{"report_id":"ccd44bfe-dcbd-4e31-906b-bd0a6d5004ee","version":6,"status":"done","tags":[],"date":"2026-04-04T21:42:17Z","url":{"schema":"https","addr":"gro90p.sbs","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"gro90p.sbs/","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"title":"GRO90P Official Pre-Sale — Get Up to 100% Bonus!","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"gro90p.sbs","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-09T21:42:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-29T22:35:00.993215Z","alert_count":0,"request_count":1,"received_data":23806,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"gro90p.sbs","ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-03-30","domain_rank":0,"first_seen":"2026-04-04T21:42:17.450153Z","last_seen":"2026-04-04T21:42:17.450154Z","alert_count":12,"request_count":12,"received_data":234935,"sent_data":5157,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","size":23016,"data":"","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-23T11:55:10.003644Z","times_seen":691,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6918d960f928347f538286edbee80a91","sha1":"a28324894d4d58d98129ddcb4c14435f5c629257","sha256":"112fa07f0eed14a6d2de10109404b320de48e3378d8bb5d6a00376891731baac","sha512":"c1b88912da321a0e2ef370f9b79c7f3e7fdd1323a12a108476669cccbb29ae8f149135ec5a5f2cf5cd441240fe8b494b6256d2cede89a78fe94e432d3408285c","ssdeep":"","tlshash":"c1116d1a5ef17a33006731261ebbd205143251c75a687d78beacc1189f19b8ee5e8f98","size":1024,"data":"","first_seen":"2025-09-30T17:15:07.082301Z","last_seen":"2026-04-06T19:20:46.150673Z","times_seen":283,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"gro90p.sbs/3.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /3.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"9c98b7ceb602cbc11958f9753b83b387-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HCGZFHJCBTWN0814XD\r\ncontent-length: 51152\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ed66d899203784adfe6c2c8dd1939343","sha1":"14b8169d424fcb4290f155981ff1d69ce094dce0","sha256":"fabd28e5a26acf947fbf7af38df17c5bb62f93d252903e86fdf47c6db9f9d9ef","sha512":"929c0f67bc57aa84f41a1d80e6271d6b7bc1e297aa0067dfa736eee56e641a58e15b7a4ba8b0048998147cfb9c38742f8ef232262d8bced3161564e92f6a8c4c","ssdeep":"768:DnDRMPhTcJDJGGS7dih7CpEILJcpxUWuaAE7Knw0eZOG3CuX0haabAnKnY:LDRMPhTsDJodjiBuaA9et7XIRJY","tlshash":"9933d06c75a8a5ecbdec22af1116d74ec802914f13f84d6eda48a60316c79aedb3f441","first_seen":"2025-09-30T17:15:07.08107Z","last_seen":"2026-04-22T13:51:28.995113Z","times_seen":348,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/4.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /4.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"23613bc934f0cbf322a3268e8d615dea-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HJDHZWHSGM8JCY8KVK\r\ncontent-length: 2640\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2640,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"068cfaccde163ad6416ccbd3e64cf73a","sha1":"c3ef4658642c3f268fa6567351324dc5ae202755","sha256":"b1ccadcb9c57c9a2990d487b6ad8eb7323993348d6020a28793643f56c5b9f95","sha512":"dc6f2deacc9405d5b31cac5efde90853ca958a3bbbb7da4586bb932db7fe9846b5c20502a282f2cf1535a3ab19acefcc9d89d9fc74fa3d3bbf3772937868dfdd","ssdeep":"","tlshash":"8d515c4372632a042710b1ae7a0f0a80b916e363a3d0d0f4de94af3527562cfdc720cd","first_seen":"2025-09-30T17:15:07.069315Z","last_seen":"2026-04-22T13:51:28.970562Z","times_seen":337,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/6.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /6.