{"report_id":"ee5d2855-a5d0-4142-a452-6bbcab4a3ecb","version":6,"status":"done","tags":["fake_software","scam"],"date":"2023-11-17T07:43:22Z","url":{"schema":"http","addr":"grt.gg/","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"title":"McAfee Security"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T13:10:11Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2016-07-26 11:37:06","last_seen":"2023-11-16 19:15:52","alert_count":0,"request_count":2,"received_data":7326,"sent_data":1116,"comment":"","tags":null,"fingerprints":null},{"fqdn":"translate.googleapis.com","ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":1005,"first_seen":"2012-05-31 09:21:21","last_seen":"2023-11-16 20:50:28","alert_count":0,"request_count":3,"received_data":85444,"sent_data":1685,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn-adef.akamaized.net","ip":{"addr":"23.36.76.194","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2014-03-18","domain_rank":125719,"first_seen":"2018-02-06 08:56:01","last_seen":"2023-11-16 14:24:39","alert_count":0,"request_count":1,"received_data":1600,"sent_data":473,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-11-16 19:39:31","alert_count":0,"request_count":1,"received_data":4197,"sent_data":445,"comment":"","tags":null,"fingerprints":null},{"fqdn":"translate-pa.googleapis.com","ip":{"addr":"142.250.74.42","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":1620,"first_seen":"2021-11-04 07:37:42","last_seen":"2023-11-16 20:29:03","alert_count":0,"request_count":1,"received_data":2285,"sent_data":522,"comment":"","tags":null,"fingerprints":null},{"fqdn":"translate.google.com","ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":1156,"first_seen":"2012-05-30 03:30:32","last_seen":"2023-11-16 18:24:44","alert_count":0,"request_count":1,"received_data":91512,"sent_data":442,"comment":"","tags":null,"fingerprints":null},{"fqdn":"grt.gg","ip":{"addr":"192.64.117.98","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2023-04-14","domain_rank":0,"first_seen":"2023-06-24 00:19:02","last_seen":"2023-11-05 08:41:16","alert_count":19,"request_count":32,"received_data":316906,"sent_data":16974,"comment":"","tags":null,"fingerprints":null},{"fqdn":"device-safety.com","ip":{"addr":"3.141.96.53","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-01-19","domain_rank":586131,"first_seen":"2015-11-07 15:04:32","last_seen":"2023-09-12 02:55:47","alert_count":0,"request_count":1,"received_data":159,"sent_data":508,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/jquery.minb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-04T06:30:42.91723Z","times_seen":125338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/interactiveb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c86caa46e7d49bc61c34d40a65c2f24e","sha1":"352abf3dac92589f85b0615db713bff9fdebae42","sha256":"87189ea7edc77163f3c577613635445a19f9bf7910e7d4384519619ae3b7aaa7","sha512":"93ece3ecf076dfbc0781667cab4b7a0e7bfdf78e7568009ad1ee902892bc507b8f674cf06d8618d9f66373ed459df52d086575e785e9f08ad42e2f09e1f0ef54","ssdeep":"192:0FY2SA3yWbie/4tWLhHZor5m8e5IvjMZt0Eby5gMD+VP2yVIH2SQyfIzEBkBm3od:0FYBAiWVQ/WgfjcDvFWvkc+AMMadJV","tlshash":"9372f0263b70528a3bd1213f313d9152f8623f191981eaece45e64a557f4b27feb08b0","size":16489,"data":"","first_seen":"2023-11-17T08:43:24Z","last_seen":"2024-08-20T19:08:53.986503Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/translateb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcd546809170dd574eb37b989529f69a","sha1":"2e227e144e3b4bd68064354d8a7fbc61125f624c","sha256":"350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920","sha512":"951853322e3b36e82db2ea08c0eff6520ba259599a0f4295db5f15129b412abd59b48d9667a70b24a647e22ac390362f2cdbd3ddff461472d7227689775733fb","ssdeep":"","tlshash":"1f21f15f3736902a00697caa97f798e87578661c01729a017f4ec44faf65fbc074c8d4","size":1157,"data":"","first_seen":"2023-03-07T01:03:48Z","last_seen":"2026-03-28T07:44:58.280256Z","times_seen":675,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/site-protectb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c47f7c71171eca259d1bf8b6bd018587","sha1":"acdbc51e5234ef33ba83548be3c39d6297a3e9b6","sha256":"9b03b0ca1ca957e987aa0b4777c751acf0e8d8814c0a3eb6b017be17872c4ce4","sha512":"24cfd65b608aeb7a1f76ea31aa5d8105df8a9d3a477f29cf2b7e4b3016aed402e9e8f80901d816fad995b1c72f5dc44f33faf81810044a9573d3cedd7ecab27c","ssdeep":"","tlshash":"1241399878e66d43182b71b92b0ff1d63d759407530dc8a43f0cbae8ef5d5e849864c1","size":2346,"data":"","first_seen":"2023-03-07T01:06:41Z","last_seen":"2025-09-07T07:53:56.788536Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/second_back_multib2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4034050f2be05cd41b77c4bb153f89eb","sha1":"395187f1b6ad0a67fcdede70756a1c455903d84d","sha256":"717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60","sha512":"6054139805c9fe9c8b9c0c3545dd80c3a0a84c9e962275bf1e15bf817f9ad7294222502e93b482b2f17559b323ef6d347fad9587720eef800865e6f4efc9e1dc","ssdeep":"","tlshash":"5141de5b6044413b16632a43cfaa71c930b331cdd556e904bb0cf896dfa871a834d3ec","size":2209,"data":"","first_seen":"2023-03-07T01:03:44Z","last_seen":"2025-06-22T16:01:00.430522Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.QZULjbPPeUA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrMmbGXYNsjZzDxWzGI_NEI9Wv5ew/m=el_main","fqdn":"translate.googleapis.com","domain":"translate.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"94b9f7c596c944da6873568cff3bae07","sha1":"5636bb9a09742513df33b8e2b80892e705ff7d90","sha256":"615c977731947f5a753754e53b7ec9bd1a5dfcc6df9c488d4c52e6c23ccb6124","sha512":"08f07d93982b6e134bd78f6b9f22fbff4d574fec77dc9b9d752296e60f7b8d718a2a3a5b3b51c9a480d02c90ad34ac769a7460d163abc55f4a30cb8a26f9b45b","ssdeep":"3072:eFxG+1x6HI1wDCPp4mXCzgoxGK2i5NuZbXOFjNGwZwkFu:H6Igoxn4ABu","tlshash":"f734e7d9b252b1669263f4a5513f004bb23b685af8484d7cb68cd8e26df085d027bf7c","size":235961,"data":"","first_seen":"2023-11-16T23:29:03Z","last_seen":"2023-11-18T00:28:09Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/mainb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5d72066c3c76bc98678dcb2aaae3c0d","sha1":"80ab6c57a947e982eead64d2e1d606c78b2b7bb0","sha256":"52ebb9df7e7270a69c8a603c9a7a9a00c75df4e2a3139b4a9ee88faac0209eb3","sha512":"737797bd485e60057a44fce2002dca5661395a09bea6f7415bb0e78a2cf766c88959176fe5584fd1420ebbfb73b8dc1b6496198cb0321ddf18a62eabde98a7cb","ssdeep":"","tlshash":"710140ec59eb3441a83731bd1faf51405130d257b15acc44b12d42876fe52169b6aaf4","size":772,"data":"","first_seen":"2023-11-17T08:43:25Z","last_seen":"2024-08-20T19:08:53.985738Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/js.cockie.minb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9e9a54501fc6f6e8918b2c0f2a53981","sha1":"3d530e6c830ccba6284e79c7245bb45d6f4f2197","sha256":"491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454","sha512":"d824d6dd64e863e6663a07987873ac59bdb3b6f8cb2d5bd43cef1faa5512163d824f3359b88d23df113972b2fd74e630013d68575b35dccff11115336f7433aa","ssdeep":"","tlshash":"f541d0dd34556874217baab403bf144970