"0d9cb0afc9fd9ad0c0beb6a1025328c33096854662845eb8ac52ef6f48c557f280681ace4e002daafe386f1dd9db3680ca8b79007b6e2355fe7617d5946583ba","ssdeep":"192:gVyVTXE2152cancawlFcNJQzhGUo2ypjZKE7UHJ2wxGlZ1e:S4Fde8F4DQ","tlshash":"ce421f27d9806c2322325350bef2a789f796421b9a150c67bafd714f4ff2aa49453f4c","first_seen":"2026-02-12T22:28:50.821803Z","last_seen":"2026-02-14T03:25:36.960935Z","times_seen":2,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":75,"dns":61,"connect":1,"send":0,"wait":141,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/css2?family=Inter:wght@400;700\u0026display=swap","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 409\r\ncontent-type: application/octet-stream\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"42c4e8049bec98bb7718b050faecfadc\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pHdOuGuFanHJ%2BDA%2FI%2BgPOZvxgNP3%2BDbN6F7p0kPPBbDxtbpJP33lBf9PBdBY9YOvGc06GEiXAqW4aQ0uuYpghI4RXBl2IOXXJug%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9cd97508bd7f76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":409,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text","md5":"60b4e28606439c00e6d0e7364b2b091a","sha1":"23b47d11e7d32c39aea5b286e25a794a1f38b5be","sha256":"bd6b86f3bb8f3b4b9bd1cd2400be3689ce338224003060d3d02dba51a50f65b8","sha512":"cf068877c3058d3a4202777e5c763a814fc6cb0e7b6fefbb97a16ef61413563bafbca74071081ea342f9a3a9fed09c7b03920ff0e6401f7fdd46ad02098f56c1","ssdeep":"","tlshash":"46e02240002f1611c91a1e6d33cf3f2d2ecc29881042c1ac4b350c959dea06a8345fde","first_seen":"2026-02-12T22:26:06.450132Z","last_seen":"2026-06-03T12:36:21.534281Z","times_seen":66,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/8.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /8.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 57032\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"9683ca52210bb0f7c37d8dd34495197d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lKeYkuvYm9Wu6%2BjUBBebZddospAH6yLjuS6y%2BT4acikMOjKwWtW%2FRhjlwEWyMpS7XoM%2FQCgA8PXakZ7eAhLlB6clTo%2BdJa6gmLA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8076ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"45a0973fd473f6545bf1268fe29f4dfc","sha1":"efe037eb2e30a3e350a8bad79f9d652928b10967","sha256":"9683ca52210bb0f7c37d8dd34495197d45c00579266a940489076754b375264d","sha512":"8b8f095fc485658dfe07a5c4124286d0537866434ec29e9842c1539799af1d1bd8173a6d554bdf5f045df9ec81e56bcc689974aef658d0865452284af4a355b3","ssdeep":"1536:GlzO4/HjqUYXe1SMUDc1nDHnZNBhlE5Xw4ff1v6ViMWO:azJHjqvAtecFnnf65gxi1O","tlshash":"934302b493f8bd725a0b4cad69fa4526008adc20629f3e75923b39d6086335f0157e3b","first_seen":"2025-09-30T17:15:07.063954Z","last_seen":"2026-06-03T14:38:34.540312Z","times_seen":357,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/2.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /2.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 11646\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"4839cefb1ead1139d03382d2cd43dfc0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=guyTcWCc%2Bl%2BHKzAhHqNd42qux1qCwjX4FoCvcWqM%2B0Y%2BXdoEt3RPaWc0H9ia%2B4VuLnnUwE4r9bAb4O%2B%2BXGsSifmSxOr3vzVP%2BdY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8276ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c77454b0b212e4078cac85b3f1616f1","sha1":"924455b3b0dca72d5888cb0b7da65ab5a5352a99","sha256":"4839cefb1ead1139d03382d2cd43dfc0b43625eb99d81f3adbf63d37680a6d14","sha512":"d52cf67b6a3b68c70f2c1d8ee423b8c145f12347411e74677bd07c512397b18920cd7a1e12e1b3bf028a35d98426f92678f197300b2434ccbcc285b1e6ec87f1","ssdeep":"192:MtuEcsbpDqD5WwFZW8jON8Jp+VC9xaDUAJzkPUaAvHa22W+1rSBT6RFBCHNl:wujstqJFQUONIpwC9xCUAK3Ca2n+3BCf","tlshash":"5d329fcba38f79b085640231316f8513b56a7484f1f8d99758cf177b3ca5a39c8e14b2","first_seen":"2025-09-30T17:15:07.076567Z","last_seen":"2026-06-03T14:38:34.514207Z","times_seen":370,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/4.