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"27770ce7e5c04f27370150f7bb294a30-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HK1VMB163XVAQ0QHGW\r\ncontent-length: 9428\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":9428,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d19d5b8b0d337eecb20c486d19023741","sha1":"8d4c401716031406eeb2f541f1df07ce0df0cf0a","sha256":"aa28c4ce43bbd971e3febb155bd3d1fbb09ee0863bda48cd192a4c28877e0359","sha512":"0193b4b9a48db64b8a8f9bf67a6d1b15cbb804fed9561ed8020b373794f479cdbc426f3ed0fdff881ac1df39bf9009e2e7c76b5bc5ff030603bdd1e47470815c","ssdeep":"192:t5CyRlviNpkm3jaxZws9jj1WstykSOZIY4qRmwzO6HFq5Ch86hzQdRL667Fy4J:t5CYvi3kFxZfjjsoykSOSYfMluFqw8+0","tlshash":"a312ae980e3aee7b74108bb4ee29325ef63a1360f3fc9b597a4295901359d0727c9c49","first_seen":"2025-09-30T17:15:07.071237Z","last_seen":"2026-04-06T19:20:46.125045Z","times_seen":340,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/favicon.ico","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: image/vnd.microsoft.icon\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"ac4b4f9d4c72ac1313696f5f6809a3fb-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KND747VWE533RM8YKMNT5TY6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54684,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a314da9f659a273c951c5a8b0ab4a46a","sha1":"efdf35fe9a86ade33e237b0df23ff6ff14b7cf7a","sha256":"951ed286ca1946f9c99768ef1736f052f93966d115889afa491ce309caf35f55","sha512":"e649b71989aa0df5b242946c0c385cb557ce4347a80577d55f93c6822a194d020353a900a6ba816858714828051e4f37972b0c0372762379250da2447dc69d65","ssdeep":"1536:Ulxox5vAnVJ09eeoZ2sYuJBTE/lPbxRPJxAgvcDCZuNs:Ulxox5v8eeJXBQ/lPbvxxjv2CZui","tlshash":"3633022c99d188ef73fb38995017eaa745a1688466dbef8cd7e305f07e72624035e843","first_seen":"2025-09-30T17:15:07.073613Z","last_seen":"2026-04-11T13:37:11.591165Z","times_seen":333,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":133,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-04T21:41:55.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"e17c4700113a8e3b8b8f53bbd6d1ae33-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KND74779S78ZZ7NFW17ZRY1V\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12844,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ff324d1c43fad6f8504854b5f302fd2b","sha1":"6d010bca2afcbe4c302b068df90a887f8c23d569","sha256":"7ee98ea8b09c53852f8e2bc4e5ed8a093ee2049785adc5b9341adf2eaa0bc873","sha512":"f35f8b61300195221d21c3c8c4b4621ebe16cfb615b1b86eca27568098453d32e95fc8559f12448f94c0dad555843282950420a5421b6f0729e493f8ba65643a","ssdeep":"192:hVTXE+1mhHhQ9cOJDrhGUoFYpjZKE7UHJ2wx6lZ1e:hRSBlsukDQ","tlshash":"a3427463d9446823113243a0bef2a349f799420f96040c66bafc756e5ff3ba48993f4c","first_seen":"2026-04-04T21:42:21.860083Z","last_seen":"2026-04-04T21:42:22.11306Z","times_seen":2,"resource_available":true,"data":null}},"time_used":11072,"timings":{"blocked":5465,"dns":5306,"connect":1,"send":0,"wait":138,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/css2?family=Inter:wght@400;700\u0026display=swap","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"3fd3d02e381f6520dd9247845b29b147-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747H1KMZKHH82Q9RKFX2D\r\ncontent-length: 409\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":409,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text","md5":"60b4e28606439c00e6d0e7364b2b091a","sha1":"23b47d11e7d32c39aea5b286e25a794a1f38b5be","sha256":"bd6b86f3bb8f3b4b9bd1cd2400be3689ce338224003060d3d02dba51a50f65b8","sha512":"cf068877c3058d3a4202777e5c763a814fc6cb0e7b6fefbb97a16ef61413563bafbca74071081ea342f9a3a9fed09c7b03920ff0e6401f7fdd46ad02098f56c1","ssdeep":"","tlshash":"46e02240002f1611c91a1e6d33cf3f2d2ecc29881042c1ac4b350c959dea06a8345fde","first_seen":"2026-02-12T22:26:06.450132Z","last_seen":"2026-04-04T21:42:22.119317Z","times_seen":58,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/1.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /1.