b9ba550896c0a0bb0ce1b5573d836c297bfd","size":2198,"data":"","first_seen":"2023-03-07T01:03:48Z","last_seen":"2026-03-28T07:44:58.279577Z","times_seen":632,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/_/translate_http/_/js/k=translate_http.tr.no.QZULjbPPeUA.O/am=EAY/d=1/rs=AN8SPfpAz6teoG5dyDoM9wL1Jf-tmdQ8sQ/m=el_conf","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b98a054d0d800c522bd6a7f5b258c02a","sha1":"8bb1d088eb50a804148573f6c6c8a7613282cc68","sha256":"adf0a4fc05563e099cbe3a6f33223cea76f7eb3ee4499bda3f4915af88d32d6d","sha512":"a1837179774c95fe5dc276a121b34425882cc6672f967da74e26f1ba887cdcc6517841ab4b7b3bd323834eafb6696cd0fd6d35f64e7e22de11b27b64ce9da2ad","ssdeep":"1536:X/zCE164vuwrBWo38RV5Wb6Ga+chJge+4EJNe8J7y1GOT4DniuwNWHe:XMuh3SWbXaZhJm4EJgJTkni0e","tlshash":"c2939588b6a271658267b5b5413f000bb27f59adf84c4dacb288d8e16df094d423bf7d","size":90819,"data":"","first_seen":"2023-11-17T08:10:17Z","last_seen":"2023-11-17T08:43:25Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"grt.gg/","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-17T07:43:05.966101085Z","timestamp":1700206985966,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 31 Jan 2023 00:52:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1788\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1788,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (603), with CRLF line terminators","md5":"131e407eed2ae303906c6e76e8cc7868","sha1":"d335121d3337d7cede1fa6c5be22ceaeee255b3d","sha256":"2f5000d3e4c628f43a00e8167b075910c2f6897477ecbf85af3d1d57e2f58dd4","sha512":"a43a7bfaecfc9f2c008c1025d75443c13cdf2629f6511fe92f93ba58d2708dcd9cc9d7a19d51cd47ad0460e87f7b926f1f23ba077bdb44d421b7e7d59d805842","ssdeep":"96:FLRopoU/UvyGmAewiq+JdGn+6H+dvJcWX++kVjyzobCyIUy3sEs/9bSemLaiwNe9:hy5/uGq2sDXeECsyXobSL+FJLE","tlshash":"aeb17453224f2509a2174172f3b39ad88b7a1456e63643f8716b3177b6c8700b6bb3bc","first_seen":"2023-11-17T08:43:25Z","last_seen":"2023-11-28T10:41:04Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/backblue.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-17T07:43:06.424536987Z","timestamp":1700206986424,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /backblue.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: image/gif\r\nlast-modified: Tue, 31 Jan 2023 00:52:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4243\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":4243,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 501 x 456\\012- data","md5":"4f7f4833de227ed0e6b58eafd7393503","sha1":"48c9e666c48589e83984610567266f173e5ba4d1","sha256":"5ecd3c65a71650f10ddc799403b682af2d866e50fc1ea30e972fd8c7df3f77e7","sha512":"517ecd449ef14fdad2e32995f43c1d485aaee3345688673c09cd68597f817abcfe24ef57e524932db5b7236e3c59e2d9408558ef4134437545c38940dc259c5d","ssdeep":"96:xHOFXZj0KbQWacUNykUUjdSDJRXiCIvl4M0MiiVQCve:xHOlZj5bHcyZUMR+q6QD","tlshash":"ec917eadb0185bb725d76c730fe8849d296a4d0eed3b9b36504e45023547ae48c544ef","first_seen":"2023-04-05T05:19:03Z","last_seen":"2026-05-04T04:09:23.512213Z","times_seen":130,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/fade.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-17T07:43:06.425316124Z","timestamp":1700206986425,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /fade.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: image/gif\r\nlast-modified: Tue, 31 Jan 2023 00:52:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 828\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":828,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 8 x 8\\012- data","md5":"4bc48ce355acd4732f33a79e29728e96","sha1":"cc84b98a41d3adc783212bf0f073b6464669e46a","sha256":"90d1006a9e216e01d7c5abc9fd812ee537b8caedc55a1ad885dded4e6520a5a1","sha512":"31953e52511e3924bd5fcfcfabd7e6e501417bb0ba3162f3acdb5dcfd81e1d8c5a637b02ee1918a5a23a7ea718b38e4af01a243a3d98f5a4f4a2b466e399da3d","ssdeep":"","tlshash":"8d01d21905f0e484cb9e40f6c8ce159d269cf606a0b2fbc32e81afb247195edc23de55","first_seen":"2023-04-05T05:19:03Z","last_seen":"2026-04-23T20:23:45.769777Z","times_seen":136,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-17T07:43:06.481Z","timestamp":1700206986481,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 31 Jan 2023 00:52:04 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2667\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2667,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14693)","md5":"33a01127f6013a4566355f0ee767aaac","sha1":"8c6705857e34ddaabde5edc7c52765076d5cefb5","sha256":"e57c9c37883f5582cc6e698f157e12ed9b0b96ec841eb0b45c6e9fdfb1d9b50b","sha512":"f538a9171d2236d7e80af976c7f26ce3fa15d630759d5e29fdd4ef32a642fa0af8c490b825ce0a7aa616d9ae35d1c490d18af0c1e24fe61749d1196965a91dd9","ssdeep":"96:PfS1L+J4yAwdydFQ/r7C1zyAUVLs3YRy9w2Y3xY3Ys2BjYUZo5BLBZiJeO5ZehZj:PUL+iRy7C14LSW3a3YiUa94xUxZJeE","tlshash":"9d6200b259bc20972ae344dcf292af087b92530ef7066848b3fc4f955fdec05a99b054","first_seen":"2023-11-17T08:43:25Z","last_seen":"2023-11-28T10:41:04Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/css/styleb2ee.css?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.712Z","timestamp":1700206986712,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/css/styleb2ee.css?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1771\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1771,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"ffa5421a0b7b7e9bdd28c477095cbd2d","sha1":"a002b9405c48b1bde2e432e4962c012566940dfe","sha256":"762bc3199e4d129e6c1d9a063a2a5b9d6bfaaa44d578f8e3129cbc781569d482","sha512":"280cdbf635a6117d1735a8e0fe2334e846202c8c79366e5592a3d5ff76c21841194b33cbb38cbc6b7e243b6ed0f827738d9666207e946e4f0f756ed36b12c74a","ssdeep":"96:/KvMkUAYSC0Rba5O5EQHU/MU6OU6HoML0Bm+yNbUeUNzXfzF8FPBFPYFP3FPeFPd:/Kv03B+yFUzzXfw7+dIATlJzF+8fC","tlshash":"07624768d8065201763bfaa86f500766e679005baf031a3c37f6a3419ff14bc55b6eec","first_seen":"2023-04-11T13:01:00Z","last_seen":"2025-02-21T23:01:07.512316Z","times_seen":12,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/css/translateb2ee.css?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.717Z","timestamp":1700206986717,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/css/translateb2ee.css?