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /4.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 2640\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"b1ccadcb9c57c9a2990d487b6ad8eb73\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lhJHYWNLcrm56bF%2BUT7%2BdI9Uh0oPP4lkC7n7%2BtURbPStxFxUfnCfFiDVj%2BBG0n2zBTfyrIfKv%2B5iaS7827SYpzeNuoqrPLLgUGE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"068cfaccde163ad6416ccbd3e64cf73a","sha1":"c3ef4658642c3f268fa6567351324dc5ae202755","sha256":"b1ccadcb9c57c9a2990d487b6ad8eb7323993348d6020a28793643f56c5b9f95","sha512":"dc6f2deacc9405d5b31cac5efde90853ca958a3bbbb7da4586bb932db7fe9846b5c20502a282f2cf1535a3ab19acefcc9d89d9fc74fa3d3bbf3772937868dfdd","ssdeep":"","tlshash":"8d515c4372632a042710b1ae7a0f0a80b916e363a3d0d0f4de94af3527562cfdc720cd","first_seen":"2025-09-30T17:15:07.069315Z","last_seen":"2026-06-03T14:38:34.518906Z","times_seen":359,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/5.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /5.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 2984\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"d54d30af672b70a35c3ee6a34f0407ab\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A2O8ngSITLYRJUrArcd9Mqax4vx2UtfuuZB4lhmqQSXXXWOvCxJilnRxCwog056aAYbp36UmuApVNZkUEtZP2zvbCWl%2FzHAfAfw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2984,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2d1617bdc152c6bbfe3cc95409655a35","sha1":"7c222b20182227583dd82c0bc31e3fbb5eeb4ddb","sha256":"d54d30af672b70a35c3ee6a34f0407abec8adc3dae40836109f2a309b2bfe594","sha512":"ac01a6d5576725ebc39e5ad40be604e168d91b8795f0cd03585b080ff88005599feb73804bae2bddaa406350f8180767f1824808ddd64e8a83267595d6fbd260","ssdeep":"","tlshash":"59512df9db30d56d478fe91ea83567b868df2843c05c95058da5d1ebd54c320d193b60","first_seen":"2025-09-30T17:15:07.055952Z","last_seen":"2026-06-03T14:38:34.504454Z","times_seen":370,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/6.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /6.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 9428\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"aa28c4ce43bbd971e3febb155bd3d1fb\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fc4IsOK%2FcGP05VEUzPvrhNof1BkopjFHMGTa3gCOlV6YTU28IijTZuOtPszd%2BkUMjdYR0aiPiBCE%2F2Getwx%2FupJbcbRUUvdzD2k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508cd8876ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9428,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d19d5b8b0d337eecb20c486d19023741","sha1":"8d4c401716031406eeb2f541f1df07ce0df0cf0a","sha256":"aa28c4ce43bbd971e3febb155bd3d1fbb09ee0863bda48cd192a4c28877e0359","sha512":"0193b4b9a48db64b8a8f9bf67a6d1b15cbb804fed9561ed8020b373794f479cdbc426f3ed0fdff881ac1df39bf9009e2e7c76b5bc5ff030603bdd1e47470815c","ssdeep":"192:t5CyRlviNpkm3jaxZws9jj1WstykSOZIY4qRmwzO6HFq5Ch86hzQdRL667Fy4J:t5CYvi3kFxZfjjsoykSOSYfMluFqw8+0","tlshash":"a312ae980e3aee7b74108bb4ee29325ef63a1360f3fc9b597a4295901359d0727c9c49","first_seen":"2025-09-30T17:15:07.071237Z","last_seen":"2026-06-03T12:36:21.539737Z","times_seen":351,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/7.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /7.