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"3b8f8440b2d99a8f235833e594085e21-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747H6M36ZHW6NB6THD66S\r\ncontent-length: 3444\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3444,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 225x225, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c4229ccfa2f7bd9aedbd7564a62271b3","sha1":"bc5ef0055ef56e8eb04c0b8ac041a61a94f6234b","sha256":"cde1dc1e302419749339a4070dd32b5f7009da9eef2810fe7f91887186893d0c","sha512":"08c14e435f89caf9cfe06d4a150f24e3f6a354c86e916415de3d75b29d19e246f34c7a1ed0e7d1f7db58213621b52e24101e11975c6fad7d55f3acaed580a75a","ssdeep":"","tlshash":"dd618e793682d8f9f4502be371e9b258c168b9a2ed654160e4c6d850bc8a76493ab940","first_seen":"2025-09-30T17:15:07.050786Z","last_seen":"2026-04-22T13:51:28.986756Z","times_seen":337,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/2.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /2.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"1dc2e1ed06e3c99b449e67a2c90602a7-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HAVH6K3X7T7PFCVT90\r\ncontent-length: 11646\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c77454b0b212e4078cac85b3f1616f1","sha1":"924455b3b0dca72d5888cb0b7da65ab5a5352a99","sha256":"4839cefb1ead1139d03382d2cd43dfc0b43625eb99d81f3adbf63d37680a6d14","sha512":"d52cf67b6a3b68c70f2c1d8ee423b8c145f12347411e74677bd07c512397b18920cd7a1e12e1b3bf028a35d98426f92678f197300b2434ccbcc285b1e6ec87f1","ssdeep":"192:MtuEcsbpDqD5WwFZW8jON8Jp+VC9xaDUAJzkPUaAvHa22W+1rSBT6RFBCHNl:wujstqJFQUONIpwC9xCUAK3Ca2n+3BCf","tlshash":"5d329fcba38f79b085640231316f8513b56a7484f1f8d99758cf177b3ca5a39c8e14b2","first_seen":"2025-09-30T17:15:07.076567Z","last_seen":"2026-04-22T13:51:29.000943Z","times_seen":348,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/5.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /5.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"836f69b91995c0a2a7b3937b8b02ef28-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HJS6A2DXDEHPX2M75P\r\ncontent-length: 2984\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":2984,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2d1617bdc152c6bbfe3cc95409655a35","sha1":"7c222b20182227583dd82c0bc31e3fbb5eeb4ddb","sha256":"d54d30af672b70a35c3ee6a34f0407abec8adc3dae40836109f2a309b2bfe594","sha512":"ac01a6d5576725ebc39e5ad40be604e168d91b8795f0cd03585b080ff88005599feb73804bae2bddaa406350f8180767f1824808ddd64e8a83267595d6fbd260","ssdeep":"","tlshash":"59512df9db30d56d478fe91ea83567b868df2843c05c95058da5d1ebd54c320d193b60","first_seen":"2025-09-30T17:15:07.055952Z","last_seen":"2026-04-22T13:51:28.995914Z","times_seen":348,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/7.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /7.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"21445621a7fdf084537f55b16c7056fa-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747HKKXFNNYJ3XP6YX98V\r\ncontent-length: 7266\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7266,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b193335cb4bb7c6c0b15cca932c55f2","sha1":"bc0124752cebe2e87a26cb9bad3872084dffa98d","sha256":"de5cd14e02a35aefca76af5dbc1205b8f8df7c0b0892baca18102dc16880e6a0","sha512":"c127957415e21fa8f705d0504a9d574d12428e722316ffaf0533bc2e290ff5314fe9986c0ad79575bd7efd44e78ca680948b43a3e98482b3ce0212460d436bd6","ssdeep":"192:X4cQiL7swHNgx+TBYHQXFE59PfxXMSYqTk:XD4wtK+Tqou9Hx8SYqTk","tlshash":"cee1ae5b97c72e60974dbceffeca33536470143d0d11a3938a2b12db107668a1b91ac0","first_seen":"2025-09-30T17:15:07.079612Z","last_seen":"2026-04-22T13:51:28.990674Z","times_seen":348,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/particles.js@2.0.0/particles.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/particles.js@2.0.0/particles.