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 193\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":193,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"64836db20736f1e7995b43489b4bf0ac","sha1":"a0db33db05acb39dd01d9f19f5eed634682b0ead","sha256":"d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87","sha512":"36f7c80a679adb8cfeade3e751fd20d9f86669db1e4dacfa9b36a25f17503a0cd223026bf8d2be8a287a1b43ad0fc10404a0c4372a408c34c7f9a6ea7c39c8b9","ssdeep":"","tlshash":"b1f0f97abee20240bb1142501bd97fbe9e3584234141dd7f7ad16b208fa33c749c0a70","first_seen":"2023-04-11T13:01:00Z","last_seen":"2025-11-15T22:39:33.277337Z","times_seen":50,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/jquery.minb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.722Z","timestamp":1700206986722,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/jquery.minb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 29664\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29664,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-05-04T06:30:42.91723Z","times_seen":125338,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":338,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/mainb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.729Z","timestamp":1700206986729,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/mainb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 304\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":304,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"f5d72066c3c76bc98678dcb2aaae3c0d","sha1":"80ab6c57a947e982eead64d2e1d606c78b2b7bb0","sha256":"52ebb9df7e7270a69c8a603c9a7a9a00c75df4e2a3139b4a9ee88faac0209eb3","sha512":"737797bd485e60057a44fce2002dca5661395a09bea6f7415bb0e78a2cf766c88959176fe5584fd1420ebbfb73b8dc1b6496198cb0321ddf18a62eabde98a7cb","ssdeep":"","tlshash":"710140ec59eb3441a83731bd1faf51405130d257b15acc44b12d42876fe52169b6aaf4","first_seen":"2023-11-17T08:43:25Z","last_seen":"2024-08-20T19:08:53.985738Z","times_seen":3,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/interactiveb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.731Z","timestamp":1700206986731,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/interactiveb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3190\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3190,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16489), with no line terminators","md5":"c86caa46e7d49bc61c34d40a65c2f24e","sha1":"352abf3dac92589f85b0615db713bff9fdebae42","sha256":"87189ea7edc77163f3c577613635445a19f9bf7910e7d4384519619ae3b7aaa7","sha512":"93ece3ecf076dfbc0781667cab4b7a0e7bfdf78e7568009ad1ee902892bc507b8f674cf06d8618d9f66373ed459df52d086575e785e9f08ad42e2f09e1f0ef54","ssdeep":"192:0FY2SA3yWbie/4tWLhHZor5m8e5IvjMZt0Eby5gMD+VP2yVIH2SQyfIzEBkBm3od:0FYBAiWVQ/WgfjcDvFWvkc+AMMadJV","tlshash":"9372f0263b70528a3bd1213f313d9152f8623f191981eaece45e64a557f4b27feb08b0","first_seen":"2023-11-17T08:43:24Z","last_seen":"2024-08-20T19:08:53.986503Z","times_seen":3,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/js.cockie.minb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.734Z","timestamp":1700206986734,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/js.cockie.minb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 843\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":843,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"c9e9a54501fc6f6e8918b2c0f2a53981","sha1":"3d530e6c830ccba6284e79c7245bb45d6f4f2197","sha256":"491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454","sha512":"d824d6dd64e863e6663a07987873ac59bdb3b6f8cb2d5bd43cef1faa5512163d824f3359b88d23df113972b2fd74e630013d68575b35dccff11115336f7433aa","ssdeep":"","tlshash":"f541d0dd34556874217baab403bf144970b9ba550896c0a0bb0ce1b5573d836c297bfd","first_seen":"2023-03-07T01:03:48Z","last_seen":"2026-03-28T07:44:58.279577Z","times_seen":632,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":501,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/translateb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.737Z","timestamp":1700206986737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/translateb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 431\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":431,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"fcd546809170dd574eb37b989529f69a","sha1":"2e227e144e3b4bd68064354d8a7fbc61125f624c","sha256":"350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920","sha512":"951853322e3b36e82db2ea08c0eff6520ba259599a0f4295db5f15129b412abd59b48d9667a70b24a647e22ac390362f2cdbd3ddff461472d7227689775733fb","ssdeep":"","tlshash":"1f21f15f3736902a00697caa97f798e87578661c01729a017f4ec44faf65fbc074c8d4","first_seen":"2023-03-07T01:03:48Z","last_seen":"2026-03-28T07:44:58.280256Z","times_seen":675,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":500,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/site-protectb2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.738Z","timestamp":1700206986738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/site-protectb2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:05 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 682\r\ndate: Fri, 17 Nov 2023 07:43:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":682,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"c47f7c71171eca259d1bf8b6bd018587","sha1":"acdbc51e5234ef33ba83548be3c39d6297a3e9b6","sha256":"9b03b0ca1ca957e987aa0b4777c751acf0e8d8814c0a3eb6b017be17872c4ce4","sha512":"24cfd65b608aeb7a1f76ea31aa5d8105df8a9d3a477f29cf2b7e4b3016aed402e9e8f80901d816fad995b1c72f5dc44f33faf81810044a9573d3cedd7ecab27c","ssdeep":"","tlshash":"1241399878e66d43182b71b92b0ff1d63d759407530dc8a43f0cbae8ef5d5e849864c1","first_seen":"2023-03-07T01:06:41Z","last_seen":"2025-09-07T07:53:56.788536Z","times_seen":13,"resource_available":true,"data":null}},"time_used":499,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":499,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/js/second_back_multib2ee.js?1618996908","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.740Z","timestamp":1700206986740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/js/second_back_multib2ee.js?1618996908 HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 654\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":654,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text","md5":"4034050f2be05cd41b77c4bb153f89eb","sha1":"395187f1b6ad0a67fcdede70756a1c455903d84d","sha256":"717b9e3b39eb201ec4cf8ade5f0ce9f2f2537b02b0b7f822ae159a8d1496df60","sha512":"6054139805c9fe9c8b9c0c3545dd80c3a0a84c9e962275bf1e15bf817f9ad7294222502e93b482b2f17559b323ef6d347fad9587720eef800865e6f4efc9e1dc","ssdeep":"","tlshash":"5141de5b6044413b16632a43cfaa71c930b331cdd556e904bb0cf896dfa871a834d3ec","first_seen":"2023-03-07T01:03:44Z","last_seen":"2025-06-22T16:01:00.430522Z","times_seen":53,"resource_available":true,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/logo.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.741Z","timestamp":1700206986741,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/logo.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4994\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 157 x 43, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0f00a5ca8441973c8bdb7adad8d10742","sha1":"575564b9a087ddfb14f5b2544c33e85565089d59","sha256":"f3c9f517b92df590f6baf628ed1e0bf794872d1c85ecfd163a3a242412e92a5c","sha512":"6871503e1e9d5a8c16ac2461a2491690c495dcfda1dc9e72e7086c1fe9b45e3b3be639ef0528f69c0efe0f4657056b681f4fad59a6cecf67f2d1aaa5486652d8","ssdeep":"96:O27xBttWNfItQTSiVFz/kIGxl+rncTm1BedxrYsuxBNHtPGB+:5TWOimiVEGHD4xrYjBNe+","tlshash":"64a18d85fc00d4d757a86a6239fe9192982f3980661dc26e36afc5a38ce11f5134b9cb","first_seen":"2023-06-09T19:14:49Z","last_seen":"2026-05-01T12:55:39.583345Z","times_seen":39,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/logo-white.