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 7266\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"de5cd14e02a35aefca76af5dbc1205b8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o2prYPT99KlehPv8PaTpvJi%2F11bXst4pKOdgI9%2FNFmPM50HySXzvjv7AkbXz72eWCZXSNxqU7jrpfKpujdY19GoLaLcTnC2Shdk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508cd8776ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7266,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b193335cb4bb7c6c0b15cca932c55f2","sha1":"bc0124752cebe2e87a26cb9bad3872084dffa98d","sha256":"de5cd14e02a35aefca76af5dbc1205b8f8df7c0b0892baca18102dc16880e6a0","sha512":"c127957415e21fa8f705d0504a9d574d12428e722316ffaf0533bc2e290ff5314fe9986c0ad79575bd7efd44e78ca680948b43a3e98482b3ce0212460d436bd6","ssdeep":"192:X4cQiL7swHNgx+TBYHQXFE59PfxXMSYqTk:XD4wtK+Tqou9Hx8SYqTk","tlshash":"cee1ae5b97c72e60974dbceffeca33536470143d0d11a3938a2b12db107668a1b91ac0","first_seen":"2025-09-30T17:15:07.079612Z","last_seen":"2026-06-03T14:38:34.519735Z","times_seen":370,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/11.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /11.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 16580\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"13dfe760e11e584feca95e882c723ef5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bXQ7GFqEzvXBP6b1RfIfsZYJZjPOwH3HT9qe%2B13cllRKYsKFn2%2Bo%2B%2B4GSAmdMu2OuzCJWyRM0S8LHjUoK0l1HsVElDePNr%2Bf%2BK4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8176ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"219accc7f77ce773b0a35c85aa007167","sha1":"2c24508f752f992c2bab45ee58ff1259a341552f","sha256":"13dfe760e11e584feca95e882c723ef5af5789f90910a57c1595cd26c6f96a56","sha512":"d2b71f61314026636194ca89dddff558870c50658f136fce1c32332f5b112d6d376e6c744ad572c172cbec63817723a75f880f497a02a6caf149d2439f59151a","ssdeep":"384:ov4fsUAqn2wMMKYYCrB4kfnhc5u0nbgdzM5B9ZB/L4LAc:64fsUAqyMKYYC17nh0u0bgdMn7RcN","tlshash":"fe72e1fda47173308c87823939c68c1d14b19acf9caa27565cdf27f1b19e27c6a74452","first_seen":"2025-09-30T17:15:07.077773Z","last_seen":"2026-06-03T12:36:21.538813Z","times_seen":337,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/1.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /1.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 3444\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"cde1dc1e302419749339a4070dd32b5f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nz0wi9Js8o%2B8LQUFK%2BHwW0MWgcJRoDfPE%2FoqKFfJ%2FMfVY6jE9MkoAiTRi3tbcJt7YTB0hhfkwH0o%2BtJBy9Esv03D5mUnN3k6VKE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c4229ccfa2f7bd9aedbd7564a62271b3","sha1":"bc5ef0055ef56e8eb04c0b8ac041a61a94f6234b","sha256":"cde1dc1e302419749339a4070dd32b5f7009da9eef2810fe7f91887186893d0c","sha512":"08c14e435f89caf9cfe06d4a150f24e3f6a354c86e916415de3d75b29d19e246f34c7a1ed0e7d1f7db58213621b52e24101e11975c6fad7d55f3acaed580a75a","ssdeep":"","tlshash":"dd618e793682d8f9f4502be371e9b258c168b9a2ed654160e4c6d850bc8a76493ab940","first_seen":"2025-09-30T17:15:07.050786Z","last_seen":"2026-06-03T14:38:34.513229Z","times_seen":359,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/3.webp","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /3.webp HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-length: 51152\r\ncontent-type: image/webp\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\netag: \"fabd28e5a26acf947fbf7af38df17c5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CCC%2BawS1LYsUicHTzWEBVXM6Kh5rLf2uiES47dySKHDIUBC3Cz0tU05itv8N6XKRUEZvsWL0%2F3Ms2MiJK4vJMZrwFQILh7hfve4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd97508bd8476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ed66d899203784adfe6c2c8dd1939343","sha1":"14b8169d424fcb4290f155981ff1d69ce094dce0","sha256":"fabd28e5a26acf947fbf7af38df17c5bb62f93d252903e86fdf47c6db9f9d9ef","sha512":"929c0f67bc57aa84f41a1d80e6271d6b7bc1e297aa0067dfa736eee56e641a58e15b7a4ba8b0048998147cfb9c38742f8ef232262d8bced3161564e92f6a8c4c","ssdeep":"768:DnDRMPhTcJDJGGS7dih7CpEILJcpxUWuaAE7Knw0eZOG3CuX0haabAnKnY:LDRMPhTsDJodjiBuaA9et7XIRJY","tlshash":"9933d06c75a8a5ecbdec22af1116d74ec802914f13f84d6eda48a60316c79aedb3f441","first_seen":"2025-09-30T17:15:07.08107Z","last_seen":"2026-06-03T14:38:34.535035Z","times_seen":370,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/particles.js@2.0.0/particles.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6168\r\ncf-ray: 9cd975092f7f120a-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 2.0.0\r\nx-jsd-version-type: version\r\netag: W/\"59e8-UZOhrgIV5VxI3l3rU0rLB4Gjv70\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230023-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 17673\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=5xrCJdFRE3iz%2FEltyb2beWmKubYWar31NoXm6nXDHu4AeEgpxHSLOhOAeL8zSJdLRBG6AUIdoAdMLD3ThmYGTWDKIV%2BsoQFvpgQtReRFk8MQGt7xmrKQkcItZC44C3OUULk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23016,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22686)","md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-06-06T12:52:19.867069Z","times_seen":1017,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":23,"dns":1,"connect":4,"send":0,"wait":15,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gro15k.icu/favicon.ico","fqdn":"gro15k.icu","domain":"gro15k.icu","tld":"icu"},"ip":{"addr":"104.21.75.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro15k.icu/","date":"2026-02-14T03:25:15.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro15k.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 27 Dec 2025 11:01:38 GMT","end":"Fri, 27 Mar 2026 12:01:34 GMT"},"fingerprint":{"sha1":"3D:D0:6B:1F:1D:8C:22:8E:59:63:A6:8C:1E:D7:78:53:F8:EA:CF:08","sha256":"87:3C:E6:3D:71:34:98:40:FA:02:8F:BA:F1:C6:9E:9F:6C:B2:E8:1F:6F:EF:88:0F:F5:48:7B:DE:93:02:2D:08"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gro15k.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro15k.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Feb 2026 03:25:15 GMT\r\netag: W/\"951ed286ca1946f9c99768ef1736f052\"\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=0, must-revalidate\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WxhVmyc5tbHWNrpx2D%2BegTf9Czly9yuOJuaHFbRkTpw3GmmpQ88jUCOpQ2%2BT1TQvfJ79YFwXT2Ro9bsFdI8pWAqaaqk3KK8Si2A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9cd975098d9576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":54684,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a314da9f659a273c951c5a8b0ab4a46a","sha1":"efdf35fe9a86ade33e237b0df23ff6ff14b7cf7a","sha256":"951ed286ca1946f9c99768ef1736f052f93966d115889afa491ce309caf35f55","sha512":"e649b71989aa0df5b242946c0c385cb557ce4347a80577d55f93c6822a194d020353a900a6ba816858714828051e4f37972b0c0372762379250da2447dc69d65","ssdeep":"1536:Ulxox5vAnVJ09eeoZ2sYuJBTE/lPbxRPJxAgvcDCZuNs:Ulxox5v8eeJXBQ/lPbvxxjv2CZui","tlshash":"3633022c99d188ef73fb38995017eaa745a1688466dbef8cd7e305f07e72624035e843","first_seen":"2025-09-30T17:15:07.073613Z","last_seen":"2026-06-03T12:36:21.52203Z","times_seen":345,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"gro15k.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}