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.0.0\r\nx-jsd-version-type: version\r\netag: W/\"59e8-UZOhrgIV5VxI3l3rU0rLB4Gjv70\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\nage: 3245459\r\nx-served-by: cache-fra-eddf8230027-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 6168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23016,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22686)","md5":"6564e48cc953b8642b7c758cba09fd81","sha1":"5193a1ae0215e55c48de5deb534acb0781a3bfbd","sha256":"f368ba54ef5dc8c6613226de0e95b0a72239c33c3caec2f08c69a939ac9dbd1b","sha512":"930176f24c517cbed366421590f5ddab5443ccaa1f09f2ada62c9c851453bedbef5c0e1580402f2430100b0dae357269f58505d5d541b4dfd10dbb9f082bcba7","ssdeep":"384:WfJ//vWKyCN3yHEPepmcBzAbix29ZzHNSA:QFf289ZzHNSA","tlshash":"08a2b34d23f73e77339a72e04bece1128b70a4d2399b04b0f93c667da5255a601de6a0","first_seen":"2025-05-01T01:56:50.052191Z","last_seen":"2026-04-23T11:55:10.003644Z","times_seen":691,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":97,"dns":1,"connect":26,"send":0,"wait":26,"receive":1,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/8.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /8.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"39d14f0cebaa8cd15b4f9865d8a2f1df-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747H33PXFD04ZPHW1HE9C\r\ncontent-length: 57032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":57032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"45a0973fd473f6545bf1268fe29f4dfc","sha1":"efe037eb2e30a3e350a8bad79f9d652928b10967","sha256":"9683ca52210bb0f7c37d8dd34495197d45c00579266a940489076754b375264d","sha512":"8b8f095fc485658dfe07a5c4124286d0537866434ec29e9842c1539799af1d1bd8173a6d554bdf5f045df9ec81e56bcc689974aef658d0865452284af4a355b3","ssdeep":"1536:GlzO4/HjqUYXe1SMUDc1nDHnZNBhlE5Xw4ff1v6ViMWO:azJHjqvAtecFnnf65gxi1O","tlshash":"934302b493f8bd725a0b4cad69fa4526008adc20629f3e75923b39d6086335f0157e3b","first_seen":"2025-09-30T17:15:07.063954Z","last_seen":"2026-04-22T13:51:28.985789Z","times_seen":337,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gro90p.sbs/11.webp","fqdn":"gro90p.sbs","domain":"gro90p.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gro90p.sbs/","date":"2026-04-04T21:42:01.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gro90p.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 17:54:08 GMT","end":"Tue, 30 Jun 2026 17:54:07 GMT"},"fingerprint":{"sha1":"C3:11:3D:53:EB:13:64:98:EA:D2:18:A7:04:B5:1B:41:5F:9F:B0:72","sha256":"92:27:D9:F9:28:46:83:ED:E7:B3:7D:1C:62:2C:3F:02:D9:9F:8C:C0:0E:80:BF:A4:1C:71:31:88:D1:20:F1:1A"}}},"request":{"raw":"GET /11.webp HTTP/1.1\r\nHost: gro90p.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gro90p.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/webp\r\ndate: Sat, 04 Apr 2026 21:42:01 GMT\r\netag: \"60ccbc2ca61709623b6242afebfb6731-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KND747H4DWV5NN408P8V06M4\r\ncontent-length: 16580\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":16580,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"219accc7f77ce773b0a35c85aa007167","sha1":"2c24508f752f992c2bab45ee58ff1259a341552f","sha256":"13dfe760e11e584feca95e882c723ef5af5789f90910a57c1595cd26c6f96a56","sha512":"d2b71f61314026636194ca89dddff558870c50658f136fce1c32332f5b112d6d376e6c744ad572c172cbec63817723a75f880f497a02a6caf149d2439f59151a","ssdeep":"384:ov4fsUAqn2wMMKYYCrB4kfnhc5u0nbgdzM5B9ZB/L4LAc:64fsUAqyMKYYC17nh0u0bgdMn7RcN","tlshash":"fe72e1fda47173308c87823939c68c1d14b19acf9caa27565cdf27f1b19e27c6a74452","first_seen":"2025-09-30T17:15:07.077773Z","last_seen":"2026-04-06T19:20:46.130334Z","times_seen":326,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"gro90p.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}