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.743Z","timestamp":1700206986743,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/logo-white.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2013\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2013,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 415 x 84, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3c9430ab1ed0536d46dd917813f11c4d","sha1":"cc4057a93be6f92d7068a8b6d3bcd56f90f4e182","sha256":"c9170db9afee7b62db6dccbc35fe3111ec22caa8bc378b9804713035692cb986","sha512":"197a6e23ebb88d559a3233f26eee8794f107d7b162a4bbe45d1d32d1ed3683f68e8fc9e7b0dabc7745bd3a36f88d72406d1df6bd8d7071b6c67642d80f1081a7","ssdeep":"","tlshash":"1f412a7c984495a8e27e569d7bd2b42914384aa497a218e6c024ce370531c72839d7a3","first_seen":"2023-09-17T23:53:29Z","last_seen":"2025-02-21T23:01:07.525366Z","times_seen":26,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/win_min.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.744Z","timestamp":1700206986744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/win_min.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 128\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":128,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\\012- data","md5":"0bb86caf792dd7d24731c18cd37bb68e","sha1":"dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25","sha256":"2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622","sha512":"596bb05f2926273d35c4245f87ea3c278a60562e16a5af3755bf686ba836e5ce74088de278dfe4dbe4ea87b986f8191589b109e590f2989ef4d28a14319d46a5","ssdeep":"","tlshash":"d1b09bd1f3e56d94d55101b20454801094624b5545764a781b4f4d7d757c5154995605","first_seen":"2023-05-12T09:18:22Z","last_seen":"2026-04-29T19:29:02.055589Z","times_seen":481,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/win_cls.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.745Z","timestamp":1700206986745,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/win_cls.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 293\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\\012- data","md5":"9eb68d2ce05c151bda542a7a6356e22c","sha1":"baeeefe4a7ac657c10a5f081841015de1bcf90dd","sha256":"2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7","sha512":"46bcfb831a39b319bbd7a4626687d00b1327b26828f488a87f617dded744d404ed9e6fd6fd830af094976d1fec1873d3fbb35de7fd5ff3e731aed5f7ace162b0","ssdeep":"","tlshash":"f9e07dc6a795ed90b42201394541b814f0238131d20228596e86497d1b2402180c8542","first_seen":"2023-04-18T09:00:53Z","last_seen":"2026-04-29T19:24:29.966576Z","times_seen":486,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_gray1.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.747Z","timestamp":1700206986747,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_gray1.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 364\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\\012- data","md5":"e144c3378090087c8ce129a30cb6cb4e","sha1":"59da5466551de941d0215e45c54aa2ceaf436be1","sha256":"b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a","sha512":"3004885b1dcc8c8544024f3c1345b80ab6b50759f290a3545bfa4ed7ea93426e838b7a04556294298bad1c6198431fbde06e999628e45de10119dd1d4fabe32a","ssdeep":"","tlshash":"6ee0c0e6ea2ffd47d4884271725b4202889f0acc031147666b01d97b5067723d6cc121","first_seen":"2023-04-18T09:00:53Z","last_seen":"2026-05-02T16:55:00.507206Z","times_seen":6477,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_gray2.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.747Z","timestamp":1700206986747,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_gray2.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 349\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":349,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\\012- data","md5":"7454c652e0733d92de6c920c2d646ae0","sha1":"34a5bd8c7401f95e346895b0e5ccffbf0e9ad638","sha256":"44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7","sha512":"dde6d40bec105003cb93c52dd3322c26985fecc7ff1eab79547fb7f0365ab2fb7b1cba96aed81958c08627fc6c0ba6034bcec53b1b66705d7b04202e7f8b5b59","ssdeep":"","tlshash":"5fe0c0c37258dd78c5b100f20bf3a030946246420e3403f064014edc16a1e5431e048b","first_seen":"2023-04-30T21:11:28Z","last_seen":"2026-04-26T01:50:58.735177Z","times_seen":6391,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/pc_green.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.748Z","timestamp":1700206986748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/pc_green.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 723\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":723,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 120 x 97\\012- data","md5":"ea44081971aed96fbfa38fa187b6df4a","sha1":"a3ec8cd4c76f517584faef83f96e32683265bdb1","sha256":"e0f52d9433540bafa2f05fc3c04839b4990c2ce5ef718975a8d4eef9866f06be","sha512":"48fd037cbc1a7cf930719de90dc01d97b81029967256c3b3dd8dd10ee32c48f9f6094a18c692810a2f1d63c71af8bb8170bf019991d8c251ddba71b2bb9bec3c","ssdeep":"","tlshash":"e50110a295f92903e87511f8b89b2a01344be330486711bebc3ca07918662d5e14aad7","first_seen":"2023-05-15T21:48:45Z","last_seen":"2025-10-17T15:02:19.905557Z","times_seen":37,"resource_available":false,"data":null}},"time_used":705,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":705,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/corner.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.749Z","timestamp":1700206986749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/corner.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 102\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 24 x 9\\012- data","md5":"ef14d57c065fdbd3c66d017a729ca91f","sha1":"2e7b72d674361a9c2b41767ccfbed2486e6695dd","sha256":"6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36","sha512":"671931aee6f21e9e49b2bb09782e4cd20696472b29e584fdf2f7c32179cb177f9683a05f41ba6da81a09f0fa09800d2d1267412dacd2c70695a3a501ee28608d","ssdeep":"","tlshash":"60b0128dc0d53958eeef8bf66d81e03022807561011d0415d2291098b00ae08da71650","first_seen":"2023-05-09T22:11:06Z","last_seen":"2026-04-09T11:08:52.159723Z","times_seen":420,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl1.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.751Z","timestamp":1700206986751,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl1.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 511\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":511,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 80 x 65\\012- data","md5":"af3aca2036675c5979fb535c5d190f15","sha1":"70c4f17ef1a2afe0477c84c5d209fbe31760b657","sha256":"aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa","sha512":"3a8adf8376162f2b00f5212255790a1be76026f3e1f1dee418111baddc5747ab19be3ef76e0d60d84f7661a0989e06b7d59b6cdba782b6025081125801b4fe32","ssdeep":"","tlshash":"eff05404f1faf24cc00e3afc76366d0c26ca9360949604bb35709f61089d4f3ad8b50a","first_seen":"2023-05-12T09:18:22Z","last_seen":"2025-11-15T22:39:33.266777Z","times_seen":65,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl2.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.752Z","timestamp":1700206986752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl2.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1547\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1547,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 65 x 80\\012- data","md5":"af52e51f42fd0c55bc3cf2c8ece71492","sha1":"016f83da68ff461a5c6aebcc2a45668317b2f24c","sha256":"e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c","sha512":"ce74eb35187b0026c344efbf71f4d4b49b6771bdfdbbb961a60078aa46932d9e2ede7bdc40da60e5adb0c14ca2fd2e607f49ee3e30b3bc9b5225d8039f257229","ssdeep":"","tlshash":"b5312acc3ca6b2f7726220f008e36d00597981f19121488b2946b24f00c1bab287f2ef","first_seen":"2023-05-09T22:11:06Z","last_seen":"2026-04-09T11:08:52.146178Z","times_seen":448,"resource_available":false,"data":null}},"time_used":702,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":702,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl3.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.753Z","timestamp":1700206986753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl3.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 949\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":949,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 78 x 68\\012- data","md5":"da9d153375da51a616a7663f1504e3a5","sha1":"bd81fe60fe017bfe79be8c1afed88b659ff166d9","sha256":"9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04","sha512":"8cc15d9ff3c6e72ab2924c44b4722c4d4bcacef7dc29dfa5b135ffabc431c670de6fd333264dc916c9e1cbb1b56cbb9924518d7278c07e4f62d2d1747f2c8649","ssdeep":"","tlshash":"2c119494b6cb0199c98caff5069a2a10151112e4186e529fcafdc794c1b1ae4a3ef60d","first_seen":"2023-04-18T09:00:53Z","last_seen":"2026-04-09T11:08:52.15076Z","times_seen":448,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":701,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl4.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.754Z","timestamp":1700206986754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_bl4.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 662\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":662,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 78 x 84, 8-bit/color RGBA, non-interlaced\\012- data","md5":"7a11ddabe8ccece588c8aef50f5d12dc","sha1":"e36cd99c427e79f156e99bd8078c14be23aec42a","sha256":"15d874692f178f9bf819b8c13274b71ca400b0f37bfda1433834a959d0413dfa","sha512":"e9d769273ea70a6c93ca929e61e670ec6b019f3aa44a94703e84aa97b63c2c88c0572aaf1958e6c6fab5ebc3d73a6af128f213a9e97bec5be37b6068b97e8e88","ssdeep":"","tlshash":"1d0183a9aab0d46da3d0730022a804c09ab2cb80c063466e010b557e8dded1ac3ced10","first_seen":"2023-09-17T23:53:29Z","last_seen":"2025-02-21T23:01:07.528791Z","times_seen":26,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":701,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ring.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.755Z","timestamp":1700206986755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ring.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 315\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":315,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 29\\012- data","md5":"c3b64d6515c79193f47b3f6780840578","sha1":"0edb138e48313bbea641208092d9072cee89652e","sha256":"275e633fe30013ed09ab33d46f668be82c19c93ed3c66485a5bef53d74eeaa89","sha512":"a61e9d72689d06d9fb33f81df1251ed1bc20d5739f53607adc4e97c560635df4766ca326744c983140e0cae984534a4f193eccd0f0f05acb7c97c908fa2614a5","ssdeep":"","tlshash":"17e02d82e8e80249cf12503948081dc01220126f2041f20a0d80f246dca363b028bec6","first_seen":"2023-05-15T21:48:45Z","last_seen":"2025-10-17T15:02:19.913392Z","times_seen":37,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/cross.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.755Z","timestamp":1700206986755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/cross.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 211\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":211,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 29 x 29\\012- data","md5":"45b0c8a1e52d91e8cf84eaf75ebca9a9","sha1":"0e358b8571f9062dedfacd0c31d54179270153cd","sha256":"4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d","sha512":"26cba0a7705621d4481ec66b21bbbb390fc7d2fc5032286e1f6d5e2a2bb07ac39b14daad61782cdc4bbf1785f2f5e4f33a1864bf7450d03fce1183c13e964d1d","ssdeep":"","tlshash":"5fd0a761e943fa17e59105b0d625e55e82ba5004292472656957290b50d8406787b192","first_seen":"2023-05-15T21:48:45Z","last_seen":"2025-11-15T22:39:33.248638Z","times_seen":78,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/nrt_logo.png","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.756Z","timestamp":1700206986756,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/nrt_logo.png HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1658\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1658,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 65 x 37, 8-bit/color RGBA, non-interlaced\\012- data","md5":"552a64cb68788eda1e39803a214e6089","sha1":"bfdff83a307360453e686bc006e33baa3b7ac6e5","sha256":"76efdff7f7d19e2b7c161d769c023890a9304a98ac76c26a30d3b8a7dceeaed5","sha512":"af9587c24c769fcebc549bfec21eb5083603be3f27063f535f37e534c1206bb57f189412b6a43d2c84994ca028d3472714f8a079a71bcf350a3ce4a427905922","ssdeep":"","tlshash":"06311ab105d0a8b8d6ad64db981844306b7b9d6ac6d55294cb0082b1b435f31d70771d","first_seen":"2023-09-17T23:53:29Z","last_seen":"2025-02-21T23:01:07.541606Z","times_seen":26,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray1.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.757Z","timestamp":1700206986757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray1.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 69\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":69,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 16 x 16\\012- data","md5":"3ae573d079dcd1d2da4086f2c0c72c45","sha1":"e7c9dabec81379373476ed23168dcecb9b8c56aa","sha256":"9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107","sha512":"c1899b5e08f520b08e5f59ee380c5d108da99f2eaf5f1ef2fe6d078a1ecf92d83e0a86b98dd1e1bac7b3a360aceb9975d7815ffe3416954414a85fc487b2f513","ssdeep":"","tlshash":"31a00255cad056b9c51a2430058d581132445f96929d5191112b449daaa96370b69610","first_seen":"2023-05-09T14:36:54Z","last_seen":"2026-05-01T10:00:57.712712Z","times_seen":1097,"resource_available":false,"data":null}},"time_used":699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray2.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.758Z","timestamp":1700206986758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray2.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 377\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":377,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 16 x 16\\012- data","md5":"c10bdec858cb0cf9e6cc5865d5925746","sha1":"697c095ed5509e5a5af0c5ebf2380662aeffc531","sha256":"b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9","sha512":"7f07c1edf29cbc427e655b5d3fbbd123228275c55f49ef4e5c0fc1a987f4093c4736fd2dbf03c873630c4ff983d4ca8090d8785d05d7b15b638ae55165984fac","ssdeep":"","tlshash":"e2e0eb038b02b2b6ed9c00765e3ccc252602a30cb2efd103835984c8b024a98063a02c","first_seen":"2023-05-09T14:36:54Z","last_seen":"2026-05-01T10:00:57.738444Z","times_seen":1098,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray3.gif","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.759Z","timestamp":1700206986759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/ico_tray3.gif HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/gif\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 234\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":234,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 16 x 16\\012- data","md5":"9ce99ec458daf212f9812a90f3fadd13","sha1":"9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1","sha256":"b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753","sha512":"d1a4c2279ecaa2ca24515389cc9350ff872537dbc5cfc704f0896a83530d9f60650d979cb4da826e3a616ad74d21c5f0fc2781d08ab119393061bc49784af8fd","ssdeep":"","tlshash":"6cd0a756d9e09963db0c11b1f95d4d18751217a45edc06508a3e115470250b69b65051","first_seen":"2023-05-09T14:36:54Z","last_seen":"2026-05-01T10:00:57.725042Z","times_seen":1096,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Scam - Fake AntiVirus / Security software","verdict":"scam","severity":"medium","comment":"Asset commenly seen with fake AntiVirus fraud","tags":["fake_software","scam"],"meta":null}]}},{"url":{"schema":"https","addr":"grt.gg/cdn-adef.akamaized.net/landings/209606/1618996908/images/mcafee-total-protection.jpg","fqdn":"grt.gg","domain":"grt.gg","tld":"gg"},"ip":{"addr":"192.64.117.98","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:06.743Z","timestamp":1700206986743,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"grt.gg","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 14 Apr 2023 00:00:00 GMT","end":"Sun, 14 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AF:AB:55:4E:C6:AD:D2:CF:70:46:BA:7B:0D:F1:92:7C:15:16:82:0B","sha256":"E2:C0:97:BB:72:AE:BE:8E:E3:2A:0F:B5:F6:3F:53:F8:E4:2C:3A:6D:AE:EC:D6:BB:8C:69:02:97:0D:45:13:07"}}},"request":{"raw":"GET /cdn-adef.akamaized.net/landings/209606/1618996908/images/mcafee-total-protection.jpg HTTP/1.1\r\nHost: grt.gg\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 24 Nov 2023 07:43:06 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 21 Apr 2021 13:21:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 243629\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":243629,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2806x1200, components 3\\012- data","md5":"dd4acb73b402577e9296a3d02f01ae23","sha1":"390fc162fcacda7f0b3d918c3f144021767e237f","sha256":"ae61661052377eb572cbeeca552616f086fc47f15df4ba36092a20ba8146df69","sha512":"ade89eb3c063fb37d0d0695b2fe77ef73a5646e47f8b73e551388af7b49b22e6ae0e2a96e210636bace8a36c3ecffd511d1312353d5a76050acb4fe17f6946d1","ssdeep":"6144:YZTH/d6uvactlJjuGu1rbX1mPbcdFQ6KMjEfESVrFI2Sy:K7lpScDhZuNkjcPQ6IdTL","tlshash":"3534238193ed72812bfee2398f7813a8656bc1d7c1f317e14911ae24f961484a7709bf","first_seen":"2023-09-17T23:53:29Z","last_seen":"2026-04-29T17:46:40.372874Z","times_seen":27,"resource_available":true,"data":null}},"time_used":1003,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":348,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"device-safety.com/landers/vpn/vpn5/lp5/beep.mp3","fqdn":"device-safety.com","domain":"device-safety.com","tld":"com"},"ip":{"addr":"3.141.96.53","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:07.321Z","timestamp":1700206987321,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"device-safety.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Tue, 17 Oct 2023 00:00:00 GMT","end":"Mon, 15 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"AE:7F:1B:B4:16:37:EF:D9:A0:90:AB:4F:36:90:4B:7D:3C:14:85:A9","sha256":"A4:79:41:6D:46:07:8D:03:E8:E7:94:B2:B8:4D:50:A6:34:99:AF:97:0F:FE:03:0C:67:34:3C:08:33:01:03:25"}}},"request":{"raw":"GET /landers/vpn/vpn5/lp5/beep.mp3 HTTP/1.1\r\nHost: device-safety.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 441 No Reason Phrase\r\nalt-svc: h3=\":443\"; ma=2592000\r\ndate: Fri, 17 Nov 2023 07:43:07 GMT\r\nserver: Caddy, NginX\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"441","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"audio/mpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T06:33:00.377991Z","times_seen":14621252,"resource_available":true,"data":null}},"time_used":959,"timings":{"blocked":373,"dns":138,"connect":108,"send":0,"wait":212,"receive":1,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=EAY/d=0/rs=AN8SPfoU2FGM1I_RfldvhG-s7w9Owkk-uw/m=el_main_css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:07.947Z","timestamp":1700206987947,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:00 GMT","end":"Mon, 08 Jan 2024 08:09:59 GMT"},"fingerprint":{"sha1":"EB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28","sha256":"EB:45:AD:8B:1A:F1:E3:D7:2F:1C:1C:9A:0A:74:58:7C:98:F0:94:C9:73:5D:3A:09:A6:FF:EF:8C:01:EA:FD:F8"}}},"request":{"raw":"GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=EAY/d=0/rs=AN8SPfoU2FGM1I_RfldvhG-s7w9Owkk-uw/m=el_main_css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"rosetta\"\r\nreport-to: {\"group\":\"rosetta\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/rosetta\"}]}\r\ncontent-length: 3960\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Nov 2023 23:22:03 GMT\r\nexpires: Fri, 15 Nov 2024 23:22:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Sat, 15 Jul 2023 01:09:03 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 30064\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3960,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (20367), with no line terminators","md5":"72d3a735ccca1027f6b3afba2c93e3a7","sha1":"67f8eff8d17334c59c28fc1753bf451527c7490d","sha256":"c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1","sha512":"ae70156d631f3539cd3e48a28eef5b161294fb43302dc2ac3543cf23bf3b7062bbae00e304fbb44a17a1d21e35f891cf5f1fc8126c6ff3abf698594eb85c7cda","ssdeep":"192:nvqx/EhNINclXsfg0SbQ8CqA3ukLWS7FzvQVMsKJIfIxIwRpTpeuHjPtcn78l:gM78SY3fj7FzouZJqWfRpTpdHjPtcnG","tlshash":"1d92882047aed01967efa82364d36dff71d444db90523ee9af5a7352cd821f231ea214","first_seen":"2023-07-17T21:22:27Z","last_seen":"2026-04-18T04:44:13.351963Z","times_seen":20169,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":31,"dns":1,"connect":7,"send":0,"wait":8,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.QZULjbPPeUA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrMmbGXYNsjZzDxWzGI_NEI9Wv5ew/m=el_main","fqdn":"translate.googleapis.com","domain":"translate.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:08.014Z","timestamp":1700206988014,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:01 GMT","end":"Mon, 08 Jan 2024 08:10:00 GMT"},"fingerprint":{"sha1":"FA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9","sha256":"49:8C:6B:B2:97:76:80:4E:24:97:74:5B:32:58:34:BD:68:38:53:29:53:2A:A7:1E:4D:63:92:60:0F:60:FB:D4"}}},"request":{"raw":"GET /_/translate_http/_/js/k=translate_http.tr.no.QZULjbPPeUA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrMmbGXYNsjZzDxWzGI_NEI9Wv5ew/m=el_main HTTP/1.1\r\nHost: translate.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"rosetta\"\r\nreport-to: {\"group\":\"rosetta\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/rosetta\"}]}\r\ncontent-length: 83014\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Nov 2023 18:22:03 GMT\r\nexpires: Fri, 15 Nov 2024 18:22:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 15 Nov 2023 22:24:01 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 48064\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83014,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (2193)","md5":"94b9f7c596c944da6873568cff3bae07","sha1":"5636bb9a09742513df33b8e2b80892e705ff7d90","sha256":"615c977731947f5a753754e53b7ec9bd1a5dfcc6df9c488d4c52e6c23ccb6124","sha512":"08f07d93982b6e134bd78f6b9f22fbff4d574fec77dc9b9d752296e60f7b8d718a2a3a5b3b51c9a480d02c90ad34ac769a7460d163abc55f4a30cb8a26f9b45b","ssdeep":"3072:eFxG+1x6HI1wDCPp4mXCzgoxGK2i5NuZbXOFjNGwZwkFu:H6Igoxn4ABu","tlshash":"f734e7d9b252b1669263f4a5513f004bb23b685af8484d7cb68cd8e26df085d027bf7c","first_seen":"2023-11-16T23:29:03Z","last_seen":"2023-11-18T00:28:09Z","times_seen":75,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":38,"dns":21,"connect":7,"send":0,"wait":9,"receive":18,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-adef.akamaized.net/landings/209606/1618996908/images/favicon.ico?t=20230130195204","fqdn":"cdn-adef.akamaized.net","domain":"cdn-adef.akamaized.net","tld":"akamaized.net"},"ip":{"addr":"23.36.76.194","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:07.676Z","timestamp":1700206987676,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a248.e.akamai.net","organization":"Akamai Technologies, Inc."},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 16 May 2023 00:00:00 GMT","end":"Wed, 15 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"A3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9","sha256":"22:72:3F:E9:0C:8C:B6:2A:43:CC:52:84:08:56:46:13:07:5E:76:AC:F7:FF:45:E9:54:2C:7C:E7:7C:6D:B3:72"}}},"request":{"raw":"GET /landings/209606/1618996908/images/favicon.ico?t=20230130195204 HTTP/1.1\r\nHost: cdn-adef.akamaized.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: C/eucNS1RWCVTkjZ3UclZ8r7aut3NRt1aPXnAB6/wZ4aAn/ANyE3uK3A+z2qUFTg3U2XYuam/jk=\r\nx-amz-request-id: 8970PV2WFB1FY17Q\r\nLast-Modified: Wed, 21 Apr 2021 09:21:51 GMT\r\nETag: \"ff7441c3264d89023f376e5319dad793\"\r\nAccept-Ranges: bytes\r\nContent-Type: image/x-icon\r\nServer: AmazonS3\r\nContent-Length: 1150\r\nDate: Fri, 17 Nov 2023 07:43:07 GMT\r\nConnection: keep-alive\r\nAlt-Svc: h3-Q050=\":443\"; ma=93600,quic=\":443\"; ma=93600; v=\"46,43\"\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\\012- data","md5":"ff7441c3264d89023f376e5319dad793","sha1":"1f0be835d947eb2de35d945ea5b9b92578a8cbd7","sha256":"93130759a18703dcad5862bc2fd2973edf9ab7e48ba2c0b4cd4fcfaf832df223","sha512":"b51514aaec63c9959575bfe4fcf91ae5ee784340d32966816fd932923a5e1707498d202523a4abfdc0b72702c54ff85778c80e9a11bc2bc0bd339533bc19510d","ssdeep":"","tlshash":"322196e2e1ac1aede59c44320df53ba9e1dd1b3ef018e6f39508159116d783f8c8618d","first_seen":"2023-05-01T15:51:58Z","last_seen":"2025-02-21T23:01:07.544764Z","times_seen":168,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":0,"dns":30,"connect":10,"send":0,"wait":397,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/images/branding/product/2x/translate_24dp.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:08.208Z","timestamp":1700206988208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:00 GMT","end":"Mon, 08 Jan 2024 08:09:59 GMT"},"fingerprint":{"sha1":"EB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28","sha256":"EB:45:AD:8B:1A:F1:E3:D7:2F:1C:1C:9A:0A:74:58:7C:98:F0:94:C9:73:5D:3A:09:A6:FF:EF:8C:01:EA:FD:F8"}}},"request":{"raw":"GET /images/branding/product/2x/translate_24dp.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=EAY/d=0/rs=AN8SPfoU2FGM1I_RfldvhG-s7w9Owkk-uw/m=el_main_css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"static-on-bigtable\"\r\nreport-to: {\"group\":\"static-on-bigtable\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/static-on-bigtable\"}]}\r\ncontent-length: 1842\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Nov 2023 05:20:13 GMT\r\nexpires: Fri, 15 Nov 2024 05:20:13 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 14 Oct 2021 09:08:00 GMT\r\ncontent-type: image/png\r\nvary: Origin\r\nage: 94974\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1842,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c69c796362406f9e11c7f4bf5bb628da","sha1":"e489ce95ab56208090868882113d7416abf46775","sha256":"4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82","sha512":"d3ad560ed0fd29be7d2cc434694f09e5a6fbea8b29c0611aecb54a1b73b4d722c53f42a19dae9e3d5d358444e50fb8fffbc39d67ce751bdbc8c861f6f95d3162","ssdeep":"","tlshash":"4e31f9fd129220437101ade72165eef798347c15f412da60ce65ba389c9fe20ed9a619","first_seen":"2023-04-05T07:39:29Z","last_seen":"2026-05-04T06:28:00.838993Z","times_seen":58776,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:08.182Z","timestamp":1700206988182,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:00 GMT","end":"Mon, 08 Jan 2024 08:09:59 GMT"},"fingerprint":{"sha1":"EB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28","sha256":"EB:45:AD:8B:1A:F1:E3:D7:2F:1C:1C:9A:0A:74:58:7C:98:F0:94:C9:73:5D:3A:09:A6:FF:EF:8C:01:EA:FD:F8"}}},"request":{"raw":"GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ncontent-length: 3340\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Nov 2023 23:23:19 GMT\r\nexpires: Fri, 15 Nov 2024 23:23:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 20 Apr 2022 14:24:23 GMT\r\ncontent-type: image/svg+xml\r\nvary: Accept-Encoding\r\nage: 29988\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3340,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (6225), with no line terminators","md5":"2bd5c073a88b83ed74db88282a56ddfb","sha1":"d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650","sha256":"ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09","sha512":"5c6c4a92e93fc0f6a675658cc84f6187fdebd3eee94efd07e24658736cba598f3bc7156b19834b13fb44c1d43fcb7df9fcca7f0a453037e30da76ba8f4b23b89","ssdeep":"96:+R2K3Z4n7tyVwip82hezk6227gLFoXhu1XuE20ot+pVY3YptWDzOzgXK3Zx:ql3KnxyGGMzb7noR20NTww33","tlshash":"c1d1e6f19309d815cd6a83d8cd9b8002aa1f25ddd50ac6cc7639fb3bd1a50eb1d2d7a4","first_seen":"2023-04-06T21:34:37Z","last_seen":"2026-05-04T06:28:00.849458Z","times_seen":62933,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":43,"dns":1,"connect":7,"send":0,"wait":8,"receive":4,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"translate-pa.googleapis.com/v1/supportedLanguages?client=te\u0026display_language=no\u0026key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4\u0026callback=callback","fqdn":"translate-pa.googleapis.com","domain":"translate-pa.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-17T07:43:08.388313848Z","timestamp":1700206988388,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /v1/supportedLanguages?client=te\u0026display_language=no\u0026key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4\u0026callback=callback HTTP/1.1\r\nHost: translate-pa.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ncross-origin-resource-policy: cross-origin\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Origin, X-Origin, Referer\r\ncontent-encoding: gzip\r\ndate: Fri, 17 Nov 2023 07:43:07 GMT\r\nserver: ESF\r\ncache-control: private\r\ncontent-length: 1392\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nset-cookie: NID=511=sX8HzYp_39yFBXk_e7MXtQX6gBvQgPWBCuSj0Q6vxdKk3-msgZGINf86eTI7ruZ5FsqcIG9QlF_mD1I2G7euf6RiSEZZZk-klj6-3hfMWb21VOeGs6WG8gBmcjK3Xg-6xdPmDQsqV9-WGwoI41z0JoAM1TTjCulNh_V8FQlMIaA; expires=Sat, 18-May-2024 07:43:07 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly\nCONSENT=PENDING+225; expires=Sun, 16-Nov-2025 07:43:07 GMT; path=/; domain=.googleapis.com; Secure\r\nexpires: Fri, 17 Nov 2023 07:43:07 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1392,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"a3eefe14b1b4698460d992bd1673a26b","sha1":"a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4","sha256":"87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067","sha512":"5429abca1696b0ae6bb44f5b85a135499f5fd27aad20e66832e31bd3f70cb40712c04f725c474960c2fd4c0322d30844cc24751990e8245405c364bd67a5201d","ssdeep":"96:AglPfFi0m2HalEA0eSglPfFW80m2HalEA0S:AglM0m2ZAfSglT0m2ZAv","tlshash":"d87266bae9b50d9b6a5e65b416fa2a03306041d74eac3c053b0c0e4c6fdfc1e6c7169e","first_seen":"2023-03-07T01:02:06Z","last_seen":"2024-08-21T09:44:26.13646Z","times_seen":9136,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translate.googleapis.com/element/log?format=json\u0026hasfast=true\u0026authuser=0","fqdn":"translate.googleapis.com","domain":"translate.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:18.216Z","timestamp":1700206998216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:01 GMT","end":"Mon, 08 Jan 2024 08:10:00 GMT"},"fingerprint":{"sha1":"FA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9","sha256":"49:8C:6B:B2:97:76:80:4E:24:97:74:5B:32:58:34:BD:68:38:53:29:53:2A:A7:1E:4D:63:92:60:0F:60:FB:D4"}}},"request":{"raw":"OPTIONS /element/log?format=json\u0026hasfast=true\u0026authuser=0 HTTP/1.1\r\nHost: translate.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-encoding,content-type,x-goog-authuser\r\nReferer: https://grt.gg/\r\nOrigin: https://grt.gg\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\naccess-control-allow-origin: https://grt.gg\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Fri, 17 Nov 2023 07:43:17 GMT\r\nserver: Playlog\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: CONSENT=PENDING+805; expires=Sun, 16-Nov-2025 07:43:17 GMT; path=/; domain=.googleapis.com; Secure\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nexpires: Fri, 17 Nov 2023 07:43:17 GMT\r\ncache-control: private\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T06:33:00.377991Z","times_seen":14621252,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translate.googleapis.com/element/log?format=json\u0026hasfast=true\u0026authuser=0","fqdn":"translate.googleapis.com","domain":"translate.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:18.216Z","timestamp":1700206998216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:10:01 GMT","end":"Mon, 08 Jan 2024 08:10:00 GMT"},"fingerprint":{"sha1":"FA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9","sha256":"49:8C:6B:B2:97:76:80:4E:24:97:74:5B:32:58:34:BD:68:38:53:29:53:2A:A7:1E:4D:63:92:60:0F:60:FB:D4"}}},"request":{"raw":"POST /element/log?format=json\u0026hasfast=true\u0026authuser=0 HTTP/1.1\r\nHost: translate.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Goog-AuthUser: 0\r\nContent-Encoding: gzip\r\nContent-Type: application/binary\r\nContent-Length: 301\r\nOrigin: https://grt.gg\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\naccess-control-allow-origin: https://grt.gg\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-Playlog-Web\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Fri, 17 Nov 2023 07:43:17 GMT\r\nserver: Playlog\r\ncache-control: private\r\ncontent-length: 131\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: CONSENT=PENDING+442; expires=Sun, 16-Nov-2025 07:43:17 GMT; path=/; domain=.googleapis.com; Secure\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nexpires: Fri, 17 Nov 2023 07:43:17 GMT\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"JSON data\\012- , ASCII text, with no line terminators","md5":"ca0b7e866005f6774d284b9f438ebfd2","sha1":"53644f5ee3640189bdb223473ba6a2d46606c556","sha256":"502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358","sha512":"939c4526c623db033ad40bfdc6c8848a1dcd0ca797f17fbbd89fbec1b49dededc16e89084b3759e62fa0ffc8fe896980b10a1ff8daee22736a70b08f1ee13e2f","ssdeep":"","tlshash":"58c08c50330469e1080e82c8c0026858228c903b46708cf10bbd68125d3234a1004854","first_seen":"2023-04-05T03:14:56Z","last_seen":"2026-05-04T06:33:32.080252Z","times_seen":514634,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translate.google.com/translate_a/element.js?cb=googleTranslateElementInit","fqdn":"translate.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.211.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://grt.gg/qcbf.yourdefensivedataanalysis.site/c/bbb44b06b6dd16f767c4.html","date":"2023-11-17T07:43:07.673Z","timestamp":1700206987673,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 16 Oct 2023 08:02:35 GMT","end":"Mon, 08 Jan 2024 08:02:34 GMT"},"fingerprint":{"sha1":"FD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F","sha256":"BF:65:26:40:A4:1B:39:0F:68:D2:7F:DA:8A:9B:03:1D:67:EA:6F:78:A6:5A:3C:C5:57:50:DA:38:E4:6B:D6:A5"}}},"request":{"raw":"GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1\r\nHost: translate.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://grt.gg/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Fri, 17 Nov 2023 07:43:06 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nset-cookie: CONSENT=PENDING+558; expires=Sun, 16-Nov-2025 07:43:06 GMT; path=/; domain=.google.com; Secure\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":90819,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2462)","md5":"b98a054d0d800c522bd6a7f5b258c02a","sha1":"8bb1d088eb50a804148573f6c6c8a7613282cc68","sha256":"adf0a4fc05563e099cbe3a6f33223cea76f7eb3ee4499bda3f4915af88d32d6d","sha512":"a1837179774c95fe5dc276a121b34425882cc6672f967da74e26f1ba887cdcc6517841ab4b7b3bd323834eafb6696cd0fd6d35f64e7e22de11b27b64ce9da2ad","ssdeep":"1536:X/zCE164vuwrBWo38RV5Wb6Ga+chJge+4EJNe8J7y1GOT4DniuwNWHe:XMuh3SWbXaZhJm4EJgJTkni0e","tlshash":"c2939588b6a271658267b5b5413f000bb27f59adf84c4dacb288d8e16df094d423bf7d","first_seen":"2023-11-17T08:10:17Z","last_seen":"2023-11-17T08:43:25Z","times_seen":3,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":49,"dns":20,"connect":10,"send":0,"wait":37,"receive":8,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}